|
While at the local pizza shop at lunchtime, I was reading this news article
about some
kids
who broke into their school computers. The so called "Kutztown 13" figured
out the admin passwords on the laptops they were issued, and started causing a
variety of havoc.
So, read the article, then decide what the moral of the story is. You may
choose more than one:
- Don't give computers (especially expensive ibooks) to school kids
- If giving expensive ibooks to students, and intending to lock them out of
some features, don't leave the admin password taped to the back of the
laptop
- Don't put Internet filtering software on the client, put it on the server
- Don't give a Porche to a group of unsupervised 16 year olds and expect them
to travel the speed limit and stop at all stopsigns.
- It doesn't matter that anyone signs an agreement saying that they'll obey
this and that, and may be criminally charged if they break the rules -- there
will always be parents (and thus kids) who think they are exempt from having to
follow the rules and consequences they agreed to
- Don't give "locked down" computers to young/immature people who are also smarter
than you
- Don't leave security vulnerabilities on locked down machines (they didn't
say this was the case -- but they did say students cracked an encrypted
password (after having the original password, taped to the back of the
computer, changed). Being that it's a Mac, it was likely the passwords in the
/etc/shadow file. Which should not be readable by users, so it seems that
there may have been some vulnerability they took advantage of)
Actually, I may be shooting for an "all of the above" here. Did I miss
any?
|