If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(NPR)   Students hack into school-issued iPads and start accessing not-educational programs and websites within a week   (npr.org) divider line 150
    More: Obvious, iPads, educations, web sites, high schools, Los Angeles Unified School District, University of Rhode Island, music streaming, ipad minis  
•       •       •

7467 clicks; posted to Main » on 27 Sep 2013 at 8:18 PM (48 weeks ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



150 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest
 
2013-09-27 07:57:06 PM
All they had to do was delete their personal profile. That's hardly a hack.
 
2013-09-27 08:10:42 PM
What a bunch of dumbasses at the school district.
 
2013-09-27 08:12:57 PM
One of my eighth-graders got me past the school's firewall when I needed to check my Facebook messages. God bless those kids. Then he says, "Hey Mr. ecmoRandomNumbers, can I check mine when you're done?"

"Sure."
 
2013-09-27 08:18:40 PM
What took them so long?
 
2013-09-27 08:19:29 PM
Who says you can't learn nothing in school?
 
2013-09-27 08:21:56 PM
"They told me Friday, 'I would do it for you because you're my friend,' " she says. "They told me that!"
If you weren't a friend, the hack would cost $2


$2.00 really, I bet they could easily charge $5, fire that school's Economics teacher.
 
2013-09-27 08:25:21 PM
FTA: The students are getting around software that lets school district officials know where the iPads are, and what the students are doing with them at all times.

So when is the FBI gonna check out all the nude pics of students, just like in Pennsylvania.

http://www.eweek.com/c/a/Security/School-District-Settles-Webcam-Spy in g-Litigation-802291/

/Chicken shiat FBI didn't want to set precedence so they walked away.
 
2013-09-27 08:28:13 PM
Having deployed enterprise ipads I am not surprised. Apple will let third party mdm solutions *monitor* a lot, but they wont let you *block* jack shiat.
 
2013-09-27 08:28:16 PM

Big Merl: What took them so long?


Must be an exceptionally dumb class. Either that or it took a week for the teachers to notice.
 
2013-09-27 08:29:29 PM
Pretty ingenious idea.  All joking aside, many argue that indoctrination starts in the schools...80% of teachers are usually left-leaning liberals, and they preach that in some form or another to their students.  Now I'm not trying to start a flamewar, but I bring up my primary point:  Very smart of Apple to get them going on ipads so early.  It brainwashes them into wanting those in the future, as opposed to the myriad of other options out there.  Clever!

/not a fanboi, but I do have an iphone.
//just an observation
 
2013-09-27 08:30:47 PM
My school had the network nanny on the computers in the library. 7th grade year, I figured out how to turn it off (logging into safe mode and uninstalling it worked too). My reason: Neopets. I wanted to play games during lunch.
 
2013-09-27 08:31:34 PM
The system needs to have a full OS that is locked out if they want full control of how the device is used. If it's software locked, someone will crack it
 
2013-09-27 08:31:48 PM

Fade2black: Very smart of Apple to get them going on ipads so early. It brainwashes them into wanting those in the future, as opposed to the myriad of other options out there.


Apple's been doing this for years in the mid-90s I could buy an apple desktop loaded with all kinds of great software through my college bookstore for less than the software would cost for a Windows machine.
 
2013-09-27 08:31:54 PM
On one side you have a handful of overworked, underpaid, inexperienced techies setting the security on these things.

On the other side you every teenage boy in Los Angeles wanting porn.

Guess who will always win?

Hell, I'm extremely experienced and highly confident of my skills.  I don't think I would win this little war.
 
2013-09-27 08:32:48 PM

Tom_Slick: "They told me Friday, 'I would do it for you because you're my friend,' " she says. "They told me that!"
If you weren't a friend, the hack would cost $2

$2.00 really, I bet they could easily charge $5, fire that school's Economics teacher.


No shiat... was getting $5 for a nicely written excuse slip 20 years ago!

/now I feel old... make me a cup of tea, put some lemon in it.
 
2013-09-27 08:34:47 PM
I wonder who will be responsible if they are lost or stolen? They are going to have bigger problem.
 
2013-09-27 08:37:51 PM

baorao: Having deployed enterprise ipads I am not surprised. Apple will let third party mdm solutions *monitor* a lot, but they wont let you *block* jack shiat.


Awesome! If I ever end up working for a megacorp, I'm going to insist on Apple products instead of the locked-down garbage they usually try to stick you with.
 
2013-09-27 08:41:54 PM

bojon: I wonder who will be responsible if they are lost or stolen? They are going to have bigger problem.


According to the article the kids can no longer take them home, hundreds of unattended iPads in an empty school building over a school holiday.  The area Pawn Shops better have some extra cash on hand on Black Friday.
 
2013-09-27 08:42:25 PM
My school district had a Novell network of dubious quality. I discovered that you could use Qbasic to drop down to a command prompt that allowed me to access all the files after dir / r command. I could see the files all the teachers had, but I couldn't modify them. I then discovered I could access printer across the whole school district. There was a panic when random printers would go mad, since I was feeding them random ASCII commands from something I'd made that looked like a screen saver that I'd run while at lunch. Remember, there's line feed and beep commands in there.

I didn't get verification until the next year when I was talking about the exploit amongst students from the other high school.
 
2013-09-27 08:43:16 PM
This is a perfect opportunity to teach personal responsibility.

Sadly, this opportunity will almost certainly be wasted.
 
2013-09-27 08:43:16 PM

Trocadero: Who says you can't learn nothing in school?


I don't think anyone with a brain with argue about learning exactly "nothing" in America's current liberal educational system.
 
2013-09-27 08:44:46 PM
Should have used Surfaces. Not only is the EFI really locked down (because I have heard no stories of anyone dual booting them with Android), but there aren't that many unapproved apps to worry about.
 
2013-09-27 08:47:34 PM

TheMega: Tom_Slick: "They told me Friday, 'I would do it for you because you're my friend,' " she says. "They told me that!"
If you weren't a friend, the hack would cost $2

$2.00 really, I bet they could easily charge $5, fire that school's Economics teacher.

No shiat... was getting $5 for a nicely written excuse slip 20 years ago!

/now I feel old... make me a cup of tea, put some lemon in it.


If $2 is the market rate, then hacking is not the cash cow I thought it was. Oh well. I was done with DOS commands anyway. So there.
 
2013-09-27 08:47:45 PM
A high school friend of mine made counterfeit hall passes. The only difference is that he used apostrophes correctly where the original did not.
 
2013-09-27 08:49:04 PM
i18.photobucket.com
 
2013-09-27 08:55:44 PM
Put Untangle or something on the gateway and by default it blocks porn sites.  Blocks a ton of crap, actually.  Put in the AUP that if they bring a mobile hotspot to bypass it, 3 day suspension.

Problem solved.
 
2013-09-27 08:57:40 PM
Far more impressed by the kids in Africa who were messing with Android within 5 months of their first exposure with a computer:


http://www.theregister.co.uk/2012/11/01/kids_learn_hacking_android/
 
2013-09-27 08:57:57 PM
Maybe there is hope for today's youth after all...
 
2013-09-27 09:01:23 PM

ka1axy: Maybe there is hope for today's youth after all...


Just don't ask what they were doing with it. Might ruin that hope.

/I do kinda dig iTunesU though.
 
2013-09-27 09:06:28 PM

Aristocles: Los Angeles Unified School District started issuing iPads to its students this school year, as part of a $30 million deal with Apple

Money well spent, CA. Money, well spent.


That is just phase 1. As it says in the article the LAUSD student population is huge and would be more than a lot of major cities.


Although I think it is way too early too judge.
 
2013-09-27 09:07:42 PM
Our high school locked us out of out own school's website for the entire first week of spring semester.
 
2013-09-27 09:08:41 PM
When I was a kid computers were easy to hack because they were just a hollow rock with a bird in it that pecked out crude symbols on slabs of rock.
 
2013-09-27 09:13:54 PM

sheep snorter: FTA: The students are getting around software that lets school district officials know where the iPads are, and what the students are doing with them at all times.

So when is the FBI gonna check out all the nude pics of students, just like in Pennsylvania.

http://www.eweek.com/c/a/Security/School-District-Settles-Webcam-Spy in g-Litigation-802291/

/Chicken shiat FBI didn't want to set precedence so they walked away.


I don't recall that being the FBI so much as Some Administrator, but regardless, you had video cameras always on accessible by someone else, what did you think was going to happen?!

I'd be hacking these iPads to turn off the tracking "features" ASAP, too. Good job, kids. Too bad you did it so you can access Facebook, though, way to stick it to the man there.... >.<
 
2013-09-27 09:14:06 PM

bojon: I wonder who will be responsible if they are lost or stolen? They are going to have bigger problem.


In Orange County (Florida) parents have to buy insurance for their kid to get an iPad. It's like $20/yr.

/used to work there in IT dept
//glad I don't anymore
 
2013-09-27 09:16:07 PM

Fade2black: 80% of teachers are usually left-leaning liberals.


upload.wikimedia.org
 
2013-09-27 09:20:13 PM

Tom_Slick: Fade2black: Very smart of Apple to get them going on ipads so early. It brainwashes them into wanting those in the future, as opposed to the myriad of other options out there.

Apple's been doing this for years in the mid-90s I could buy an apple desktop loaded with all kinds of great software through my college bookstore for less than the software would cost for a Windows machine.


