malakai wrote:I didn't really see security as an issue setting this up to the outside world or using as a server for any extended period of time is a by product and not it's real intended purpose.
I've seen comments like this before and I think it can be harmful to the entire Internet community. It shouldn't matter what your situation is, good security should always be a priority. And yes, theory has its place as compared to practice but there is no harm to make security a habit rather than saying "well my hardware is never going to have access to the outside world."
If you have a desktop that has access to the outside world on your network and I gain access to it, by not apply good security practices on your other devices I have now infiltrated your other systems. Security is always about your weakest link. If the Pi is going to be used for education, why not also promote good security practices? Everyone knows "Don't open an email attachment from someone you don't know." Why not add to the common knowledge phrase book "Always put passwords on your administrator accounts" and "Passwords: change frequently, change often."
I am not seeing a whole lot of talk on how do I setup port forwarding on my router so ultimately they are mostly inside their own networks root or no root I think well over half are still pretty secure.
I'd be surprised if there wasn't a lot of Pi on the internet. Even acting as a client, such as a media server downloading info about tv shows, exploits could pop up that gain some sort of user access. Open ports on your router aren't the only way of getting into a device.