Felony Charges For H.S. Hacking 824
jayrtfm writes "Last year the Kurtztown Area High School approved a program which gave every student an iBook. Now 13 students face felony charges for violating the district's usage policy." From the article: "Shrawder said the secret password '50Trexler,' was widely-known among the student body and distributed early in the school year. It allowed between 80 and 100 students to reconfigure their laptops, he said. The more computer-savvy students began to disable the administrations' ability to spy on the students' computer use. For others, it became a game, trying to outsmart the administration and compete with fellow students who held the secret, Shrawder said."
Lets get the facts straight (Score:5, Insightful)
In that article, it was said that the students were accessing porn sites, and HAD infact hacked the administrative network.
However, living in this area, I feel it necessary to point out that the papers around here can't handle technical articles, and and usually get the facts wrong. For all we know, they got the admin pass, and disabled the proxy (which was likely the n2h2 Bess Proxy [n2h2.com]), and all of this is being blown out of proportion.
Once more facts become clear, maybe we'll learn why the rest of the 80-100 students weren't charged.
I attended and worked IT for Conrad Weiser Area School District [conradweiser.org] which is about 20 minutes away from Kutztown, where we had the BCIU [berksiu.org] come in to do a lot of work on machines. The BCIU is clueless, and security is their lowest priority. It wouldn't surprise me at all if the BCIU worked with Kutztown High to setup this network, making it all the easier for these kids.
Also, here are the nyud mirrors of the links:
FAQ [nyud.net]
Kutztown Area Patriot Article [nyud.net]
Laptop Initiative [nyud.net]
Re:Lets get the facts straight (Score:5, Insightful)
If you want to bypass any restrictions, find out if the teachers mind. Many times they won't. (I was once asked to send an e-mail from school, and our school filters block all webmail..or at least they think they do.)
If you end up doing something that you think they won't mind but they do, as soon as they say something, apologize, and stop doing that. And it helps to show yourself as a white hat ahead of time, so they know you're not solely trying to break their security.
If you're doing something that you know they mind, reconsider why. Is this something you can't do more safely from home, or from a public library or Internet café?
If you're looking up porn from school, you're a ****ing idiot. Same goes if you're breaking into important stuff for the fun of it.
Re:Lets get the facts straight (Score:5, Insightful)
And they won't mind either if they don't understand what you want to do. The problem comes when they understand what you told them and it's too late. You'll be the only one who "touched the computer", you're the only one who "knows how it works": you're responsible. I suggest that you ask for some kind of paper signed by a teacher before doing anything. I know I'm too much paranoid but it's always safe when you have a physical proof to show when something bad happens.
Re:Lets get the facts straight (Score:5, Interesting)
So I got wise and spoofed an e-mail to the administrator of the system (can't remember how I got the guy's e-mail address), forging the header to look like it was from my teacher. I (posing as the teacher) told him that a couple students had lost their password, and I needed it e-mailed to a hotmail account I'd set up. I put in some excuse about how I was going to be on the road and unable to check my regular e-mail address. This was actually true. My teacher told us he wouldn't be able to check his e-mails during the break because he was going to Colorado or something.
The guy bought it. He sent my password to the Hotmail account I'd set up. Not only had he sent my password, though. He'd sent everyone else's too. And to make matters worse, he'd CC'ed it to the teacher's real account
So there was no way out. My name was on the original e-mail, and it wouldn't take a genius to figure out what happened. So I copped to it. I e-mailed my teacher, explaining the whole thing, and waited the entire break. I got to class, and my teacher just told me, "Got your e-mail. It's cool." And that was it.
I risked a whole hell of a lot to save some time for a stupid game. And I got lucky that my teacher was merciful. The worst part is that I was so set on going the 1337 route that I never considered that, with the administrator's e-mail, I could've just requested my password as myself!
So I got a free lesson there. In short, I agree with you. Teenagers don't listen to this kind of stuff though, because of course, it'll never happen to them. And if it does, they'll get lucky like me. Good thing the law doesn't hold minors accountable for their decisions.
Re:Lets get the facts straight (Score:5, Insightful)
Altering the OS of your school provided laptop is probably not illegal, depending on what exactly you do. Unless you're unleashing a virus or destroying hardware, I really doubt anything will stick. I'm guessing this is the kind of thing the ACLU would help you with if you actually got in trouble.
Accessing material over the internet by using existing holes in school firewalls/proxies is NOT illegal. Most of us do it all the time at work because our IT departments are insane (but leave port 80 open with a proxy to censor us...may as well just leave them all wide open). Anyway unless you are attacking their network (router, firewall, proxy) in some way, it's not illegal or even immoral.
Now hacking in to their network, changing grades, destroying machines, altering network configurations, that's all illegal, immoral and just plain mean spirited. As with any other crime however, you should absolutely not admit to anyone what you've done without the counsel of a lawyer. This goes for any crime, even a speeding ticket. You have the right to remain silent, use it. Even if they promise to let you off, bring in a lawyer. Never play around with such things, I know some honest people who thought they were doing the right thing and got it handed to them. The right thing is to remain silent.
