I am a programmer for the United States Air Force, and I am interested in using moodle for testing airmen. I think it would be a great asset and would directly help teach airmen all over the world. Because the military is so strict with what goes on their servers i would like to know if any form of D.O.D. is using this. If not then i will have to start a long and vigirous paperwork path that might take months. So by chance that someone might be using it out there i would like to know.
Catch-22 with your question, mostly for security reasons. Quick answer from my pov is that a few right now are seriously looking at Moodle and once they have their security questions answered we think there will be a significant deployment. I am not referring to Moodle security (that's pretty good). I can tell you more about the security issues related to delivery of sensitive training content offline if you're interested.
Other issue is SCORM. Moodle is not yet SCORM 1.2 compliant (being tested now by ADL) or SCORM 2004 (there are 3rd party work-arounds that are compliant). The DOD was instrumental in the development of the SCORM standard and is a stickler about any technology they invest in being SCORM compliant.
Well i know what SCORM is and i didn't even think about asking that! I can see what your saying i believe that we might be able to pull it off on Altus AFB. The reason i say that is we have some pretty cool guys at COMM and we just might be able to get it on our intranet servers. Even then our base will be taking a huge step up in military training! I'm very excited to see were this goes. Bryan are you a government employee you seem to know quite a bit about us.
Be very careful who you take your security advice from Dana. Mr. Williams is about as incompetent as they come. Read some of his security posts in the using moodle forum. You can start with this one:
Post an email contact if you want more information. If you put your name on this product and, especially of you join forces with Mr. Williams, you, and your military career may very well regreat it. Just a frendly warning. Of course this will be deleted, but it so, I'll post it again.
I suppose the real question would be to what extent the systems contained classified information or were internal to existing DOD firewalling or other security infrastructure. Based on some of the press we have seen about exploits against DoD. one might argue that DoD's approach is reminiscent of the discussion on moodleus.......
I do agree that Dana should read the entire post referenced by cosmo (if you can stay awake). It points out that you can in fact stand up in a theater and yell fire, when there is none, as long as you don't get caught. Fact is, some organizations that take security to an extreme are using Moodle.
** http://www.tes.co.uk/article.aspx?storycode=6008670 Didn't a similar source also note somewhere that remote-learner's clients were similarly impacted? Since it was months between when such sources started opining about the situation and the discovery by the Moodle Partner clients mentioned by TES in its prior article that they had been hit with profile spam, one could argue that whatever the unnamed source did (I don;t recall any fire in any theater), it was still not enough.....
Would you like for me to post some pictures from a site where you were the Moodle administrator? Or better yet, would you like for me to post some links to current remote-learner.net sites? Just say the word and I'll accommodate
By the way, Moodle Partners world-wide have you to thank for the Moodle porn articles that hit virtually every major news outlet in the UK recently...one posted by Marc above and don't forget the first one here: http://www.tes.co.uk/article.aspx?storycode=6007883
Dana's commander wing commander and public affairs office will be well informed of the security risks involved (and the track records of some "professional" providers)...they can decide whether it's "extreme" or not.
We had a non-malicious hacker break into our Moodle site because one of the administrators had a user name of "johnson" and an identical password of "johnson". It did not take much brute force to guess that one.
I view profile spam in the same way. Since last fall, when the problem began to proliferate across the internet, I figure if you set up email self-registration, you should be ready to deal with large amounts of spam. You may want to blame the provider, but I see it as a user option. I prefer Moodle allow us the flexibility to do any kind of setup, even if it means I can invite spam.
But I suspect this is becoming a discussion not really about the security of Moodle. Maybe it is more of a personal axe to grind toward Bryan. If would you would like attack someone, attack me. I (like you) am responsible for the development and security of this open source system. I am completely to blame for any of its deficiencies. And I am sorry for any problems you may have experienced that hurt you or your students.
Did you ever figure out Moodle in the Government space? I work for the Army and I am looking at Moodle as well, would love any and all help.
Jonathon - email@example.com
we have Military Intelligence Professonal Bulletin (April-June 2012, PB 34-12-2).
Search for the keyword Moodle within this 39Meg PDF document and you might be surprised.