Came here to say this.

I've used KeePass (or, in my case, KeePassX since I'm on *NIX) for about 6 years and it's been great. Encrypted local storage that I can sync between devices if I want, with an Android app (KeePassDroid) available makes life easy. It's also the only approved password storage method where I work.

the normal curriculum generally didn't provide any exposure to computers beyond "Keyboarding" and "Computer Applications," meaning MS Office. I graduated from high school in 2006 and there was really nothing made widely available by my school. There was a vocational class for computer operations (only 4 students including myself took it), which was actually quite useful -- intro to networking concepts, intro to programming (VB 6), and all of the information needed to get CompTIA's A+ certification. Throughout the year, I was able to bat ideas around with the teacher, including the idea of making a beowulf cluster (just 3 or 4 nodes) to showcase some of the things computers could be used for. The class was the last half of the day and really helped solidify my basis into computing. At one point, the teacher had the network engineer for the school system come in to teach us how to terminate fiber (which we later ran to provide network access for the machine trades vocational class). I really have some fond memories of that class and to this day, I'm friends with the teacher.

My experience was *not* normal by any stretch, though. As I mentioned, there were only 4 students (later dropped down to just 3) in the class from the entire county. I was the only person from the hosting school (1000-1500 students). The teacher I had that year returned to industry the very next year and, from what I heard, the quality of the class dropped tremendously when his successor took over. To my knowledge, the class is still the same poor quality that it was after he left.

As far as I know, learning anything related to computers in high school (in most midwest counties) is learned the same way as it was a decade or two before -- individuals being motivated to learn for its own sake and befriending others who are like-minded. LAN parties, though passed off as completely useless by parents (more often than not), provide(ed) the greatest source of computing knowledge exposure -- setting up the LAN (and segmenting it from the user's parents' use), troubleshooting why a computer would fail to work, troubleshooting why a pirated game wouldn't run on one machine when everyone else wanted to play, and understanding physical infrastructure requirements (i.e. power) are routinely dealt with in the environment of a high school LAN party, and are directly applicable to industry (with much more learning outside of these parties to fill in the gaps, of course).

So many comments and none of them really answering OP's question. First: Yes, OP needs to ensure that what he's asking for is actually what he wants to do. Now, OP: How about using Open Source IDS/IPS? Something like Bro (http://www.bro-ids.org) could be a good option. It's completely scriptable and keeps track of general information (number of connections, what IP addresses are talking to what others, etc.), but where it really shines is that it alerts on "weird" traffic and since it's scriptable, you can write your own protocol inspection code to look at network streams on the fly and only pull out what matters. To implement this kind of system, I'd put a linux/bsd box inline acting as the network's gateway so everything on the network outbound goes through it, enable routing (linux: add net.ipv4.ip_forward=1 and net.ipv6.ip_forward=1 to /etc/sysctl.conf, bsd: add net.inet.ip.forwarding=1 and net.inet6.ip6.forwarding=1 to /etc/sysctl.conf), configure the firewall as needed (NAT and what have you), and set bro up to look at the traffic. Then I'd define very clearly what traffic I thought was "interesting" and warranted looking into. That traffic I would write some inspection code for and wait for alerts (which can be formatted however you please -- they're just text). Finally: Should an I[DP]S be used for oppression? No. Should this type of solution even be implemented at all on a home network? I think that's an issue that can only be answered by the client. Remember: anything can be used for good or evil. Make sure that anything you build and sell is going to be used for good (as much as you can ensure such a thing, of course). Talk to your client. I have a feeling that training for dealing with social engineering will go a lot further than a custom-engineered DLP system.

non-issue. According to the advisory, this particular issue "Spawns a root shell [and h]as not been tested for potential remote exploitation vectors." As has been stated multiple times earlier already, BT is generally used as root locally and (until someone determines remote exploitability) this is a local-only exploit. TFS is wrong. This is not a "critical flaw in BT," but a flaw in WICD that allows privilege escalation. Still something that definitely needs fixed, but if someone has local access to your box, you can pretty much assume they already have root.

Ahh. Point. I didn't realize that ISC support provided notifications in advance.

I am 100% with you up until you say, "I'm amazed how many people run large, production name servers on BIND yet don't have a cheap support contract. If you run BIND, rather than getting your alerts via /. look into a support contract so you get them directly from the vendor." I have a couple issues with this. The first is simply that it's perfectly reasonable to expect a good UNIX admin to handle BIND without issue for generalist deployments. The other issue I have is that you don't need a support contract to get these alerts. Sign up for the bind-announce mailing list (link: https://lists.isc.org/mailman/listinfo/bind-announce). Again, I'm totally with you up until the end there.