The more money it costs to enforce idiotic network policies and excess legal entanglements, the less likely anyone is going to want to be involved with it. If it isn't actively hurting someone, then I think after this neo-fascist insanity passes, people will ignore it.
Re:Lets get the facts straight (Score:3, Informative)
They make us and our parents sign an acceptable use policy or somesuch saying that we won't so much as breathe on their routers after eating onions. I think this is enforceable as a contract since my parents signed it and the entire minor-immunity thing doesn't apply to them.
you should absolutely not admit to anyone what you've done without the counsel of a lawyer.
In one particular case a month or two ago, it didn't help much: I used the unblocked Windows file shari
Re:Lets get the facts straight (Score:5, Informative)
You can't commit a felony by breaking a contract. You can be found in breach of contract in a civil court for breaking a contract. You go to court to have a them help figure out what the restitution for failure to comply with the contract. A lot of the times, the penalites are spelled out in the contract.
So, being charged with a felony has absolutely nothing to do with any type of paperwork you or your parents signed. In order to be charged with a crime, you have to violate a criminal law.
There are so many silly laws about computers, that I won't be shocked to find out that there is some law that could be used against someone who isn't supposed to gains administrative access to a computer.
Kirby
Re:Lets get the facts straight (Score:5, Interesting)
Altering the OS of your school provided laptop is probably not illegal, depending on what exactly you do. Unless you're unleashing a virus or destroying hardware, I really doubt anything will stick. I'm guessing this is the kind of thing the ACLU would help you with if you actually got in trouble.
Exactly. Unless you actually stole/damaged things--they'd be hard-pressed actually go through the trouble of ruining your life. It's this very fact that saved me back in the day.
Back when I was a senior in highschool (Class of '02), there was a computer-geek rebellion which I, by some strange twist of fate, found myself leading. It all started when the county bought some really nice computers for the fiber optic computer lab. Some of us got the bright idea to bring in cracked copies of Quake 2, Tribes 2, Unreal Tournament, and a bunch of other games to play during lulls in the classes. Most of the teachers didn't care. In fact, one of them even used "game time" as an incentive to get his lackadaisical senior students to do their assignments--with a lot of success I might add.
Then one of the hard-nosed teachers found out and made a habit of deleting the games. Of course, this was easily overcome by making copies of the game files locally and adding a few ifexist lines to the autoexec.bat of every machine to recreate the game should it be deleted. This worked for awhile until the county computer techs were called in to "See what was wrong."
Hoping to keep games off the computers, the county bought Clean Slate [fortres.com], a program used to lock down pre-XP computers. On the surface, the program seemed pretty tough. *All* changes/files created were removed every time the computer was restarted and only authorized programs were allowed to run. Of course, the BIOS was set as HD first to prevent bootdisking. The program was a huge hassle to both students and teachers alike.
This was first overcome by: 1) corrupting/resetting the BIOS [bioscentral.com] 2)bootdisking in 3) REMing out the relevant lines in the autoexec and windows startup files. This entire process took approximately 20 seconds once you got good at it. And we did get good at it--there were over 300 computers in the school and every computer was unlocked (oftentimes the same day it was locked down). Unlocked computers were set with a blue background to indicate that they were fixed.
Eventually we wised up and just installed a keylogger on one of the computers scheduled to be locked down. Sure enough, you had to type in the password every time you installed the software. With the password (which worked throughout the school), many people actually used Clean Slate to protect the games from being deleted--which was just beautiful.
Figuring out what we were doing, they started to Norton Ghost the computers so that a direct install and password entry was not required. They also correctly configured Clean Slate so the BIOS couldn't be so easily corrupted. This too was eventually circumvented when we found out that Clean Slate is unable to apply its file protections to Novell Netware shared drives. If worse came to worse, and you had enough alone-time with the computer, you could always remove the case and reset the BIOS password with the pin.
Throughout this whole process, there was one rule among those involved: DO NOT DAMAGE THE COMPUTERS. Do not delete the Clean Slate files--only disable them. Do not put porn, ect. on the computers.
This turned out to be our saving grace. Eventually the computer technicians got fed up with our school. The network usage for our school was something like 30 times other schools in the county. Of course, all of this was occurring when the county was assuring the state that its computers would be ready for the new computer-based Standard of Learning (SOLs) tests. Bad timing. Entire meetings of the county school board were apparently based upon the
Re:Lets get the facts straight (Score:3, Interesting)
Besides that, the student geeks on my school are mostly gamers and by allowing every 2 to 3 month a school-only lan party they are quit carefull these days on "their" hardware. Of course I get asked alot of times what the Administrator password is, I always respond that I would tell them what it was last week. To be honest I don't know the Administrator passw
Re:Lets get the facts straight (Score:3, Interesting)
The network version also allows locking/unlocking/monitoring over the network, and you can generate 1-time codes for workstation access so people won't be able to unfreeze even if they snag the password with a keylogger of some sort.
I've heard that it does interesting things to the boot record so that if deep freeze doesn't boot the system (ie: you
Re:Lets get the facts straight (Score:5, Insightful)
I call BS. This is the most implausible story I've ever read in all my long years of reading people's stupid made-up stories on Slashdot.