That was the deal Apple had with /your/ college, maybe, but most places had deals with PC companies, either instead or in addition. When I was in college in the late 90s, Mac laptops were by no means cheaper than comparable PCs at the college bookstore.
 
2013-09-27 09:20:58 PM
This is insane. When I was in school they didn't even give us pens or paper. We had to get our own, and our parents had to pay out of pocket for it.

Other class-required things we paid for:

Uniforms
Swimsuits
Calculators
Padlocks
Lab Kits
Typing Paper
Correction Fluid
Pencils

And yet kids today get free iPads, and they take them for granted enough to fark with them.

Ungrateful little snots.
 
2013-09-27 09:22:13 PM
OMG! Unapproved, unauthorized use of curiosity/intelligence by students to solve problems? THANK GAWD that these administrators were able to discover this in time to thoroughly stamp out that type of behavior.
 
2013-09-27 09:28:21 PM
I hacked the school Macs back in highschool. This was back in the 90s so security was a joke. I knew more about the computers than the "expert" teachers who administered them. Anyone else remember Foolproof on the System 7 Macs? Boot floppy would bypass it completely, or load ResEdit and delete the Foolproof extension.
 
2013-09-27 09:34:12 PM
That's why when I was a network admin in a 9-12 charter school, I managed all filtering on the network level. All traffic was routed through a proxy via pfSense. There was MAC based authentication to allow or disallow access to any port or address. If it was on the white list it was allowed; if was disallowed they'd see a picture of  "billie the manatee" and the word 'PWN'D'.

God, they hated me... but my network was always up and the kids never saw a minute of porn. They'd say stuff like "Can't you just turn Facebook on for a little while, in the morning or at lunch?" or "All of my friends use SSL proxies, why don't those work here?"...
 
2013-09-27 09:39:23 PM

Saul T. Balzac: Fade2black: 80% of teachers are usually left-leaning liberals.

[upload.wikimedia.org image 300x163]


it's twue

content7.flixster.com
 
2013-09-27 09:41:36 PM
well that sounds like a huge waste of money and unnecessary distraction
 
2013-09-27 09:43:37 PM
Keep believing that giving these kids iPads and laptops will somehow turn them into techno-savvy geniuses.   It actually meant something in 1987 when a kid knew how to use a computer.  They were devices of production that had a steep learning curve, specialized skills knowledge, and basic understanding of the underlying technology.  Today, most people are using these devices for consumption purposes and a grandma can learn to use it in a day.  No understanding of the underlying technology is required to use it.    Folks, there are certain things that need to be learned in tangible, physical ways if one wants to understand inner-workings and inter-relationships.    You know, just because we can do something doesn't mean we should, and more is not better.   The fact that most kids latch strongly onto these learning tools is something we should question rather than accept as proof of legitimacy.  Even if the intended lesson is learned more quickly, what underlying lessons are lost by removing the physical environment including books, pencils, paper.
 
2013-09-27 09:47:36 PM
in the 90's we used Deepfreeze on the computers in my school lab

http://www.faronics.com/products/deep-freeze/enterprise/

worked pretty well, kids could do anything to the computer they wanted but on reboot it came back in standard configuration

also a network filter, that worked poorly, to keep "bad" sites off the schools computers

//was the campus IT guy/computer teacher
//retired
//walk on the lawn if you want, it's mostly dead anyway
 
2013-09-27 09:52:31 PM
I made the computer say Fart.
 
2013-09-27 09:53:53 PM

Aristocles: Los Angeles Unified School District started issuing iPads to its students this school year, as part of a $30 million deal with Apple

Money well spent, CA. Money, well spent.


Hey, CA was kicking tax money back to the job creators at Apple, instead of spending it on textbooks or classroom instructional materials. I think conservatives should love this idea. Don't be a hater.
 
2013-09-27 09:54:23 PM

Tom_Slick: Fade2black: Very smart of Apple to get them going on ipads so early. It brainwashes them into wanting those in the future, as opposed to the myriad of other options out there.

Apple's been doing this for years in the mid-90s I could buy an apple desktop loaded with all kinds of great software through my college bookstore for less than the software would cost for a Windows machine.


Yeah. We had nothing but Apple 2Es in my high school computer lab and that was 1985.
 
2013-09-27 09:58:31 PM
FTFA: But less than a week after getting their iPads, almost 200 of the districts' high school students found a way to bypass software blocks on the devices that limit what websites the students can use.

(*sigh*) Hey, at least the kids demonstrated initiative and figured out how to do something. They need those problem solving skills in today's world of fast food restaurants and nail salons..
 
2013-09-27 09:59:39 PM

baorao: Having deployed enterprise ipads I am not surprised. Apple will let third party mdm solutions *monitor* a lot, but they wont let you *block* jack shiat.


Yup.  What Apple MDM vendors say they can do: "We can make sure users are only using the specific applications you want them to!" What Apple MDM vendors actually mean: "We will let users download and use whatever they want, but we'll send them a mean message and threaten to wipe their phones if they don't remove the offending applications within four hours!" Yeah, thanks guys.  That's some tight securitah.
 
2013-09-27 10:09:17 PM
What's the big deal how they use them at home?  Trying to block sites on the device level seems like a misguided approach.  Just set up the WiFi connection at school to block the unwanted sites so that the kids can't play around in class, and let them use them for whatever reason at home.
 
2013-09-27 10:11:24 PM

MrEricSir: Big Merl: What took them so long?

Must be an exceptionally dumb class. Either that or it took a week for the teachers to notice.


Probably the latter, especially given the fact that the kids were initially allowed to take the iPads home. Actually, the kids probably had them hacked within three days, and it took the rest of the two weeks for someone to notice, report it to IT, IT to investigate and then for the school district to acknowledge the hack.
 
2013-09-27 10:11:52 PM

PrYgMMa: That's why when I was a network admin in a 9-12 charter school, I managed all filtering on the network level. All traffic was routed through a proxy via pfSense. There was MAC based authentication to allow or disallow access to any port or address. If it was on the white list it was allowed; if was disallowed they'd see a picture of  "billie the manatee" and the word 'PWN'D'.

God, they hated me... but my network was always up and the kids never saw a minute of porn. They'd say stuff like "Can't you just turn Facebook on for a little while, in the morning or at lunch?" or "All of my friends use SSL proxies, why don't those work here?"...


Pretty nice, but it sounds like these iPads were either cell enabled or allowed to hop on any available wireless network.  Students are allowed to take them home.
 
2013-09-27 10:12:39 PM
In the MacLCIII lab in my school, i was able to get around the "always-on-top" software screen and get into the real OS and play SimCity by simply rebooting and holding down the safe-mode keys or whatever and turing off that interface package, then boot back into the main OS.

The teacher asked me to teach him how to do it.
 
2013-09-27 10:13:54 PM

TuteTibiImperes: What's the big deal how they use them at home?  Trying to block sites on the device level seems like a misguided approach.  Just set up the WiFi connection at school to block the unwanted sites so that the kids can't play around in class, and let them use them for whatever reason at home.


maybe next year's students won't appreciate the previous years' students' splooge making the home button stick?
 
2013-09-27 10:14:16 PM

TuteTibiImperes: What's the big deal how they use them at home?


Well, these are the same admins that suspend kids from school from play fighting with toy guns... at home, on their own time, and in their own yards.
 
2013-09-27 10:15:11 PM

TuteTibiImperes: What's the big deal how they use them at home?  Trying to block sites on the device level seems like a misguided approach.  Just set up the WiFi connection at school to block the unwanted sites so that the kids can't play around in class, and let them use them for whatever reason at home.


Because if you give someone a device and they use it to do something bad like distribution of child porn, you are liable.
 
2013-09-27 10:15:55 PM
Whoever was in charge of configuring those devices should be fired on the spot.
 
2013-09-27 10:17:32 PM

TuteTibiImperes: What's the big deal how they use them at home?  Trying to block sites on the device level seems like a misguided approach.  Just set up the WiFi connection at school to block the unwanted sites so that the kids can't play around in class, and let them use them for whatever reason at home.


The school board probably wanted to ensure that the devices were for educational use only, regardless of location, and some sales guy figured he could sell additional software to meet that requirement.
 
2013-09-27 10:17:46 PM

kwame: TuteTibiImperes: What's the big deal how they use them at home?  Trying to block sites on the device level seems like a misguided approach.  Just set up the WiFi connection at school to block the unwanted sites so that the kids can't play around in class, and let them use them for whatever reason at home.

Because if you give someone a device and they use it to do something bad like distribution of child porn, you are liable.


That seems like a stretch.  Would the school be held liable if one of the kids beat somebody to death with a school issued textbook?  They could have the kids and parents sign something when the iPads are released releasing the school from any liability through unapproved use, or even go as far as to physically disable the cameras (scratch out the lenses or something) to prevent that if they're that worried.
 
2013-09-27 10:19:49 PM

TuteTibiImperes: kwame: TuteTibiImperes: What's the big deal how they use them at home?  Trying to block sites on the device level seems like a misguided approach.  Just set up the WiFi connection at school to block the unwanted sites so that the kids can't play around in class, and let them use them for whatever reason at home.

Because if you give someone a device and they use it to do something bad like distribution of child porn, you are liable.

That seems like a stretch.  Would the school be held liable if one of the kids beat somebody to death with a school issued textbook?  They could have the kids and parents sign something when the iPads are released releasing the school from any liability through unapproved use, or even go as far as to physically disable the cameras (scratch out the lenses or something) to prevent that if they're that worried.


