LA School Gives iPads To Students; Students Hack Protection; School Freaks Out And Halts iPad Program
from the to-the-surprise-of-no-one-but-the-school-district dept
Technology: what could often be the best friend of educators is usually treated as their worst enemy. Even when school districts make potentially positive steps, they’re often undone by either the paranoia that giving kids access to the outside world will be permanently destructive or by failing to understand the consequences, especially the unintended ones, of putting technology in the hands of their students.
Case in point: the rollout (and now, possible rollback) of iPads to Los Angeles schools.
Following news that students at a Los Angeles high school had hacked district-issued iPads and were using them for personal use, district officials have halted home use of the Apple tablets until further notice.
It took exactly one week for nearly 300 students at Theodore Roosevelt High School to hack through security so they could surf the Web on their new school-issued iPads, raising new concerns about a plan to distribute the devices to all students in the district.
“Outside of the district’s network … a user is free to download content and applications and browse the Internet without restriction,” two senior administrators said in a memo to the Board of education and L.A. schools Supt. John Deasy. “As student safety is of paramount concern, breach of the … system must not occur.”
The only way the school district did not see this coming is through institutional blindness. Despite all evidence to the contrary, it expected students to use the devices only as intended, even when completely unsupervised. This is built on the assumption that instructions are rarely questioned and limits are rarely tested. The administrators aren’t stupid but they are prone to believing their authority has more influence on students than it actually does. (This isn’t completely unlike the blindness exhibited by parents who take very active steps to raise their kids to be drug and alcohol-free. and then are shocked when their kids experiment with the forbidden substances anyway.)
The second issue here is how easily the “protection” was hacked.
Roosevelt students matter-of-factly explained their technique Tuesday outside school. The trick, they said, was to delete their personal profile information. With the profile deleted, a student was free to surf.
Soon they were sending tweets, socializing on Facebook and streaming music through Pandora, they said.
This indicates that whoever approved this deal (and its attendant protection scheme) truly didn’t understand the technology… or greatly underestimated their opponent. Allowing the students to take the iPads home with them only sped up the process.
So, the question the district needs to ask itself is: does it want students to have a potentially useful tool that could further education, even off campus (and possibly “compromised”)? Or does it want to treat the iPads like shiny books and lock them down further?
If the district wants the students to use the iPads to their full potential, then it has to accept the fact that they won’t always be used the way it wants them to. Otherwise, it can lock them down with better security and keep them in the classroom, thus reducing their utility to that of any paper textbook — only less so, considering students can take textbooks home. There’s not a whole lot of middle ground. Expanding the iPads usefulness means reliquishing some control.
Schools tend to view “unapproved” use as something unequivocally bad, but the fact is, given the right incentives, students can think critically and solve problems, even the sort of “problems” (locking down devices) school districts tend to view as “essential” to ensure students’ safety. This whole situation is full of “teachable moments,” but sadly, it appears as though the district is just going to shut this down until it can figure out how to outsmart its students.
L.A. Unified School District Police Chief Steven Zipperman suggested, in a confidential memo to senior staff obtained by The Times, that the district might want to delay distribution of the devices.
“I’m guessing this is just a sample of what will likely occur on other campuses once this hits Twitter, YouTube or other social media sites explaining to our students how to breach or compromise the security of these devices,” Zipperman wrote. “I want to prevent a ‘runaway train’ scenario when we may have the ability to put a hold on the roll-out.”
Yes, a nightmarish world of kids listening to music and interacting on social media will be inevitable unless the district shuts this program down.
Maybe, rather than using this breach as an excuse to step back into the past, the district could move forward. For instance, why not turn hacking into a postive experience, rather than a punishable offence? Install a new protection scheme and invite students to hack it. Have them detail the steps they took to deduce the weak spots, the research they performed to find possible solutions, and finally, map out the hacking process(es) itself. Then repeat. The district will learn something as well — the untapped ingenuity of its students and the best ways to approach future protection schemes. And the students will be rewarded for exercising little used skills like logic, creativity and persistance.
It’s all a matter of perspective. Reading Scott McLeod’s “26 Internet Safety Talking Points” would go a long way towards turning this situation into a net positive for the district. Especially the last one.
Educating is always, always more powerful than blocking.
There’s a win to be had here, but only if the district wants it. And judging from the two statements it’s made, it would rather opt for more control.
Comments on “LA School Gives iPads To Students; Students Hack Protection; School Freaks Out And Halts iPad Program”
When I was in school, I placed SNES/Sega Genesis emulators and a fuckton of roms on all the computers in the lab. I was never reprimanded for it. I suppose the fact that the emulators didn’t need to be installed may have helped.
Anyone else get up to some shenanigans?
Re: Re:
I didn’t do it myself, but I know for a fact that someone had put a emulator/rom for Starcraft on at least half the computers in my high school library.
I also know that in the computer science room, most of the computers that we weren’t busy disassembling/experimenting with had Starcraft as well as Raiden II and Raiden III on them as well.