Re:Lets get the facts straight (Score:3, Informative)
Using BBC Micro computers attached to an Amcom E-net, I discovered that it was possible to write just a few more bytes than I supposedly had allocated to me as space. My guess is that there was some sort of K=1000 vs K=1024 bug between the client and server. The interesting thing was that the free space reported for my user area on the server then wrapped around to a very large 4-byte integer (or a negative integer which was reported as a large po
Re:Lets get the facts straight (Score:3, Informative)
You should check out the bullshitter's web page [freeshell.org], make sure you follow the link to his 'myspace' to see just how cool he is. If you're too lazy here are some choice quotes:
Re:Lets get the facts straight (Score:3, Interesting)
But it is a contest. Guess you've forgotten what it's like to be a kid. Unfortunately, your 'them against us' attitude is what makes it fun. I worked in the public schools and administered the computer lab for several years. I had the best luck by ignoring the harmless stuff, and recruiting the help of the geeks.
Re:Lets get the facts straight (Score:3, Insightful)
Porn I can agree should be kept off those computers, and there would probably be some jousting between students and tech sup
Re:Lets get the facts straight (Score:3, Interesting)
So my GPA went from 4.0 to 3.65 or some nonsense (Amazing how 8 Fs in the last quarter can really make a difference!). Didn't seem to affect anything, it's e
Re:Lets get the facts straight (Score:3, Insightful)
If I were a parent in these school districts, I would r
Re:Lets get the facts straight (Score:3, Insightful)
If you're looking up porn from school, you're a ****ing idiot. Same goes if you're breaking into important stuff for the fun of it.
Maybe. But I don't think that is the point. Is it reasonable and just to damage a child's future for a minor infraction? After all, children do not have all the rights, responsibilities, and protections of a
Re:Lets get the facts straight (Score:3, Informative)
Sorry, but they hadn't. The article clearly stated that although they had the administrator password and had removed the access restrictions on their own computer, at no time was the central server in danger.
Jw
Inept school officials (Score:2, Insightful)
Re:Inept school officials (Score:4, Insightful)
Re:My school used different methods.... (Score:5, Interesting)
The next class instead of going to the computer lab we were sent to a classroom instead. Once we were all there, the district network administrator came in, and started giving a lecture on how to track down where an attempted intrusion is coming from, Using a real life case study. It was quite an interesting presentation actually, exept for one student who was watching in HORROR (with a complete look of shock on his face) as they described in great detail exactly how they tracked him down and learned exactly who did it. He was visibly shaking at the end of the lecture. (Before the lecture he had absalutely no idea that anyone else knew about the password theft attempt)
Besides that he got a few days of in school suspension, but that was it.
Re:How'd they track it down? (Score:3, Informative)
Re:Inept school officials (Score:3, Funny)
You heartless person! Criminals sometimes have to deal with broken windows,just like everyone else. Have some pity and lend them putty.
Re:Inept school officials (Score:2, Funny)
Re:Inept school officials (Score:5, Informative)
Felons are forbidden by law from:
Voting (in many states. In 14, including mine, Nevada, one is forever forbidden from voting. In Florida, another such state, I believe it is case law that a juvenile convicted of a felony loses the right the vote before he or she gains it - he or she is barred by law from ever gaining the right to vote - cruel, unusual and unconstitutional but still considered the law).
Holding office
Working in anyway for the government, local, state or Federal. If you run a company of your own and are a felon - your company is ineligible to bid on any project or supply any goods or services.
Owning a gun - 10 year sentence if one even tries to. 18 USC 922(g) makes it illegal and 18 USC 924(a)(2) sets the penalty.
Being bonded
Getting a good job - anyone that hires a felon can have a judgement for monetary damages against them for "negligent hiring" - the courts will then take possibly all their assets and garishee their wages for life if the judgement is big enough - yeah the person would have to harm someone - but what employer will hire a felon knowing the courts could de facto bankrupt them for life if the person who committed a (possibly minor) (possibly as a juvenile) felony kills or rapes someone.
Keeping a job - "negligent retention" law prescribes the above for failing to fire a felon.
Travel - Canada PROHIBITS felons from entering - and they are supposed to be a reasonable country. Heck, Canada forbids DUI offenders from entering. Heck, George W. Bush, sitting President of the US, is technically barred for that. Not that they'd ever enforce it in his case. (Yes, Bush's was a misdemeanor - but Canada still bars people for it, perhaps Canada was a bad example, perhaps Bush was a bad example because someone might start an off topic Bush sucks/Bush rules flamewar)
In Utah - they are forbidden from working in any operational capacity for a Certificate Authority - this will mean if a felon owns a company it can't be a CA.
I might be wrong - I hope I am - but I fear my list is incomplete, not incorrect.
Re:Inept school officials (Score:3, Interesting)
Re:Inept school officials (Score:3, Insightful)
Especially since the "purpose" of prison is supposed to be to reform the offender. Kind of puts that in perspective.
Re:Inept school officials (Score:3, Insightful)
So revenge is the goal? Yikes. No wonder your prisons are overflowing.