It's not about making sense. That's the fact, and this is a very litigious country, especially when kids and their parents are involved.
 
2013-09-27 10:22:30 PM

PrYgMMa: That's why when I was a network admin in a 9-12 charter school, I managed all filtering on the network level. All traffic was routed through a proxy via pfSense. There was MAC based authentication to allow or disallow access to any port or address. If it was on the white list it was allowed; if was disallowed they'd see a picture of  "billie the manatee" and the word 'PWN'D'.

God, they hated me... but my network was always up and the kids never saw a minute of porn. They'd say stuff like "Can't you just turn Facebook on for a little while, in the morning or at lunch?" or "All of my friends use SSL proxies, why don't those work here?"...



Right?  There are apparently three people on the entire planet that know how to filter and protect a network.  It's rediculous.
 
2013-09-27 10:28:06 PM

ecmoRandomNumbers: One of my eighth-graders got me past the school's firewall when I needed to check my Facebook messages. God bless those kids. Then he says, "Hey Mr. ecmoRandomNumbers, can I check mine when you're done?"

"Sure."


Your a poor teacher. The correct response to that question is, "I'm not sure, but you MAY check your Facebook when I'm done."
 
2013-09-27 10:29:29 PM
*You're

*facepalm*
 
2013-09-27 10:32:44 PM

Burn_The_Plows: *You're

*facepalm*


Oops
 
2013-09-27 10:32:56 PM

skullkrusher: TuteTibiImperes: What's the big deal how they use them at home?  Trying to block sites on the device level seems like a misguided approach.  Just set up the WiFi connection at school to block the unwanted sites so that the kids can't play around in class, and let them use them for whatever reason at home.

maybe next year's students won't appreciate the previous years' students' splooge making the home button stick?


(iPads don't have buttons)
 
2013-09-27 10:44:13 PM

Gyrfalcon: skullkrusher: TuteTibiImperes: What's the big deal how they use them at home?  Trying to block sites on the device level seems like a misguided approach.  Just set up the WiFi connection at school to block the unwanted sites so that the kids can't play around in class, and let them use them for whatever reason at home.

maybe next year's students won't appreciate the previous years' students' splooge making the home button stick?

(iPads don't have buttons)


What in the hell do you call the square button at the bottom? Or the power button, the volume control, the lock button. . . .
 
2013-09-27 10:45:00 PM
So, is this a threepeat or a fourpeat?
 
2013-09-27 10:52:42 PM

TheMega: Tom_Slick: "They told me Friday, 'I would do it for you because you're my friend,' " she says. "They told me that!"
If you weren't a friend, the hack would cost $2

$2.00 really, I bet they could easily charge $5, fire that school's Economics teacher.

No shiat... was getting $5 for a nicely written excuse slip 20 years ago!

/now I feel old... make me a cup of tea, put some lemon in it.


I don't know... perhaps there were multiple students offering the unblock service and the competition drove the price down. Economics!
 
2013-09-27 10:56:35 PM

Fade2black: Pretty ingenious idea.  All joking aside, many argue that indoctrination starts in the schools...80% of teachers are usually left-leaning liberals, and they preach that in some form or another to their students.  Now I'm not trying to start a flamewar, but I bring up my primary point:  Very smart of Apple to get them going on ipads so early.  It brainwashes them into wanting those in the future, as opposed to the myriad of other options out there.  Clever!

/not a fanboi, but I do have an iphone.
//just an observation


Tried and true indoctrination. How do you think the Apple II made such inroads into the schools? This is just history repeating itself. They were a loss leader but the future students went Apple.
 
2013-09-27 11:03:32 PM

Peki: Gyrfalcon: skullkrusher: TuteTibiImperes: What's the big deal how they use them at home?  Trying to block sites on the device level seems like a misguided approach.  Just set up the WiFi connection at school to block the unwanted sites so that the kids can't play around in class, and let them use them for whatever reason at home.

maybe next year's students won't appreciate the previous years' students' splooge making the home button stick?

(iPads don't have buttons)

What in the hell do you call the square button at the bottom? Or the power button, the volume control, the lock button. . . .


splooge reservoirs
 
2013-09-27 11:04:53 PM

Burn_The_Plows: *You're

*facepalm*


Lulz.

I've burnt myself several times correcting the grammar of others. I know that feel.
 
2013-09-27 11:05:40 PM

Saul T. Balzac: Fade2black: 80% of teachers are usually left-leaning liberals.

[upload.wikimedia.org image 300x163]


In higher education, that claim is pretty much true.  http://www.insidehighered.com/news/2012/10/24/survey-finds-professors - already-liberal-have-moved-further-left

From what I've read on the politics of elementary school teachers, their politics closely matches the general population, so the above claim is not true for them.
 
2013-09-27 11:10:48 PM
We got past the Netnanny crap so easily in high school.

We went into Netscape (late 90s), File > Open > Browse, find the executable you wanted to run. Then we disabled the web proxy in the Netscape settings.

Was ridiculously easy.
 
2013-09-27 11:11:12 PM

kwame: Because if you give someone a device and they use it to do something bad like distribution of child porn, you are liable.


I see your post and call. Lay down your cards.

[citationneeded.jpg]
 
2013-09-27 11:22:51 PM
Ah yes. Breaking through the school districts "censored" crap on the computers was an old past time back in the day.

 Glad to see it's still going strong!

/but seriously if you want to teach IT in school, teach this. Not only will you discover the system weaknesses faster, but you'll make sure you actually get good IT guys.
 
2013-09-27 11:27:45 PM

sheep snorter: FTA: The students are getting around software that lets school district officials know where the iPads are, and what the students are doing with them at all times.

So when is the FBI gonna check out all the nude pics of students, just like in Pennsylvania.

http://www.eweek.com/c/a/Security/School-District-Settles-Webcam-Spy in g-Litigation-802291/

/Chicken shiat FBI didn't want to set precedence so they walked away.


Which is why the first day my step-daughter brought home her school-issued laptop, I disabled all remote access and disabled the webcam, and hooked it up to my desktop to look for back-door and spyware programs.
 
2013-09-27 11:40:44 PM
lol, weak, I used to format the c:\ drive and reinstall Windows 95/98 on computers in the tech lab back in High School. Just  had to game and their bs got in the way.
 
2013-09-27 11:42:30 PM

James10952001: I hacked the school Macs back in highschool. This was back in the 90s so security was a joke. I knew more about the computers than the "expert" teachers who administered them. Anyone else remember Foolproof on the System 7 Macs? Boot floppy would bypass it completely, or load ResEdit and delete the Foolproof extension.


They had Foolproof on the Windows machines we used, and that kind of shiat worked for a while until they wised up to it. Nothing a little format and reinstall wouldn't fix tho
 
2013-09-27 11:45:27 PM
saturn badger - I see your post and call. Lay down your cards.

I dunno about a citation, but at the school where I worked, they always gave the 8 graders (the seniors of this K-8 school) laptops. This particular year (after the advent of Myspace and Facebook), several of them started talking about how this one boy was a flaming f****t and so on, because he was a champion figure skater. When his parents (both attorneys) found out, they blamed...... THE SCHOOL! Because we were supposed to be able to control what the kids did with them while they were at home. As I understand it, the lawsuit is still on the table two years later.

So yeah, you can be held liable for stuff the kids do on anything the school gives them to use... even when they are nowhere near the darn school...
 
2013-09-27 11:52:03 PM
80% of teachers are usually left-leaning liberals


95% of idiotic statements are usually written by right-leaning right-whingers.
 
2013-09-27 11:57:55 PM
As someone who supports software on the iPad for LAUSD I'm getting a kick...

/fark you iPad for making me learn to live with Puffin.
 
2013-09-28 12:07:07 AM
See, and it goes right over people's heads why our students are failing at math, reading, and writing.
 
2013-09-28 12:20:38 AM

OgreMagi: Saul T. Balzac: Fade2black: 80% of teachers are usually left-leaning liberals.

[upload.wikimedia.org image 300x163]

In higher education, that claim is pretty much true.  http://www.insidehighered.com/news/2012/10/24/survey-finds-professors - already-liberal-have-moved-further-left


Sounds about right. Spend 30+ years accusing a profession of being liberal, attack their unions, slash funding, push them to teach Creationism, monitor their curriculum for 'bias', refer to students pursuing higher education as "snobs", second guess climate science, and throw a raging fit whenever a holiday is renamed something all-inclusive... and the members just might crystallize their political opposition to a party.

Seems like a bad idea to make enemies with the people whom next generation's voter base are required by law to listen to for thirty hours per week. Of course it's only a theory -- if it were true the Republicans would be facing some kind of electoral losing streak....

As for school iPads, LAUSD got them for the same reason any parent with toddlers buys one: to shut that little monster up so you can enjoy your alone time. Nevermind next year half will have cracked screens and graffiti carved in the back.
 
2013-09-28 12:24:36 AM
Meh. Back when dinosaurs roamed the earth and all we had were 5.25" floppies, I remember playing Thexder back in high school in the back of the class while the teacher was teaching the non-computer geek kids about Logo.
 
