userEULA - acceptable use enforcement (VB .NET 2005)

[james.howell]

Before I say anything esle, I will say that this is my very first program having been learning Visual Basic .NET for a couple of months from online tutorials and lots of fiddling. Oh, and a few killed virtual machines lol!

Right, here goes...

I have written a program for work (IT department in an upper school) which when a user logs on it displays a form containing a RTF file containing the "Acceptable Use Policy" for the computers, locks their keyboard and restricts their mouse to the form bounds. A timer polls for a window with a predefined handle, and if it exists, kills it. This is to mitigate the fact that I could find no way to disable the users from CTRL + ALT + DEL therir way out of the restrictions. If they can kill the app in the 1/10th second (default) they get then they deserve to do what they like

It forces the user to wait x seconds before they can dismiss the window (intended to encuorage them to read it, and to avoid the claim that they just clicked OK and didn't have chance to read it). They must also tick a box stating they have read the terms, for the same reason.

Once they accept the displayed terms of use it will go away and the mouse and keyboard are released and from then on they aren't prompted unless the terms change, they only receive a gentle reminder. If they declione the terms of use then they are forcibly logged off, as if they do not agree to our terms of use then they are not entitled to sue the computers.

Right, now to why I posted here...

Seeing as this was the first proper program I have written, I wanted to know if I am doing anything stupid, the wrong way, or breaking any unwritten rules. The program performs how I want it to, and seems to be very light on resources, but I just thought it would be worth a psot here, as I am intending to roll this out on the network in September, and would liek to make sure.

Thank you in advance for any suggestions / comments etc.

If you are interested at looking at the code for my project, drop me a PM and I will send it to you, as the zip of it is 1.2mb and it won't let me upload more than 500kb.

[Graff]

I have written a program for work (IT department in an upper school) which when a user logs on it displays a form containing a RTF file containing the "Acceptable Use Policy" for the computers, locks their keyboard and restricts their mouse to the form bounds. A timer polls for a window with a predefined handle, and if it exists, kills it. This is to mitigate the fact that I could find no way to disable the users from CTRL + ALT + DEL therir way out of the restrictions.

That sounds very draconian and user-unfriendly. Displaying the End User License Agreement with an Accept/Decline button is more than enough, if they user doesn't read it then it is still their fault for failing to comply to the terms, ignorance is not an excuse. An method used by Blizzard Entertainment and a few others is that users are forces to scroll to the bottom of the EULA before the Accept button becomes enabled, that's about as far as I would go in any of my programs as well.

[james.howell]

Well in general I would have to agree with you, but firstly I was just writing in the features that I was asked to by senior management (aka those who must be obeyed lol), and also I am forced to listen on a daily basis to students claiming that they did not see the huge great red warning box on the first intranet page that they get.

The program would only run once (if the user accepts first time), so it isn't as Draconian as it sounds.

Obviously in industry you would not need such programs in place as employed members of staff can have such rules written into their contracts, or have them sign additional contracts.

I am still interested in anyone that would be interested in looking at my code. This is my first program and I am wondering how I have done in regards to coding it.

[NotLKH]

It really does not sound proper.

Could you post, as near as possible, your projects requirements, as specified by your TPTB?

AND,...

What kind of environment that this is meant to be used in.

BTW,

If they have a login, then everything should have been settled before they even recieved their login.
This IS overkill.

Do YOU have to perform this ritual everytime you log in every day?????

[james.howell]

I don't see why this is so "Draconian". The users will only have to click Accept on a pop up screen once when they first ever log on to our computer system. So in theory they will see this once in the 5 years that they are here.

We are spending half our working days at the moment fighting with users (students) abusing the system. Their main argument ALWAYS is that they didn't they weren't meant to spend their lessons playing games, using proxy sites to bypass filtering, and genrally pissing about on the system. This is regardless for the big red notice when they go to the home page of the intranet.

Until now all we have done is launched a text file when a user has broken the rules warning them. But the last time we did this they re-wrote the text file and copied it into the users shared area. That is why we have taken this step.

If every user is forced to read the rules ONCE and accept ONCE, they then lose the argument they didn't know they were breaking the rules, and can then be held accountable.