Re:Inept school officials (Score:5, Interesting)
That is technically an "ex post facto" (adding punishment after the fact) law, which is illegal, but they weasel out of it by saying it isn't punishment, it is just aiding "public safety" by restricting "privileges" of persons with a "felony status", not punishment for a crime.
Just as if the DMV takes your license away in an administrative hearing for DUI even if you are acquitted in criminal court! What about double jeapordy? Well the admin. hearing is not "punishment".
Oh, certain sex offenders are forbidden from living within X number of feet of a school. This restriction was added retroactively. In some cases these sex offender's offenses WOULD NOT BE A CRIME IN CERTAIN OTHER STATES WITH A LOWER AGE OF CONSENT - we aren't talking offenses which are universally considered crimes - i.e. they are being told they can't live somewhere after serving their sentence whereas in certain states they couldn't get in any (legal) trouble whatsoever. People who rape 9 year old girls should be locked up forever and ever and then some - but even then - the rule of law should hold - the rule of law is need to protect us all - make true perverts get life without parole sentences - I'm against the death penalty because I don't trust the government to use it fairly - Texas loves killing people and Nevada loved killing children until the Supreme Court stopped them.
Oh, the above rules don't protect kids - even sickos can take buses, trains, cars, planes, horses or walk to the school.
Also, this sets a precedent that the gov't can say where you live, and not as punishment for a crime - it can be done "ex post facto".
Also this precedent can be extended to any crime.
Think I'm crazy, think I'm paranoid. Well...
Clark County, NV has an "order out corridor" for people convicted of drugs and prostitution!
Clark County Code 12.05.020 (drugs) and 12.08.035 (prostitution). The "Las Vegas" Strip is in Clark County but not in the City of Las Vegas, btw.
Not just for where you can live, but where you can travel to or through!
Have a speeding ticket? Lots of car crashes in your town? How about a public safety rule that says you can't live within one mile of a freeway? Passed after your conviction? Justified by saying it is too tempting to have an opportunity for severe speeding so close by.
Living With a Felony (Score:5, Interesting)
I thought I'd share my thoughts, since this is a subject near and dear to my heart.
I was convicted of a felony three years ago, and my life was pretty much destroyed. I lost my job, my apartment, my college loans, and got slapped with thousands of dollars in fines to boot. I'm unemployable: I've shown up to different jobs to start my first day, only to be let go after because they got the results of the background check. The real kicker was that I checked "yes" to having a felony conviction on my application, but the managers claimed that "the computer says we can't hire you".
Since I am now unable to finish school and am stuck making six bucks an hour at McDonald's, I've been giving serious consideration to joining the Army. The recruiters say a waiver is no problem and they can wipe the felony from my record. I'd say gambling my life in Iraq beats the hell out of being doomed here in the Land of the Free.
Re:Inept school officials (Score:3, Insightful)
I might be wrong - I hope I am - but I fear my list is incomplete, not incorrect.
All part of the mindlessness of 'getting tough on crime'. All it really means is that in those states, a convicted felon might as well re-offend once they get out since there's little to no chance of them becoming a productive member of society or even of making a legal living. You can't rationally cast someone out of society AND expect them to act as if they are a part of it. Any rational human being in that situation will
Re:Inept school officials (Score:3, Informative)
Re:Inept school officials (Score:3, Funny)
Re:Inept school officials (Score:3, Interesting)
Fortunately, I scared them off with a lawyer and charges were dropped.... so I ended up with a 30 day vacation from school, and still finished my senior year with a 4.5/4.0 GPA along with getting AP credit for Calc (but I didn't get to go to Florida with the FIRST team, ah well). And yes, there was an incompetent administrator of the entire district's (Novel
I just don't get it (Score:3, Insightful)
The same thing.. (Score:5, Insightful)
Re:I just don't get it (Score:5, Interesting)
And furthermore, the courts have decided that violating an acceptable use policy amounts to accessing the computer without authorization.
Worse, it is accepted within the courts that an existing "terms of use" or whatever does not have to have been read nor accepted for it to be enforceable.
It is presumed that such a policy exists, and it is the burden of the user to find and read it.
It sucks!
I am not a lawyer, this is not legal advice
Re:I just don't get it (Score:3, Funny)
Re:I just don't get it (Score:3, Interesting)
That sort of thing set all of the precidents for the insane rulings that you see for this now.
Re:I just don't get it (Score:4, Informative)
They don't know how to parlay the common sense they use in the real world to a virtual realm with which they are unfamiliar.
Plus, the professions they are in are usually dominated by "guardian" personality types. [keirsey.com] Such people tend to be comfortable with rigid interpretations of language and law, so if something falls under the rubric of "hacking" they will pigeonhole it as one specific type of behavior. Their reaction to it is determined not by the details of the behavior itself, which they may or may not understand, but the pigeonhole they have classified it into. Hacking is hacking. Hence the old saying that "the law is an ass."
When Mitnick was arrested the cops wouldn't let him have a phone. They thought he could launch nuclear missles by whistling into a phone at specific frequencies.