2013-09-28 12:26:05 AM
Here is the L.A.Times article, more like a Billion dollars

By Howard Blume
September 26, 2013, 9:23 p.m.
Los Angeles school district officials are trying to track down 71 missing iPads - including 69 from one campus - but said Thursday that new security measures are designed to frustrate future thefts.
Officials also acknowledged that student hacking of an iPad security system last week was more widespread than originally reported by the district.
The lost devices are among iPads used last year in a 13-school trial run of the Apple tablets. Since then, the L.A. Unified School District has launched a $1-billion program to equip every student in the nation's second-largest school system with the devices.
Central to the effort are security measures to keep track of the tablets, which cost nearly $700 apiece and were intended to be sent home with students.
The loss of last year's tablets is not an omen of things to come, but rather an experience that has resulted in stronger safeguards, said Lt. Jose Santome of the school district's Police Department.
"We have a very vigorous control for this rollout," Santome said. "We know what's going out and deployed on every campus."
In addition, five of the new iPads - out of about 14,000 so far distributed - disappeared, although one of those was subsequently recovered, Santome said.
The problem last year was most acute at the Valley Academy of Arts and Sciences in Granada Hills. Administrators distributed about 1,200 iPads there last year. At the end of the year, 69 did not come back.
The district was not able to respond quickly last year for several reasons, Santome said. First, officials needed to sort through storage carts to determine whether any iPads had ended up on the wrong one, for example, or whether two of the devices were placed into a storage slot meant for one. Then the district had to tabulate serial numbers for every computer to determine which ones were missing.
Ultimately, the district was able to link missing iPads to the students to whom they had been assigned. Investigators are in the process of interviewing those students.
But that's unlikely to resolve what happened. If students claim they turned in their device, the district may have no way to prove otherwise, Santome said.
He added that the district has addressed security shortcomings. Global positioning software can now be activated for every tablet. And an electronic inventory system is supposed to register at all times who is currently responsible for a particular iPad. The district also can shut down iPads that are reported as stolen.
Last week's hacking episode involved a different sort of security breach: high school students gaining access to unauthorized websites.
In interviews, students said they had been disappointed at their inability to get to social networking and music streaming sites, and they quickly figured out how to delete safeguards. As a result, students were able to visit any website when they used the tablets off campus.
In response, L.A. schools Supt. John Deasy has temporarily banned the home use of district iPads.
L.A. Unified knew immediately which students took their iPads out of the filtering system, chief information officer Ronald Chandler said. Officials still are weighing how best to provide sufficient but secure Internet access.
When the hacking came to light Tuesday, the district announced that 185 students had been involved. The current figures are 260 students at Roosevelt High in Boyle Heights, 10 students from Angelou Community High School in South Park and 70 at Westchester High.
Early reports indicated that Valley Academy students were also involved, but a district spokeswoman was unable to confirm that Thursday.
A student government representative at Westchester said the district count for his campus still sounded too low. He said administrators reported to students that 160 of their classmates were involved. The student requested anonymity because he was afraid of getting into trouble for having taken part in the unapproved Web access.
ho­w­ard*blume[nospam-﹫-backwards]s­e­mit­al*co­m
 
2013-09-28 12:26:49 AM
Hacking? Nah, not with an iPad.

farm3.staticflickr.com
 
2013-09-28 12:32:40 AM

ZeroCorpse: This is insane. When I was in school they didn't even give us pens or paper. We had to get our own, and our parents had to pay out of pocket for it.

Other class-required things we paid for:

Uniforms
Swimsuits
Calculators
Padlocks
Lab Kits
Typing Paper
Correction Fluid
Pencils

And yet kids today get free iPads, and they take them for granted enough to fark with them.

Ungrateful little snots.


THIS.
 
2013-09-28 12:35:25 AM

Benevolent Misanthrope: What a bunch of dumbasses at the school district.


This.

Hi there-- I'm the network administrator for a school district. I didn't read the article, but I don't need to. A neighboring school district caved in to teachers screaming for iPads for the students. It's been two years and they're pulling them back and starting from scratch. Why? Because they don't know how to use them properly, they don't know how to manage them, and student grades over the two year span, overall, have dropped. Apple was using them as a model district but, well, they kinda don't talk about them any longer. It's not Apple's fault, though. But hey-- it certainly doesn't help them sell, right? (I like Apple for the most part... that's not the issue here).

We love to provide new technology to our faculty and students. But we like to do two things before we do it. First, we ask "why?"  If we don't get a good answer, we don't do it. Ask any teacher screaming for an iPad  "why" and you'll get a blank stare. Maybe they'll say something along the lines of "B..b..b..but TECHNOLOGY in the classroom!"  It's all horseshiat. But if they do give us a sound reason they want something (Google Apps for Education is a good example) we'll jump to it. The second this we do is make sure the infrastructure, security, and management is in place before anyone gets anything. The district wants BYOD to start as soon as possible. So this past summer we got all the budget money we could and we outfitted the entire district with a high-end, centrally-controlled wireless network with separate student and staff networks.

The real issue is competent folks are hard to come by when working in a municipality. A different neighboring town came to meet with us to see how we run our department because they have a total mess on their hands right now. The town IT department and the school IT department are two unique groups. The town IT director owns all the switches used at the schools because the town's WAN goes through them as well. So he has locked the school's IT group out of the switches and BILLS their department if he has to upgrade the firmware or make a settings change. Think about how ridiculous that is.

Bottom line? It's  a mess in here. We run a tight ship, but the people at the helm (Superintendent, Teacher's Union) do everything they can to steer us into the rocks simply because they don't know what they're doing when it comes to technology, and they insist that they're the ones with the final say on how the money gets spent. It is FAR, far worse than the corporate world, which I am going back to very shortly. It has its drawbacks too, I know, but salary ain't one of them.
 
2013-09-28 12:35:50 AM
The original theory behind giving the students an iPad was that it'd replace text books. However, as we see, students are a bit more creative than numbskull IT dudes working for LAUSD. Therefore, the iPads cannot be taken home now. How are the chilluns supposed to study at home now? (not that they would in the first place, but let's pretend).

Oh, and Apple is on the first 5% of loss/damage/stolen iPads, no word on what happens after that.
 
2013-09-28 12:46:13 AM

dj_bigbird: The original theory behind giving the students an iPad was that it'd replace text books. However, as we see, students are a bit more creative than numbskull IT dudes working for LAUSD. Therefore, the iPads cannot be taken home now. How are the chilluns supposed to study at home now? (not that they would in the first place, but let's pretend).

Oh, and Apple is on the first 5% of loss/damage/stolen iPads, no word on what happens after that.


If these things were supposed to replace textbooks, the kids would be given first-generation Kindles, not thousand dollar tablet entertainment centers.
 
2013-09-28 12:55:17 AM

fusillade762: All they had to do was delete their personal profile. That's hardly a hack.



Interesting. Please expand.
 
2013-09-28 12:56:00 AM

the_chief: I made the computer say Fart.


>10 PRINT "Fart! ";
>20 GOTO 10

RUN
 
2013-09-28 12:58:19 AM

HotWingAgenda: dj_bigbird: The original theory behind giving the students an iPad was that it'd replace text books. However, as we see, students are a bit more creative than numbskull IT dudes working for LAUSD. Therefore, the iPads cannot be taken home now. How are the chilluns supposed to study at home now? (not that they would in the first place, but let's pretend).

Oh, and Apple is on the first 5% of loss/damage/stolen iPads, no word on what happens after that.

If these things were supposed to replace textbooks, the kids would be given first-generation Kindles, not thousand dollar tablet entertainment centers.


they were theoretically supposed to be able to use interactive content, too.
 
2013-09-28 01:06:02 AM

dj_bigbird: HotWingAgenda: dj_bigbird: The original theory behind giving the students an iPad was that it'd replace text books. However, as we see, students are a bit more creative than numbskull IT dudes working for LAUSD. Therefore, the iPads cannot be taken home now. How are the chilluns supposed to study at home now? (not that they would in the first place, but let's pretend).

Oh, and Apple is on the first 5% of loss/damage/stolen iPads, no word on what happens after that.

If these things were supposed to replace textbooks, the kids would be given first-generation Kindles, not thousand dollar tablet entertainment centers.

they were theoretically supposed to be able to use interactive content, too.


Communism and the US Electoral College are some other examples of things that were supposed to work in theory.
 
2013-09-28 01:08:56 AM

Fade2black: Pretty ingenious idea.  All joking aside, many argue that indoctrination starts in the schools...80% of teachers are usually left-leaning liberals, and they preach that in some form or another to their students.  Now I'm not trying to start a flamewar, but I bring up my primary point:  Very smart of Apple to get them going on ipads so early.  It brainwashes them into wanting those in the future, as opposed to the myriad of other options out there.  Clever!

/not a fanboi, but I do have an iphone.
//just an observation


Back in the 80s and early 90s all of the schools only had apple computers for that very reason.
 
2013-09-28 01:10:09 AM

WordyGrrl: TheMega: Tom_Slick: "They told me Friday, 'I would do it for you because you're my friend,' " she says. "They told me that!"
If you weren't a friend, the hack would cost $2

$2.00 really, I bet they could easily charge $5, fire that school's Economics teacher.

No shiat... was getting $5 for a nicely written excuse slip 20 years ago!

/now I feel old... make me a cup of tea, put some lemon in it.

If $2 is the market rate, then hacking is not the cash cow I thought it was. Oh well. I was done with DOS commands anyway. So there.


Contrary to what Hollywood has told you, using DOS is not "hacking".
 
2013-09-28 01:14:31 AM

PrYgMMa: That's why when I was a network admin in a 9-12 charter school, I managed all filtering on the network level. All traffic was routed through a proxy via pfSense. There was MAC based authentication to allow or disallow access to any port or address. If it was on the white list it was allowed; if was disallowed they'd see a picture of  "billie the manatee" and the word 'PWN'D'.

