Student Hackers on School Laptops

According to the Sydney Morning Herald ‘thousands of school students on Facebook and other websites are exchanging tips on how to hack into free government-issued laptops’.

More than 66,000 laptops have been handed out as part of Australia’s ‘digital education revolution’.  The laptops employ filtering, theft protection and system identification to help protect both the laptops and the users themselves from harm.

In my previous role I worked with schools educating teachers about security and appropriate use of the technologies they were given.  I did some consultation work with Australian education authorities who were looking at implementing a computer security curriculum for high school students. It was all pretty sound until I realised there was no mention anywhere of the actual consequences of misusing technology i.e. malicious hacking, spying, or otherwise circumventing security.

It’s no surprise then that this story has appeared. As a teenager with a C64 I too might have been involved in making dodgy ‘back-ups’, cyberbullying with the green screen TRS80s in the local LAN, and had the internet been around I might have even taken a peek through the fence at the seedier side of the net.  As the spokesman for the NSW Department of Education put it, most breaches were ”a result of the curiosity of tech-savvy 15-year-olds testing their skills against the security features of the laptop or downloading copyright material”.

Having a lesson on ‘the consequences’ of bad online behaviour would never be enough to deter some of these students from poking around where they shouldn’t. But learning that there are consequences, and that there are security mechanisms such as forensic audits which can catch you out might be enough to make some think again.

A while ago I spoke with a few people in the security industry about putting together a programme where security experts went into schools and demonstrated forensics, password cracking, and so on to try and excite those tech-savvy 15 year olds into thinking about using their talents for good.  The sessions would close with the warning that if they were ever convicted of hacking crimes they could probably kiss a career in the security industry goodbye.

Maybe it’s time to put something in to place.

2Degrees Pays Scant Regard to Privacy

New entrant to the New Zealand Mobile phone market 2Degrees has exposed customers personal information with some sloppy web site coding.

Customers at the site were shown the personal details of previous customers part way through the purchasing process.

In a pathetic effort to excuse this disdain for customers privacy 2Degrees blamed high traffic for the error.  This was not a traffic problem, it was a policy problem.

Then the lies continue:

“Above all else 2degrees values the privacy of our customers.”

This statement is clearly rubbish. If it were true then the proper checks would have been in place to protect customers privacy.

If you need any more proof that 2Degrees does NOT have the best interests of the public at heart, then read this story which outlines the fight a Manukau City community is having with the company.  2Dgrees wants to erect cell towers next to early childhood centres, schools, and outside peoples homes despite the jury being out on the possible damage this could cause to young children.

Of course you can always show your support to the company by signing up for their facebook app which will potentially share your personal details with millions of others…

Shame on you 2Degrees, ‘values the privacy of our customers’ indeed.