In-house punishments please! (Score:5, Insightful)
Of course they didn't. You know why? Because, "Students who violate the computer policy will be disciplined" does not imply that criminal charges will be filed. It implies that the students could receive in-school sanction.
This is a bunch of hyped up and unnecessary bullshit. If you're going to give laptops out you better bet that they are going to be used for unintended purposes. By bringing criminal charges you are doing nothing but wasting even MORE of the taxpayers dollars for something dumb.
Discipline them in-house (like they did to us in high-school - made us sit in the hot school all summer doing NOTHING - it's worse than paying a fine and doing community service)
Re:In-house punishments please! (Score:2, Interesting)
Most usage policies that I've seen explicitly state something along the lines of 'criminal computer damage' or 'charges may be filed'. As a matter of fact, we have a cop on campus at my high school explicitly to arrest people, whether it be for fights (assault), drugs (obvious), and yes, 'hacking' (cybercrime is the term used, I believe). Even for something so simple as getting on the teach's computer when he's not looking. Student discipline, sadly, has declined in
Re:In-house punishments please! (Score:5, Informative)
You apparently didn't read the District's Usage Policy. In fact, I know you didn't or you wouldn't have questioned me. Let me help you:
From their FAQ [kasd.org] which was linked in the Slashdot blurb.
Will students be able to install software on the laptop?
No, students installing software on school owned computers is a direct violation of the KASD Computer Policy. Students who violate the policy will be disciplined. All of the software necessary to integrate the laptop technology into the curriculum will be installed when the laptop is issued to the student. Security monitoring software will be used on all of the computers to assure that software is not loaded on the laptops. See the "Software" webpage in regards to the software installed on each laptop.
Will students be able to email, chat, and play games on their laptops?
Chat, IM, games, and email software will be removed from all computers. Student use of email, chatting, IM, and game playing is a direct violation of the KASD computer policy. Students who violate the computer policy will be disciplined.
What will the school do to help prevent students from going to inappropriate sites?
The KASD has a software/hardware product which is designed to help monitor all Internet sites that students attempt to access. This software/hardware blocks inappropriate sites and also logs a history of every site that each user opens. Students who attempt to find inappropriate sites will be disciplined. The current KASD content filter meets CIPA guidelines.
Just to be sure that I didn't miss anything I read it twice. Nothing in there about filing criminal charges.
Obviously I don't need to be in school anymore as I can read *and* comprehend.
Re:Know what I'd do? (Score:5, Insightful)
I'd hand it right back. "No thanks".
The students had a wonderful opportunity to show what a complete failure such draconian policies can be. But, just like with illegal file sharing, they'd rather push the other way, and end up further behind than when they started.
password (Score:4, Funny)
It was an asinine password anyway (Score:5, Insightful)
50 Trexler Ave.
Kutztown, PA 19530
Excellent, nobody would ever think of "50trexler"
Re:It was an asinine password anyway (Score:4, Funny)
50 Trexler Ave.
Kutztown, PA 19530
I originally read that as "Klutztown." I was laughing at the irony when I realized my mistake. What a let down.
Re:It was an asinine password anyway (Score:3)
Actually, most of the computers were Mac Pluses.. *shudder*
Re:password (Score:2)
"Computer Trespass" (Score:2)
It's "Computer Trespass" if a student breaks into the computer that they're being lent, but it's not if they're being monitored without their knowledge? Okay...
But seriously folks, don't get too worried about this. I mean, if they prosecuted people for this sort of stuff, half of us would already be in jail, and the other half on death row. It's all just hot air from the administrators.
Re:"Computer Trespass" (Score:2)
Hey! I'm posting this from Death Row, you insensitive clod!
Re:"Computer Trespass" (Score:2)
The computer is OWNED under the auspices of the school, and thus it is their right to monitor it, in order to minimize liability. In fact, in most usage policies it's explicitly stated that 'you may be subject to monitoring'. And if you don't like it, well, you don't have to use a school computer.
As I read the article... (Score:3, Insightful)
Re:As I read the article... (Score:2)
Re:As I read the article... (Score:2)
Dear Zonk. (Score:2)
Please, dear... It's "Cracking", not "Hacking"
Also, since when is passing the administrator's password around considered [Hacking|Cracking] anyway?
Re:Dear Zonk. (Score:2)
Definitely part of the branch known as "social engineering".
Aha! (Score:3, Insightful)
The best way to get poor laws changed is to enforce them strictly.
Now everybody knows my password. (Score:2, Funny)
Barely even hacking? (Score:2, Funny)
Locked down laptops... (Score:3, Informative)
Re:Locked down laptops... (Score:5, Insightful)
YOu have to admit (Score:3, Interesting)
Re:Locked down laptops... (Score:2, Insightful)
dom
Stupid (Score:5, Insightful)
In all seriousness, if they really wanted to ensure security on these systems, they shouldn't have allowed the students to take them out of the school.
Idiots. (Score:5, Interesting)
I'm a student computer tech at my high school, since the school is too cheap to hire a full time technical staff. You wouldn't believe the amount of times I was asked for the local administrator passwords to the campus computers, just from people who wanted to 'mess around'.