God, they hated me... but my network was always up and the kids never saw a minute of porn. They'd say stuff like "Can't you just turn Facebook on for a little while, in the morning or at lunch?" or "All of my friends use SSL proxies, why don't those work here?"...


Ur so hardcore. A regular keyboard cowboy.
 
2013-09-28 01:18:03 AM
 
2013-09-28 01:33:04 AM

fusillade762: American Decency Association: fusillade762: All they had to do was delete their personal profile. That's hardly a hack.

Interesting. Please expand.

It's in the linked story:

Roosevelt students matter-of-factly explained their technique Tuesday outside school. The trick, they said, was to delete their personal profile information. With the profile deleted, a student was free to surf.


sorry, i missed that.  this must be a reference to the MDM app installed, as iOS has no facility for user profiles.  as mentioned above, MDM enforcement of  iOS devices is more about monitoring and less about locking things down

Many moons ago, Google translate could be used to avoid site blocking... translate english to english
 
2013-09-28 02:51:22 AM
Why are we giving students iPads?  You can't actually do any work on an iPad.  They are for entertainment purposes only.
 
2013-09-28 03:09:54 AM

fusillade762: All they had to do was delete their personal profile. That's hardly a hack.


A hack doesn't have to be obscure to be a hack.  Most of the best cracks are simple shiat like this.
 
2013-09-28 03:15:46 AM

Fade2black: Pretty ingenious idea.  All joking aside, many argue that indoctrination starts in the schools...80% of teachers are usually left-leaning liberals, and they preach that in some form or another to their students.  Now I'm not trying to start a flamewar, but I bring up my primary point:  Very smart of Apple to get them going on ipads so early.  It brainwashes them into wanting those in the future, as opposed to the myriad of other options out there.  Clever!

/not a fanboi, but I do have an iphone.
//just an observation


They started with Apple IIe
 
2013-09-28 03:39:05 AM

Jim_Callahan: fusillade762: All they had to do was delete their personal profile. That's hardly a hack.

A hack doesn't have to be obscure to be a hack.  Most of the best cracks are simple shiat like this.


Nope.
 
2013-09-28 03:45:26 AM
Yeah, because it would really be bad if people under 18 could access the Internet. Just look what happened after we started letting them use phones in the 50s.
 
2013-09-28 03:48:07 AM

Fade2black: Pretty ingenious idea.  All joking aside, many argue that indoctrination starts in the schools...80% of teachers are usually left-leaning liberals, and they preach that in some form or another to their students.  Now I'm not trying to start a flamewar, but I bring up my primary point:  Very smart of Apple to get them going on ipads so early.  It brainwashes them into wanting those in the future, as opposed to the myriad of other options out there.  Clever!

/not a fanboi, but I do have an iphone.
//just an observation


Um. Old tactic: create a market for a product where there was none. This is how Macs became ubiquitous in schools in the first place, zo it's not surprising to see distribution continue. But smart of you to bring it up, Ric, just so you could fire off a bit of right-wing derp. Clever!
 
2013-09-28 04:17:12 AM

Pincy: Why are we giving students iPads?  You can't actually do any work on an iPad.  They are for entertainment purposes only.


This.

I would think that a Windows based laptop or a windows 8 based tab would be a lot easier to lock down and would be a lot more productive for education.
 
2013-09-28 04:36:13 AM

ecmoRandomNumbers: One of my eighth-graders got me past the school's firewall when I needed to check my Facebook messages. God bless those kids. Then he says, "Hey Mr. ecmoRandomNumbers, can I check mine when you're done?"

"Sure."


No wonder kids these days have shaitty work ethics.
 
2013-09-28 04:37:24 AM

ongbok: I would think that a Windows based laptop or a windows 8 based tab would be a lot easier to lock down


School isn't really about work (or learning, or education). It's mostly about waiting around waiting for other people to do shiat. So an entertainment device is probably a net benefit.
 
2013-09-28 04:39:20 AM

baorao: Apple will let third party mdm solutions *monitor* a lot, but they wont let you *block* jack shiat.


Apple wants people to like and buy the iPad. Solutions that block things are typically contrary to Apple's goals, even if the administrator has other goals.
 
2013-09-28 04:43:23 AM

PrYgMMa: If it was on the white list it was allowed; if was disallowed they'd see a picture of  "billie the manatee" and the word 'PWN'D'.


And if they used a DNS proxy you were PWN'D and they were too smart to brag about it.

99% of networks that allow any Internet access allow unfiltered DNS queries (via a proxy or directly). It's a bit slow, but it's far and away the most reliable method to smuggle data across an uncharacterized firewall/proxy/filter.
 
2013-09-28 05:40:26 AM

Billy Bathsalt: 80% of teachers are usually left-leaning liberals


95% of idiotic statements are usually written by right-leaning right-whingers.


114% of statistics are made up on the spot!
 
2013-09-28 05:45:43 AM

ornithopter: Billy Bathsalt: 80% of teachers are usually left-leaning liberals


95% of idiotic statements are usually written by right-leaning right-whingers.

114% of statistics are made up on the spot!



It was my understanding that there would be no math.
 
2013-09-28 06:26:12 AM

ecmoRandomNumbers: Burn_The_Plows: *You're

*facepalm*

Lulz.

I've burnt myself several times correcting the grammar of others. I know that feeling.


/FIFY
 
2013-09-28 06:45:09 AM
This brings back bad memories....

Everyone always paints this image of super-hax0r teens that can't be stopped.  The truth is, it's just gross incompetence among our 'professionals' tasked with managing the school's IT.
 
2013-09-28 06:59:01 AM

sethen320: WordyGrrl: TheMega: Tom_Slick: "They told me Friday, 'I would do it for you because you're my friend,' " she says. "They told me that!"
If you weren't a friend, the hack would cost $2

$2.00 really, I bet they could easily charge $5, fire that school's Economics teacher.

No shiat... was getting $5 for a nicely written excuse slip 20 years ago!

/now I feel old... make me a cup of tea, put some lemon in it.

If $2 is the market rate, then hacking is not the cash cow I thought it was. Oh well. I was done with DOS commands anyway. So there.

Contrary to what Hollywood has told you, using DOS is not "hacking".


Legally speaking - 'anything' can be hacking.  It's largely about intent.  For example - let's say you log into your new bank and see that the URL is
www.YourBank.com/Accounts/Account7

And you think - gee, that's odd.  Account7?  Huh.  I wonder what happens if I go to
www.YourBank.com/Accounts/Account8

*THAT* is hacking.

It's absurd.  It's ridiculous.  But YOU knowingly, and willfully tried to circumvent the existing protections and access ANOTHER ACCOUNT.  It doesn't matter if the 'existing protection' was as simple as not sending you to that URL - you modified the URL.  It doesn't matter that browsers are meant to visit URLs either.  Sadly, I'm not joking.  They'll say that 'Stealing is stealing, it doesn't matter if the door is unlocked' and they'll ruin your life just the same.

I was pulled into the Principal's office in high school, along with my computer class teacher, and some guy from the district I'd never seen before.  I had to explain what 'Changing the resolution' was and why I did it.  I'm not making this up.  I'd written a program, in my programming class, that would change my resolution because 800x600 was a lot nicer than 640x480 for writing code.  This was one of my 'hacking crimes'.  I explained, as calmly as I could; that the resolution was 'how many pixels were on the screen'.  And if I had a higher resolution, it gave me 'more space to work with'.

The principal listened as told my tale.  When I'd finished, she waited some more.  Her face was turning more and more visibly angry.  Finally she said, 'SO YOU WERE SEEING PARTS OF THE SCREEN THAT STUDENTS WERE NOT SUPPOSED TO SEE?!'

*facepalm*

Nothing I did or said, would convince them otherwise.  It was exactly like the horror stories you hear about involving police.  'Never say anything!' - and it was true.  Every single thing I said was just an opportunity for them to twist my words.  To anyone who understands anything about computers, it is obviously ridiculous....but it didn't matter.  Clueless people with power aren't in the practice of admitting they are clueless.   These were the people tasked with educating the future generation (IL school district 211).

The laws are written in such a way that ANYTHING is hacking.
 
2013-09-28 07:02:32 AM

Fade2black: Now I'm not trying to start a flamewar, but

...

You're sounding like one of those "I'm not racist, but..." folks.
 
2013-09-28 07:56:51 AM

Tom_Slick: "They told me Friday, 'I would do it for you because you're my friend,' " she says. "They told me that!"
If you weren't a friend, the hack would cost $2

$2.00 really, I bet they could easily charge $5, fire that school's Economics teacher.


Came here to say this.  If the hack is a one-time-per-device thing, you could charge $10 or $20 if you're the only person who knows how to do it.  If it's easily copied or repeated, give up all hope of making money off of it.

I got my first taste of piracy in 10th grade chemistry, making TI-83 calculator programs with cheat sheets on them.  I'd only ever sell 2 or 3 copies but the whole class would have them.
 
2013-09-28 09:12:15 AM

Fade2black: Very smart of Apple to get them going on ipads so early.


This isn't new.  Apple has had deals with schools since the IIe days.  Of course for me Apples sucked so bad while I was in school it cemented my aversion to them. (IIe, Power MAC, iMAC's all sucked).  Now that Apple doesn't suck it might prove to finally pay off.
 
