Comment by dmitrygr
4 years ago
Many here, I am sure, got in trouble in high school for exposing security issues in school IT. So I imagine we're all very happy to see a sane response from school administration for once!
4 years ago
Many here, I am sure, got in trouble in high school for exposing security issues in school IT. So I imagine we're all very happy to see a sane response from school administration for once!
Story time, I guess.
I went to a small private Christian school back in the late 200X's, and not the type of private school that had gobs of money. For two years, our desktop computers in the computer lab and the English classroom ran Ubuntu Linux (presumably because Windows licenses were >$0). The only students with Linux experience were myself and a friend that I introduced to Linux (who is also now an IT professional).
For a month or two we systematically changed the remote desktop preferences to automatically accept new connections and not to display any messages saying that there is a connection. We tried to never sit at the same computer twice so that we could "adjust" as many computers as possible and to make a secret map of where each computer was by hostname.
If we were in the computer lab and feeling mischievous (always), we'd poll around English classroom hostnames to see if any were in use, or vice versa. We'd "help" people write their papers (very creatively, I might add), speedrun through other students' typing lessons, open a terminal and run "telnet towel.blinkenlights.nl", or whatever else we could come up with.
Well, wouldn't you know it, word gets around this is happening and we naturally get called in to the principal's office (because who else?). While expecting the worst, we were told "we know what you're doing, we don't know how to stop you, but we encourage you to stop and use your technical abilities productively instead" and were let off without punishment. We both came out of it with great respect for the administration because they showed us respect we didn't deserve, and we stopped.
I got in trouble once in high school just for discovering and then using `net send` to send a message to my friend that said "Hi from lab 3".
Computer lab access revoked for 6 weeks. Jokes on them, now I send socket messages to my friend that says "Hi from Chicago" and there's nothing they can do about it.
My friend however keeps begging me to use this thing called 'email' because he claims he doesn't see the socket messages.
Sorry you got access revoked. I accidentally did a net send (via the GUI) to the whole district domain instead of my friend in AP CS that said "Time for break!" right before the snack break.
In my next class, the teacher was talking about "Time for break" virus going around... :/
This was after the district IT wanted to suspend me for setting up a Windows 2000 domain for the yearbook lab, so I kept my mouth shut.
everyone in my school net send bombed everyone all the time. Im not sure how they didn't figure out how to just turn it off.
but i remember you had to do it from a library computer, because it said who it sent it from. so you had to do a little drive by walking net send as you walked out of the library to not get caught
In our case it escalated to scripts with silent, random time delays. Launch it from a floppy, walk away and 87 minutes later everyone is wondering why a notice went out saying that a Toyota Corolla in the parking lot has its lights on.
We would write scripts to essentially make net send DOS attacks on different labs.
That was exactly how we used to do it, from where we used to do it, haha. Are you my friend? Rodrigo? How's the weather in Miami? How 'bout those 'Canes?
I don't know. I feel like a lot of the people here celebrate their former exploits as though they weren't committing the computer equivalent of rifling through unlocked desk drawers and graffitiing the walls. They seem so surprised that overworked and underpaid public servants don't appreciate that.
There was an excessively annoying kid in my high school and I learned to send remote commands to any computer in our lab, so I sent a command on loop that continuously opened his disk drive (it would automatically re-open after closing), and if he was particularly annoying I would shut down his computer.
I never once got in trouble for it - the teacher would ask the class, directly looking at me, from time to time to stop it, but I never got in trouble.
I imagine he was just using those announcements to get me to stop from time to time, but knew this kid deserved it so he never did more than that.
Stories of more enlightened school administrators are always welcome.
My story: the "second best high school in the state" had an AT&T 3b2. They wouldn't let me take any classes that used it because they were afraid of what I might do to it (their words). I mean, they weren't actually wrong to worry, but it din't really have anything on it.
It happens at "adult" jobs too. I found a number of webcams in the organization with no password. I flipped the image on one, and sent an email to IT saying, "Hey something's wrong with the web cam - it's upside down. Oh and probably you should put a password on it ;)"
It didn't go over so well. It embarrassed them and lead to some major reprimands for me, almost to the point of losing my job for unauthorized access to systems.