The main problem is twofold: first, that the school doesn't want to be held liable for any 'bad' content (the obvious part), and that IT MAKES MORE WORK FOR ME. The admin password was leaked many times, and you wouldn't believe how many times I've had to either reformat computers or wipe Kazaa/Steam/random emulators from computers where students wanted to mess around. The worst part, when some of them tried to remove SynchronEyes (our 'spy' program), they were so incompetent with what they were doing that they ended up fuxxing the domain privileges and rendering the computer inoperable on the network. We rarely, if ever, monitor student activity, since we don't have enough staff.
If you want to mess around or do anything 'cool' with a computer, DO IT AT HOME. If you're at school, use the computers for school work. It's not a game as to how much work you can cause for the local techs and admin, the computers are always for WORK. If you go ahead and make it a game, we get VERY pissed at having to clean yet another computer.
Or better yet, do what I did and join the tech support staff.
The District Mission Statement: (Score:2, Interesting)
@#$@# Educators! (Score:5, Insightful)
Wait a minute - the administrators have to show them who's in charge... and having the cops do their enforcement... that'll show them.
Re:@#$@# Educators! (Score:3, Insightful)
Happened at my school too .. (Score:2, Informative)
Computer Trespass my left foot! (Score:2)
I rather thought if you had the key to someone home you couldn't call it "Breaking and entering" even if you were a dumb ass and put it under your mat. Would not the same rule of c
Unanswered question (Score:3, Interesting)
Secret? LMAO! (Score:3, Insightful)
If it's widely-known, how can it be secret?
Incorrect Story (Score:5, Funny)
Enders game (Score:2)
Anyone else get Enders game flash backs?
For those that don't know Enders game, it is a great science fiction book by Orson Scott Card.
Wow.... (Score:5, Interesting)
Yeah, right (Score:4, Funny)
A server breach does seem pretty impossible. Considering the complexity of the password and how few people knew it, it's doubtful they wouldn't know if the server was breached anyway.
The Good News (Score:2)
What were the technology adminstrators doing... (Score:3, Funny)
I'd be nice to know the laws broken (Score:3, Interesting)
And so to claim a felony, they're claiming that some law was broken. Why can't anyone describe that law?
I heard the kids were reading Slashdot. Waste of time, those poor souls already lost....
Re:I'd be nice to know the laws broken (Score:3, Informative)
TFA isn't all that clear and pacode.com is none too helpful. they only stated "Computer Trespass" PA criminal code section 7615, a Third degree felony.
Re:I'd be nice to know the laws broken (Score:3, Interesting)
Sounds like Officer Skavinsky and the Berks County District Attorney's office don't really know what they are doing and don't understand the law in question or computers in general.
Thoughts from a parent (Score:5, Interesting)
Re:Thoughts from a parent (Score:3, Insightful)
Re:Thoughts from a parent (Score:3, Insightful)
Re:Thoughts from a parent (Score:3, Insightful)
Nobody likes looking stupid (Score:3, Insightful)
I think the school staff know exactly how inconsequential the security breaches were. But nobody likes being made to look stupid - especially by kids many years your junior. These students took advantage of security problems that never should have been there in the first place. Certainly the students were wrong in what they did - no question about that. But making this into a felony issue is a defensive move on the part of the school to divert attention away from how badly they did their job.
On another note - apparently the school had $900,000 to spend on this. Why couldn't they afford a competent IT person to run it?
Stupid. (Score:3, Interesting)
----
There was a lab that I used to hang out in. Being one of the few geeks in the school, I pretty much had run of the place. The teacher who oversaw the lab encouraged creativity and ingenuity. Sometimes he'd get pissed with something I did, but in those cases I just fixed it and moved on. This kind of activity, over a year or so, ended up earning his trust as I would also fix the odd problems with windows/autocad and such that would crop up.
Eventually I became the de-facto admin for that entire lab. During my required study period he would give me a pass to hang out in his lab--sometimes even when other classes were in there. Talk about heaven. I had the run of a computer lab that was networked. It was like being a king.
Around my junior year or so, they replaced the computers in the lab (aging 386/486 era machines with DOS, mostly) with shiny new Pentiums running Windows. For a few months they were basically just open and normal Windows machines. I think they even had Internet access. This was, of course, a total disaster. The net was new, then. People didn't have it at home. They downloaded anything and everything. Porn, viruses, music, etc.
The result was an *cough* admin *cough* who ended up being in the room almost everyday for awhile. He would spend his time poking around in control panels and "fixing" the computers. Eventually he must have gotten sick of that because they hired a local consulting company to come in to secure them all. Pretty soon the whole place was all passworded up with all these layers of cheap third party locks, etc.
I broke all of them--with full (unofficial) support of the teacher who taught in the room. They had tried to lock the systems down so much that half his programs wouldn't work right anymore. He had endless problems with students just trying to save their completed CAD drawings. I made a lot of those problems go away by circumventing the security, showing him how, and then giving him pointers to try to minimize the visibility of the hole so that other kids and the admin dude wouldn't find it. Not perfect, but it helped.