2013-09-28 09:16:46 AM

DrBrownCow: Keep believing that giving these kids iPads and laptops will somehow turn them into techno-savvy geniuses.   It actually meant something in 1987 when a kid knew how to use a computer.  They were devices of production that had a steep learning curve, specialized skills knowledge, and basic understanding of the underlying technology.  Today, most people are using these devices for consumption purposes and a grandma can learn to use it in a day.  No understanding of the underlying technology is required to use it.    Folks, there are certain things that need to be learned in tangible, physical ways if one wants to understand inner-workings and inter-relationships.    You know, just because we can do something doesn't mean we should, and more is not better.   The fact that most kids latch strongly onto these learning tools is something we should question rather than accept as proof of legitimacy.  Even if the intended lesson is learned more quickly, what underlying lessons are lost by removing the physical environment including books, pencils, paper.


You forgot to yell at the kids to get off your lawn.
 
gja [TotalFark]
2013-09-28 10:07:27 AM

WinoRhino: The town IT director owns all the switches used at the schools because the town's WAN goes through them as well. So he has locked the school's IT group out of the switches and BILLS their department if he has to upgrade the firmware or make a settings change.


LOL. It would take me about 1 minute to do a recovery on those switches and I could hand you the new password on a platter.
This procedure is well known and well documented. It is also a basic skill anyone who has spent any time in infrastructure possesses.
You need better I.T. folks. I am not jesting in the least.

Then you kick the directors' little Napoleonic ass to the curb. And let him know that using that tactic will get him on the wrong side of a lawsuit.

profplump: PrYgMMa: If it was on the white list it was allowed; if was disallowed they'd see a picture of  "billie the manatee" and the word 'PWN'D'.

And if they used a DNS proxy you were PWN'D and they were too smart to brag about it.

99% of networks that allow any Internet access allow unfiltered DNS queries (via a proxy or directly). It's a bit slow, but it's far and away the most reliable method to smuggle data across an uncharacterized firewall/proxy/filter.


This is true.
Most nets I put together end up with a Packeteer style device, and Websense or something equal to it. Also, a SEIM system and full capture capability.
You try that crap on one of my networks and you trigger an event. The event triggers a capture. The capture gets analyzed by the SEIM engine. The SEIM engine sends me your MAC and IP. My switch control tells me which port you are on, (or which AP you are associated with, and your location), and then you have my face in yours. Quickly.
 
2013-09-28 10:13:11 AM

zzottt: The system needs to have a full OS that is locked out if they want full control of how the device is used. If it's software locked, someone will crack it


Full control of an Apple device? lol. They don't even give you that from the factory.
 
2013-09-28 10:19:19 AM

ZzeusS: Put Untangle or something on the gateway and by default it blocks porn sites.  Blocks a ton of crap, actually.  Put in the AUP that if they bring a mobile hotspot to bypass it, 3 day suspension.

Problem solved.


A cell phone is a "mobile hotspot"
 
2013-09-28 10:40:53 AM
Why is reporting so difficult anymore? It took me way to long to find anyone reporting on what the district had in place that was bypassed.

Found it here:  http://arstechnica.com/apple/2013/09/students-gleefully-teach-admins- t hat-mobile-device-management-is-hard/

The district was using simple ActiveSync profiles instead of an enterprise MDM.
 
gja [TotalFark]
2013-09-28 10:47:35 AM

StevieKo: ZzeusS: Put Untangle or something on the gateway and by default it blocks porn sites.  Blocks a ton of crap, actually.  Put in the AUP that if they bring a mobile hotspot to bypass it, 3 day suspension.

Problem solved.

A cell phone is a "mobile hotspot"


And all wireless systems I install have rogue AP detection and containment.

Why don't all WLANs include this? I don't know, but mine sure do.

That cellphone hotspot is useless within range of the WLANs I run.
Now, using the cellphone via USB? That's another story completely. I a corporate device is setup so sloppily to allow unauthorized devices then that I.T. team are losers.
 
2013-09-28 10:48:24 AM

gja: WinoRhino: The town IT director owns all the switches used at the schools because the town's WAN goes through them as well. So he has locked the school's IT group out of the switches and BILLS their department if he has to upgrade the firmware or make a settings change.

LOL. It would take me about 1 minute to do a recovery on those switches and I could hand you the new password on a platter.
This procedure is well known and well documented. It is also a basic skill anyone who has spent any time in infrastructure possesses.
You need better I.T. folks. I am not jesting in the least.

Then you kick the directors' little Napoleonic ass to the curb. And let him know that using that tactic will get him on the wrong side of a lawsuit.

profplump: PrYgMMa: If it was on the white list it was allowed; if was disallowed they'd see a picture of  "billie the manatee" and the word 'PWN'D'.

And if they used a DNS proxy you were PWN'D and they were too smart to brag about it.

99% of networks that allow any Internet access allow unfiltered DNS queries (via a proxy or directly). It's a bit slow, but it's far and away the most reliable method to smuggle data across an uncharacterized firewall/proxy/filter.

This is true.
Most nets I put together end up with a Packeteer style device, and Websense or something equal to it. Also, a SEIM system and full capture capability.
You try that crap on one of my networks and you trigger an event. The event triggers a capture. The capture gets analyzed by the SEIM engine. The SEIM engine sends me your MAC and IP. My switch control tells me which port you are on, (or which AP you are associated with, and your location), and then you have my face in yours. Quickly.


But why?

//Seriously, this is part blame on "people should be responsible with the web at work" and part "network admins are insufferable data trolls".
///Nee
 
2013-09-28 11:19:32 AM

James10952001: I hacked the school Macs back in highschool. This was back in the 90s so security was a joke. I knew more about the computers than the "expert" teachers who administered them. Anyone else remember Foolproof on the System 7 Macs? Boot floppy would bypass it completely, or load ResEdit and delete the Foolproof extension.


I fail to see how ResEdit would have helped you in that situation...

However, holding down shift to keep turn them off? That sounds better....
 
2013-09-28 11:28:37 AM
If they wanted to prepare students for the real world, they would train them on actual business machines, not toys. This isn't about education, this is about Apple's market share.
 
gja [TotalFark]
2013-09-28 11:30:16 AM

italie: gja: WinoRhino: The town IT director owns all the switches used at the schools because the town's WAN goes through them as well. So he has locked the school's IT group out of the switches and BILLS their department if he has to upgrade the firmware or make a settings change.

LOL. It would take me about 1 minute to do a recovery on those switches and I could hand you the new password on a platter.
This procedure is well known and well documented. It is also a basic skill anyone who has spent any time in infrastructure possesses.
You need better I.T. folks. I am not jesting in the least.

Then you kick the directors' little Napoleonic ass to the curb. And let him know that using that tactic will get him on the wrong side of a lawsuit.

profplump: PrYgMMa: If it was on the white list it was allowed; if was disallowed they'd see a picture of  "billie the manatee" and the word 'PWN'D'.

And if they used a DNS proxy you were PWN'D and they were too smart to brag about it.

99% of networks that allow any Internet access allow unfiltered DNS queries (via a proxy or directly). It's a bit slow, but it's far and away the most reliable method to smuggle data across an uncharacterized firewall/proxy/filter.

This is true.
Most nets I put together end up with a Packeteer style device, and Websense or something equal to it. Also, a SEIM system and full capture capability.
You try that crap on one of my networks and you trigger an event. The event triggers a capture. The capture gets analyzed by the SEIM engine. The SEIM engine sends me your MAC and IP. My switch control tells me which port you are on, (or which AP you are associated with, and your location), and then you have my face in yours. Quickly.

But why?

//Seriously, this is part blame on "people should be responsible with the web at work" and part "network admins are insufferable data trolls".
///Nee


You ask "But why?".
Because I work somewhere that has tremendous governmental oversight and regulation. If we fail to do our job or prove that we are doing our jobs we are DONE.
It isn't unheard of to do time for a serious breach in my sector, certainly huge fines and a ruined career and name is on the menu.
Besides, the company I work for has custody and access to personal info for tens of thousands of folks just like you and me. All those people have a right to expect I do my damned job.

I am not an insufferable data troll.
I have the limits set to where it takes something that adds unacceptable risk to the company before you get facetime from me.
This allows me to say to the auditors "Yes, we are doing the right thing and I can prove it."
If you work with me you come to know I allow no exception for myself either. I respect the same rules as all my coworkers. I am even-handed and fair.

These schools need to approach security in the same manner. We have a right to expect our children are protected from undue risk, and we also have a responsibility as their elders to show them we will enforce limits and boundaries on them. Because in a civilized society people need to obey certain rules and laws or it all goes to crap. Kids need to be shown there is a reasonable degree of authority they must respect. REASONABLE, not overbearing.
Keeping them focused on scholastics while in school is reasonable. Making certain their info systems are secure and hold them to certain boundaries is reasonable.

And I am not an "admin", more of an enterprise architect. Security and risk mgmt usually ends up in my lap because of my experience and ability to be diplomatically firm. Comes with age I suppose. The old fatherly touch.
 
2013-09-28 11:39:47 AM

bojon: I wonder who will be responsible if they are lost or stolen? They are going to have bigger problem.


About 2 dozen are already 'missing'.
The LAUSD is already drowning in red ink and they buy stupid crap like this.
 
2013-09-28 11:47:19 AM

Saul T. Balzac: Fade2black: 80% of teachers are usually left-leaning liberals.

[upload.wikimedia.org image 300x163]


On the right, Gross estimates that economic conservatives comprise just 4 percent of academia, and that 23 percent of academics are social and pro-military conservatives.