After some time of this the teacher pulled me aside one day and tells me in a reasonably loud-so-that-others-near-by-can-hear voice that I need to be careful because Mr. Admin is getting pissed that someone keeps getting into his expensively secured systems and he's going to try for suspension of that person when he is caught. Of course nearly every one of his students knew it was me--but they weren't going to talk. I had helped them all out of computer jams at some point or other. So after doing the semi-public speech, he later pulls me aside in private and says, "Hey, keep doing what you're doing. I'll make sure they don't do anything to you. Those bastards are making my life such a living hell and they won't listen to my needs that I've given up trying to deal with them. You at least make it possible for me to teach my classes."
So of course after the next round of "security upgrades" I was once again on the job. Eventually I figured the way into the system and changed all the screen savers to be the marquee one and had it read, "Ha ha! I got in Mr. Security Guy!" Hoo boy did the shit hit the fan. I was shielded from it, but the teacher just loved it. The admin dude was pissed. The consulting guy was there almost everyday for like 2 weeks. My teacher would just smile and nod. Eventually they locked it down pretty heavily, but by this point I was a senior and I was graduating early and was out of there.
Those were some good times. Seriously, though, I swear that in this
Nerdy anecdote (Score:5, Insightful)
At the time, Cornell was Mac-dominated (oh, happy memories) and the Upson lab had a network of IIci's just waiting to have their security hacked. I forget the tool that was used, but we figured out that it stored the password in a certain file that we could reach by bypassing the file security with Norton Utilities for Macintosh (haha Mac OS 6 security, bah). We procured a copy of the software, installed it and created a password on my own IIci, then took a copy of that file (with the obfuscated password) and replaced the file on the lab IIci. Instant admin access.
But we didn't stop there. We had such organization that we managed, as a team, to use this trick to install a fun little background process called NetBunny... on ALL the macs in ALL the labs. NetBunny does nothing on its own, but paired with a little utility called StartWabbit that we pointed at any campus AppleTalk network we wished, would begin the chain reaction. What then happened is that the Energizer Bunny would walk across the screen thumping the drum, going literally from screen to screen across the whole lab. It was pretty much a riot, if you were in on the joke, but the admins couldn't figure it out (we had hidden the executable well through obfuscation by renaming it and pasting another icon on it) and after they heard the recognizable "thump, thump, thump" sound would jump up and run around helplessly yelling "It's the bunny!!" We did it a few times with "agents" at each location to witness the mayhem. Good geek times.
I think it's the nature of very talented people, that when The System is not challenging them sufficiently (or when they refuse to take on the offered challenge due to lack of interest or motivation), that they seek out their own challenges, and fun.
I don't think these kids should get punished this harshly. Felony charges? Simply for trying to break the rules? Please. Face it, it takes some effort and talent to break in, it's just misplaced effort and talent. Find a way to redirect it. I mean come on, it probably started with some high-school geek starving for attention who wanted to seem cool.
I am an IT Director in a High School District... (Score:3, Insightful)
I just dealt with some students who abused positions of trust (as tech aides) to install keylogging software on multiple computers. We came down hard on the student who initiated this because he used the information he gathered to access email and grades of the teachers whose passwords he caught. I never considered recommending this to the police, though, because I knew that we could suggest expulsion (which we ended up on a compromise with the student and his parents on) and scare the student into not doing this again. Or, at least, we now know who he is and we can ensure that he won't do the same thing.
The primary downside is that high school computer experiences shouldn't have to be as controlled and locked down as they are in most places. While we absolutely need security surrounding our student information system, grades, attendance and teacher files, I don't like locking down computers and trying to force certain behaviors. Let these kids work normally on the computers and be clear about what is appropriate. Locking them up will only, in the end, produce exactly what these district's saw -- students who do everything possible to break the security.
Oh, and the parent who said, "and I don't know that it has cost the taxpayers any money" is delusional. Everything I do in my job costs the taxpayers money, so if I have to spent dozens or hundreds of hours tracking down the source of a security breach instead of working with students on a multimedia project or with teachers on instructional applications, then it costs money.
Re:I am an IT Director in a High School District.. (Score:3, Interesting)
It was the school's street address. It wasn't leaked, it was guessed. If it had been leaked, it would have had to have come from someone in the school administration. Leaks come from the inside. (unless there's something in the terms of use that say if you happen to guess our pathetic password you aren't allowed to tell anyone)
Although it might be tempting for the attorney for the defense to claim that none of the students cou
18 Pa.C.S.A. 7615 (Score:5, Informative)
(a) Offense defined. A person commits the offense of computer trespass if he knowingly and without authority or in excess of given authority uses a computer or computer network with the intent to:
(1) temporarily or permanently remove computer data, computer programs or computer software from a computer or computer network;
(2) cause a computer to malfunction, regardless of the amount of time the malfunction persists;
(3) alter or erase any computer data, computer programs or computer software;
(4) effect the creation or alteration of a financial instrument or of an electronic transfer of funds; or
(5) cause physical injury to the property of another.
(b) Grading.--An offense under this section shall constitute a felony of the third degree.