Taken from a left leaning article that attempts to say that even if education is overrun with liberals it's no big deal.

http://www.motherjones.com/politics/2013/04/higher-education-liberal -r esearch-indoctrination
 
2013-09-28 11:51:55 AM

PrYgMMa: That's why when I was a network admin in a 9-12 charter school, I managed all filtering on the network level. All traffic was routed through a proxy via pfSense. There was MAC based authentication to allow or disallow access to any port or address. If it was on the white list it was allowed; if was disallowed they'd see a picture of  "billie the manatee" and the word 'PWN'D'.

God, they hated me... but my network was always up and the kids never saw a minute of porn. They'd say stuff like "Can't you just turn Facebook on for a little while, in the morning or at lunch?" or "All of my friends use SSL proxies, why don't those work here?"...


Most sys admins don't want to put in that much work.
We're a Windows shop at work and boy do I love me some GPO control and network level security :)
 
2013-09-28 12:18:39 PM

Tom_Slick: Fade2black: Very smart of Apple to get them going on ipads so early. It brainwashes them into wanting those in the future, as opposed to the myriad of other options out there.

Apple's been doing this for years in the mid-90s I could buy an apple desktop loaded with all kinds of great software through my college bookstore for less than the software would cost for a Windows machine.


Wow, because when I went to college in the mid 90s my college bookstore not only had apples at discount prices, but ibm pcs at discount prices, but also every MS product at *gasp* discount prices.
 
2013-09-28 12:19:45 PM

OgreMagi: On one side you have a handful of overworked, underpaid, inexperienced techies setting the security on these things.

On the other side you every teenage boy in Los Angeles wanting porn.

Guess who will always win?

Hell, I'm extremely experienced and highly confident of my skills.  I don't think I would win this little war.


This. And then you have good students who want to take ten-minute breaks or internet surf after getting their work done. I only learned about proxies and how to ask friends for hacks because my school's idiot admin kept blocking all the sites I used to unwind.
 
2013-09-28 12:32:41 PM

gja: LOL. It would take me about 1 minute to do a recovery on those switches and I could hand you the new password on a platter.
This procedure is well known and well documented. It is also a basic skill anyone who has spent any time in infrastructure possesses.
You need better I.T. folks. I am not jesting in the least.

Then you kick the directors' little Napoleonic ass to the curb. And let him know that using that tactic will get him on the wrong side of a lawsuit.


You misunderstood-- that's not my district. That's the neighboring town's situation. It's somewhat the opposite where we are. My boss, the IT director for the schools, and myself (net admin) have everything well in hand. Like them, our town also has segregated IT departments: one for the school district and one for the town buildings. The town has completely lost faith in their IT department, and a few buildings simply do not let them touch their equipment any longer. The public safety building has locked them out, and the veteran's affairs building just calls the school IT department (me) when they have issues. Inept doesn't even begin to describe them. They call consultants to upgrade firmware. Their idea of providing wireless for the town hall was to plug in a Linksys router with no security on it.  They never change any of the default passwords on their devices either (routers, switches, etc).
 
2013-09-28 01:22:55 PM
Must be a short bus school, if it took that long.
 
2013-09-28 01:33:42 PM

drdonks: Far more impressed by the kids in Africa who were messing with Android within 5 months of their first exposure with a computer:


http://www.theregister.co.uk/2012/11/01/kids_learn_hacking_android/


Not really. What they did was minor and kids 25+ years ago were doing a lot more with a lot less.
 
2013-09-28 03:23:45 PM

gja: italie: gja: WinoRhino: The town IT director owns all the switches used at the schools because the town's WAN goes through them as well. So he has locked the school's IT group out of the switches and BILLS their department if he has to upgrade the firmware or make a settings change.

LOL. It would take me about 1 minute to do a recovery on those switches and I could hand you the new password on a platter.
This procedure is well known and well documented. It is also a basic skill anyone who has spent any time in infrastructure possesses.
You need better I.T. folks. I am not jesting in the least.

Then you kick the directors' little Napoleonic ass to the curb. And let him know that using that tactic will get him on the wrong side of a lawsuit.

profplump: PrYgMMa: If it was on the white list it was allowed; if was disallowed they'd see a picture of  "billie the manatee" and the word 'PWN'D'.

And if they used a DNS proxy you were PWN'D and they were too smart to brag about it.

99% of networks that allow any Internet access allow unfiltered DNS queries (via a proxy or directly). It's a bit slow, but it's far and away the most reliable method to smuggle data across an uncharacterized firewall/proxy/filter.

This is true.
Most nets I put together end up with a Packeteer style device, and Websense or something equal to it. Also, a SEIM system and full capture capability.
You try that crap on one of my networks and you trigger an event. The event triggers a capture. The capture gets analyzed by the SEIM engine. The SEIM engine sends me your MAC and IP. My switch control tells me which port you are on, (or which AP you are associated with, and your location), and then you have my face in yours. Quickly.

But why?

//Seriously, this is part blame on "people should be responsible with the web at work" and part "network admins are insufferable data trolls".
///Nee

You ask "But why?".
Because I work somewhere that has tremendous governmental oversight and regulation. If we fa ...


So one more question, do you block Fark?
 
2013-09-28 04:47:17 PM

saturn badger: Fade2black: Pretty ingenious idea.  All joking aside, many argue that indoctrination starts in the schools...80% of teachers are usually left-leaning liberals, and they preach that in some form or another to their students.  Now I'm not trying to start a flamewar, but I bring up my primary point:  Very smart of Apple to get them going on ipads so early.  It brainwashes them into wanting those in the future, as opposed to the myriad of other options out there.  Clever!

/not a fanboi, but I do have an iphone.
//just an observation

Tried and true indoctrination. How do you think the Apple II made such inroads into the schools? This is just history repeating itself. They were a loss leader but the future students went Apple.


Maybe some of them did. My schools were all Apple but most of the geeks I knew had a PC at home. Most normal people had no computer at all back then though.
 
2013-09-28 04:56:35 PM

sethen320: WordyGrrl: TheMega: Tom_Slick: "They told me Friday, 'I would do it for you because you're my friend,' " she says. "They told me that!"
If you weren't a friend, the hack would cost $2

$2.00 really, I bet they could easily charge $5, fire that school's Economics teacher.

No shiat... was getting $5 for a nicely written excuse slip 20 years ago!

/now I feel old... make me a cup of tea, put some lemon in it.

If $2 is the market rate, then hacking is not the cash cow I thought it was. Oh well. I was done with DOS commands anyway. So there.

Contrary to what Hollywood has told you, using DOS is not "hacking".


Sadly the legal system an school admins have a very broad definition of hacking. Even back in the 90s they got the police involved after a prankster bypasses Foolproof and printed some inappropriate stuff on the main office printer. Anything that bypasses any security measure is hacking from their standpoint.
 
2013-09-28 05:03:09 PM

Fark_Guy_Rob: sethen320: WordyGrrl: TheMega: Tom_Slick: "They told me Friday, 'I would do it for you because you're my friend,' " she says. "They told me that!"
If you weren't a friend, the hack would cost $2

$2.00 really, I bet they could easily charge $5, fire that school's Economics teacher.

No shiat... was getting $5 for a nicely written excuse slip 20 years ago!

/now I feel old... make me a cup of tea, put some lemon in it.

If $2 is the market rate, then hacking is not the cash cow I thought it was. Oh well. I was done with DOS commands anyway. So there.

Contrary to what Hollywood has told you, using DOS is not "hacking".

Legally speaking - 'anything' can be hacking.  It's largely about intent.  For example - let's say you log into your new bank and see that the URL is
www.YourBank.com/Accounts/Account7

And you think - gee, that's odd.  Account7?  Huh.  I wonder what happens if I go to
www.YourBank.com/Accounts/Account8

*THAT* is hacking.

It's absurd.  It's ridiculous.  But YOU knowingly, and willfully tried to circumvent the existing protections and access ANOTHER ACCOUNT.  It doesn't matter if the 'existing protection' was as simple as not sending you to that URL - you modified the URL.  It doesn't matter that browsers are meant to visit URLs either.  Sadly, I'm not joking.  They'll say that 'Stealing is stealing, it doesn't matter if the door is unlocked' and they'll ruin your life just the same.

I was pulled into the Principal's office in high school, along with my computer class teacher, and some guy from the district I'd never seen before.  I had to explain what 'Changing the resolution' was and why I did it.  I'm not making this up.  I'd written a program, in my programming class, that would change my resolution because 800x600 was a lot nicer than 640x480 for writing code.  This was one of my 'hacking crimes'.  I explained, as calmly as I could; that the resolution was 'how many pixels were on the screen'.  And if I had a higher resolution, it gave me 'more space to work with'.

The principal listened as told my tale.  When I'd finished, she waited some more.  Her face was turning more and more visibly angry.  Finally she said, 'SO YOU WERE SEEING PARTS OF THE SCREEN THAT STUDENTS WERE NOT SUPPOSED TO SEE?!'

*facepalm*

Nothing I did or said, would convince them otherwise.  It was exactly like the horror stories you hear about involving police.  'Never say anything!' - and it was true.  Every single thing I said was just an opportunity for them to twist my words.  To anyone who understands anything about computers, it is obviously ridiculous....but it didn't matter.  Clueless people with power aren't in the practice of admitting they are clueless.   These were the people tasked with educating the future generation (IL school district 211).

The laws are written in such a way that ANYTHING is hacking.


And thus deny, deny, deny. Resolution? I don't even know what that is, I just tried out my program an the screen went all wonky, I have no idea what happened. It works better than trying to explain what you did to morons. If they don't know what you're talking about, it's a lot harder for them to prove what you did.
 
2013-09-28 05:06:17 PM

gja: WinoRhino: The town IT director owns all the switches used at the schools because the town's WAN goes through them as well. So he has locked the school's IT group out of the switches and BILLS their department if he has to upgrade the firmware or make a settings change.

LOL. It would take me about 1 minute to do a recovery on those switches and I could hand you the new password on a platter.
This procedure is well known and well documented. It is also a basic skill anyone who has spent any time in infrastructure possesses.
You need better I.T. folks. I am not jesting in the least.

Then you kick the directors' little Napoleonic ass to the curb. And let him know that using that tactic will get him on the wrong side of a lawsuit.

profplump: PrYgMMa: If it was on the white list it was allowed; if was disallowed they'd see a picture of  "billie the manatee" and the word 'PWN'D'.

And if they used a DNS proxy you were PWN'D and they were too smart to brag about it.

99% of networks that allow any Internet access allow unfiltered DNS queries (via a proxy or directly). It's a bit slow, but it's far and away the most reliable method to smuggle data across an uncharacterized firewall/proxy/filter.

This is true.
Most nets I put together end up with a Packeteer style device, and Websense or something equal to it. Also, a SEIM system and full capture capability.
You try that crap on one of my networks and you trigger an event. The event triggers a capture. The capture gets analyzed by the SEIM engine. The SEIM engine sends me your MAC and IP. My switch control tells me which port you are on, (or which AP you are associated with, and your location), and then you have my face in yours. Quickly.


Systems like that were fun. Change the home page on the browser to something sketchy then sit back and watch from a distance as the IT nerd gets in the face of the preppy kid who just sat down and opened the browser to look something up.
 
2013-09-28 05:09:26 PM

Walt_Jizzney: James10952001: I hacked the school Macs back in highschool. This was back in the 90s so security was a joke. I knew more about the computers than the "expert" teachers who administered them. Anyone else remember Foolproof on the System 7 Macs? Boot floppy would bypass it completely, or load ResEdit and delete the Foolproof extension.

I fail to see how ResEdit would have helped you in that situation...

However, holding down shift to keep turn them off? That sounds better....


They fixed the hold down shift loophole in later versions so that Foolproof would load anyway. ResEdit would let you delete files even when they were in use, so you could delete FoolProof and reboot.
 
gja [TotalFark]
2013-09-28 06:34:58 PM

italie: You ask "But why?".
Because I work somewhere that has tremendous governmental oversight and regulation. If we fa ...

So one more question, do you block Fark?


Yes. We do. I access it via MY laptop with MY cellular card. This laptop does not touch the corp network.
 
gja [TotalFark]
2013-09-28 06:36:08 PM

James10952001: Systems like that were fun. Change the home page on the browser to something sketchy then sit back and watch from a distance as the IT nerd gets in the face of the preppy kid who just sat down and opened the browser to look something up.


Yeah, about that. You couldn't. Locked down via GPO. Sorry. Try something else.
 
gja [TotalFark]
2013-09-28 06:45:32 PM

WinoRhino: gja: LOL. It would take me about 1 minute to do a recovery on those switches and I could hand you the new password on a platter.
This procedure is well known and well documented. It is also a basic skill anyone who has spent any time in infrastructure possesses.
You need better I.T. folks. I am not jesting in the least.

Then you kick the directors' little Napoleonic ass to the curb. And let him know that using that tactic will get him on the wrong side of a lawsuit.

You misunderstood-- that's not my district. That's the neighboring town's situation. It's somewhat the opposite where we are. My boss, the IT director for the schools, and myself (net admin) have everything well in hand. Like them, our town also has segregated IT departments: one for the school district and one for the town buildings. The town has completely lost faith in their IT department, and a few buildings simply do not let them touch their equipment any longer. The public safety building has locked them out, and the veteran's affairs building just calls the school IT department (me) when they have issues. Inept doesn't even begin to describe them. They call consultants to upgrade firmware. Their idea of providing wireless for the town hall was to plug in a Linksys router with no security on it.  They never change any of the default passwords on their devices either (routers, switches, etc).


Wow. that district sounds like a techno-hellhole. They have my deepest condolences. You must rue having to deal with them on ANY level.
 
2013-09-28 07:12:05 PM

gja: James10952001: Systems like that were fun. Change the home page on the browser to something sketchy then sit back and watch from a distance as the IT nerd gets in the face of the preppy kid who just sat down and opened the browser to look something up.

Yeah, about that. You couldn't. Locked down via GPO. Sorry. Try something else.


Oh I would if I were still in highschool but those days are long past. The more security measures, the more fun it was to break them. People take that stuff too seriously now.
 
2013-09-28 09:36:29 PM

gja: italie: You ask "But why?".
Because I work somewhere that has tremendous governmental oversight and regulation. If we fa ...

So one more question, do you block Fark?

Yes. We do. I access it via MY laptop with MY cellular card. This laptop does not touch the corp network.


Do your minions get to play by those rules?


/Most corporations with access to sensitive information would frown on that type of thing, being able to compromise security with a USB stick 'n all
//Just saying.
 
2013-09-28 09:50:23 PM

italie: gja: italie: You ask "But why?".
Because I work somewhere that has tremendous governmental oversight and regulation. If we fa ...

So one more question, do you block Fark?

Yes. We do. I access it via MY laptop with MY cellular card. This laptop does not touch the corp network.

Do your minions get to play by those rules?


/Most corporations with access to sensitive information would frown on that type of thing, being able to compromise security with a USB stick 'n all
//Just saying.


You notice how he emphasized the word my? He is doing that with his personal laptop, not his work issued laptop. He is saying his work issued laptop is used for work only, he uses his personal laptop to Fark around at work and he uses a cellular card to access the internet.
 
gja [TotalFark]
2013-09-28 11:07:21 PM

ongbok: italie: gja: italie: You ask "But why?".
Because I work somewhere that has tremendous governmental oversight and regulation. If we fa ...

So one more question, do you block Fark?

Yes. We do. I access it via MY laptop with MY cellular card. This laptop does not touch the corp network.

Do your minions get to play by those rules?


/Most corporations with access to sensitive information would frown on that type of thing, being able to compromise security with a USB stick 'n all
//Just saying.

You notice how he emphasized the word my? He is doing that with his personal laptop, not his work issued laptop. He is saying his work issued laptop is used for work only, he uses his personal laptop to Fark around at work and he uses a cellular card to access the internet.


Yeah, you seemed to have got it. italie not so much.
I toe the line. I don't have 'minions'. Nobody 'works for me'. They work on my team. I do not 'own' them. They are professionals and I detest those who say "i have all these people under me". What a jackbooted way of thinking. I pity those with bosses that think like that. My reports are ALL excellent pros.

My work machine isn't a laptop. It is a virtual desktop. It never leaves the server center. Integrity, it matters at work.
 
2013-09-29 08:08:40 AM

gja: ongbok: italie: gja: italie: You ask "But why?".
Because I work somewhere that has tremendous governmental oversight and regulation. If we fa ...

So one more question, do you block Fark?

Yes. We do. I access it via MY laptop with MY cellular card. This laptop does not touch the corp network.

Do your minions get to play by those rules?


/Most corporations with access to sensitive information would frown on that type of thing, being able to compromise security with a USB stick 'n all
//Just saying.

You notice how he emphasized the word my? He is doing that with his personal laptop, not his work issued laptop. He is saying his work issued laptop is used for work only, he uses his personal laptop to Fark around at work and he uses a cellular card to access the internet.

Yeah, you seemed to have got it. italie not so much.
I toe the line. I don't have 'minions'. Nobody 'works for me'. They work on my team. I do not 'own' them. They are professionals and I detest those who say "i have all these people under me". What a jackbooted way of thinking. I pity those with bosses that think like that. My reports are ALL excellent pros.

My work machine isn't a laptop. It is a virtual desktop. It never leaves the server center. Integrity, it matters at work.


I get it, I just don't agree with it. Every secured facility I've ever work for has drawn the line at personal gear coming in or out unless it was worked over to the same extent as the company gear.

You never answered the question as to whether you "colleagues" get to play by the same rules. There are quite a number of business hour posts by you. I have never come across a boss, network admin, "security expert" or otherwise who would allow people to bring in their own equipment in such a secured environment...especially if it serves no purpose to the company other than to surf Fark (assuming that anything not needing to touch the internal network serves no useful purpose). Most would have a heart attack upon seeing the cellular card. If everyone else gets to bring in unprotected personal gear, there is no point in blocking web traffic to the extent you do...because you have no control over data in the building anymore.

Listen, I'm not claiming to know your situation. I am saying that you go to extensive lengths to secure your networks, and yet here you are Mon-Fri, and on your own gear/pipe. You block Fark, so obviously your company frowns upon it, yet hear you are Mon-Fri.

I've heard the "Fair and balanced" speech from every gatekeeper I've come across. Almost all of them (at least all the ones worth a damn) are data trolls who will be "In your face" at the slightest hint of activity deemed inappropriate. I get it. Comes with the job. What I don't get is the double standard.
 
Displayed 150 of 150 comments

View Voting Results: Smartest and Funniest


This thread is closed to new comments.

Continue Farking
Submit a Link »






Report