JESUS FUCKING CRIST (Score:4, Insightful)
Apples of now and yesteryear. (Score:3, Insightful)
50 years or so ago, the analogue (trespass charges from the article) would have been a bunch of schoolkids wandering off and stealing apples from some local orchard/garden. Just a handful, and just as it's 'the rebellious thing to do'.. That stage that many kids go through. And hey, adults do too.
Technically, it may be illegal, but common sense tells you it's a light hearted prank. Someone blowing off steam
You didn't just lump them in with somone who broke in your house and stole all your prized possessions.
If it were reported to the headmaster/headmistress of your school, you'd get a stern talking to, a series of detentions, lines to write, and probably a week kicking your heels in your bedroom.
All of which would say very strongly "It's really not worth the waste of your time to do it!".
An eminently sensible, and time tried solution. Everybody forgets about it in a few weeks, apart from maybe a slightly elevated reluctance on the part of the kids to 'scrump' for apples like that again.
Exactly as it should be.
Now: We get people like the teachers who went screaming to the police department at the first sign that somebody may have done something they didn't like.
Now, a suitable punishment would have been a series of detentions, letters home to the parents who would most likely have grounded the kids. And everyone would have gone on as usual.
Now, instead, you have a set of scared (and intensly angry) kids who if they do it again, are going to be much more careful, and if it looks like they're going to get caught, will likely cause collateral damage to hide their activities in.
And a series of shocked and angry parents who have suddenly lost faith in the ability of teachers to even try and keep some semblance of common sense in and out of the classroom.
Then, of course, the media, who love this, sending word far and wide to a generally disbelieving population, most of who are going to be shaking their heads at how far stupidity and knee jerk reaction has pervaded socicety and become the norm.
One thing's for sure: The image of that school is very badly damaged. I'd hazard a guess that several students will be moving (voluntarily) to another educational establishement.
The intake will likely be down (hey, would you prefer a school that'll give your kids a felony charge for a prank, or one that'll give them a detention and teach them pragmatism?).
The cost in PR and face for this action is incredible.
If the school holds it's current position, it'll likely cut off any possible stream for kids with a prankish side (who often tend to be highly creative; note this isn't just kids who misbehave just to be disruptive. Difference between Ferris Bueler and Bart Simpson) coming into the school.
And most other kids whose parents just don't want to risk it.
If they turn it around, and quash the teacher's wishes so completely, the administration will just never be treated as a joke, and it's authority will be seriously undermined (can you imagine, every small action a kid gets pulled up for, they'll be saying 'what are you going to do? Report it to the police?').
Maybe I'm just getting old, but all this leaves me with is the wish that things would go back to before the politically correct and lawsuit hungry era back to times when common sense was actually held in esteem. When you could actually learn to respect someone for being harsh but fair, rather than having them try to force respect by waving the threat of a lawsuit in your face at every corner.
Criminal stupidity and derelection of duty (Score:3, Insightful)
Rule number 1 of security, if the attacker gains unsupervised physical access to the box, game over. What in the world did they think was going to happen?
You can raise the bar quite high if you use various crypto signature techniques, but ultimately a soldering iron and a flash burner will defeat that. A CPU that can check the BIOS signature in micricode on powerup would raise it much higher still(probably beyond a student's reach, in fact), but could be defeated by a determined attacker with the right laser and microscope.
Despite all of that, the real crime here is school administraters who have forgotten why they are there and who they serve. They are supposed to provide the students with a safe learning environment where they not only learn what's in the books, but how to get along in society. Part of that includes the school modeling society in microcosm. Part of that includes demonstrating that poor choices have unpleasant consequences while protecting them from the worst of those consequences while they are learning. Whenever outside law enforcement is called in, the school has failed in it's primary purpose. When outside law enforcement is unnecessarily brought in, the school has WILLFULLY derelected it's duty to the students, parents, and society.
Schools often claim to be acting in loco parentis [bartleby.com] and so need not recognize a student's 4th ammendment rights amongst others. Courts tend to agree with that. What they have forgotten here is that there are duties and responsabilities that go along with acting in loco parentis. Would any decent parent file felony charges in retribution if their high school aged child hacked their computer to bypass the parental netfilter?
The administraters are embarrassed that the students got the best of them. In their embarrassment, they have rather childishly decided to do as much harm to the students as the law will let them get away with. It sounds like the administraters responsable for this shouldn't be allowed anywhere near responsability for children until they spend some quality time with a qualified psychologist. In addition, given that the administraters have demonstrated an emotional age equal to or lower than that of the students, perhaps they should serve a few weeks of detention as well.
Were I one of the parents, I would probably petition for the administraters' immediate dismissal for incompetance.
This crap is nothing new (Score:5, Interesting)
They hadn't thought of that.
That bill didn't pass (only because an intelligent, well-spoken engineer gave the politicians some facts they chose not to ignore), but there always those that feel the need to increase the crime/punishment ratio to insane levels. Oh I know
You guys are missing THE most important facts. (Score:4, Insightful)
Re:Congrats (Score:2, Funny)
maybe the students coud end up making something better
yeah, with felony charges they may have the chance to learn how to make license plates...Re:Destroy all students (Score:2)
Excellent idea. You should show solidarity by destroying YOUR laptop as well. That would show them.