Re: Re: Re:
We did the same kind of stuff. We also locked our computer teacher out of her administrative account (she used a weak password) and used it as we pleased. She didn’t want to admit to the school that she was locked out and we wanted access to play games. It was a win-win until she had a nervous breakdown in class. Best school day ever.
We didn’t cause it, but we certainly didn’t do anything to make her life any easier.
Re: Re: Re: Re:
Ignoramus in my homeroom one year had networked a “student computer” (not much on it) and one on her own desk to a common printer, using then-current Appletalk technology (cue eyerolls). Actually reading some of the documentation for these systems revealed the interesting fact that this created a LAN in which it was possible to mount the teacher’s hard disk drive on the student computer and view (and even modify) the contents. I found note files she was keeping on all the students and read mine. It said something about aptitudes for science and engineering. 😉
The lack of individual user accounts on the machines (and LAN) had a downside: students with less of an aptitude for science and engineering and more of an aptitude for vandalism and mayhem had the capability to alter and delete my files. What they lacked was the capability to find them, once I discovered how to hack the resource fork of a circa-1993 Macintosh computer file.
They could try, but the attempt would lead them into a bewildering maze of deceptively-named files, false walls (courtesy of folders given an all-whitespace filename and a 32×32 transparent .gif icon), and booby traps (one was a file named “AC’s Stuff” with a folder icon — actually a copy of one of the system binaries, resource-fork-hacked to give it too small a heap size. The whole machine would lock hard if it was double-clicked, as this particular binary did not properly check for and handle “out of memory” exceptions being raised, and protected mode was uncommon in desktop PCs as of yet).
Do note that all of this was before they installed a C compiler on the computer, making real hacking possible…
Re: Re:
unfortunately, when I was still in school they had early windows (3.1 or somewhere around that version).
I still had a tandy 1000 (RL I think) and thought “I need to move up with the times”. I still have that old beast too along with deskmate and hero’s quest back before sierra got sued and had to change the name to quest for glory.
Re: Re:
Anyone else get up to some shenanigans?
Not too much. In high school we had Apple IIe’s and about the worst we could do was have it print swear words repeatedly on the screen.
I probably could have though since I ended up teaching most of the class since I knew BASIC better than the math teacher teaching the class since I had a IBM 8088 (yes an 8088, the predecessor to the 8086) at home to play with.
Re: Re: Re:
Ah, the old Apple days. What we did was take the floppy disks, use a piece of tape to remove the “write protection”, and add our own code to whatever program was on it.
Re: Re: Re: Re:
I do remember cutting out a sqaure on the other side and turning the floppy over to put my own stuff on it.. LOL Single sided 180KB floppy’s for the win!
Re: Re: Re:
What about having it print swear words completely unexpectedly during normal interaction? Enter the 8-bit microcomputer and someone who knows how it actually works under the hood. A bit of poking the ROM into the underlying shadow RAM, a bit of turning said ROM off, and a bit of hacking, and the next time someone muffs a BASIC command they get
?SHITAX ERROR
READY
(or much, much worse).
And nothing unusual seems to be resident in memory…
With a little assembly language much more became possible, like having the load from disk command, when invoked, show a perpetual spinning-baton and never seem to finish …
All easily fixed with a reboot of course. 🙂
Re: Re: Re:
I typed in Star Trek (BASIC) from a book and gave copies to all my friends. I also used to play games in class.
Re: Re:
10 Print “The Principal is an idiot”
20 Goto 10
Muwahahahaha.. and I left School in the early 80’s so BASIC (or 6800 Assembler) was all there really was 😉
Re: Re:
There were some games the teacher would let us play on a few select days during the year on the computers. I pirated them all to my home and distributed to my friends too. I also set up an IRC fserv on 2 or 3 computers with stuff from the fansub I used to work to. I did take some steps to conceal them but they only lasted about 6 months =/
The reason the “protection” was easy to circumvent is they didn’t use any. It’s amazing how little you have to do to “hack” something now.
Re: Re:
You’re mostly correct. The “protection” they used was an ActiveSync policy. Basically, it’s some settings that you configure on an Exchange email server that say “hey, if you wanna connect to this email server then you gotta have these settings enabled on yer device”. The students decided that they didn’t give a crap about connecting to the school’s email system (shocking, right?) so they deleted that email profile. No more email profile = no more “security” settings. Was it “hacking”? Hell no.
Re: Re:
uh… The word hacking literally means unauthorized access to a device or network. It doesn’t always has to mean the type of hacking you see in movies.
Re: Re: Re:
You mean “cracking?” Or are you with the news media?
Re: Re: Re:
“The word hacking literally means unauthorized access to a device or network”
The problem with this sentence is that not only is the underlying sentiment not correct, but it contains at least 2 words that have had their meanings fundamentally corrupted by constant misuse. It’s hard to have a semantic argument when the correct meaning of the words contained within it change depending on who you’re addressing.
Re: Re: Re:
Er, no, actually. Hacking is making changes to code, whether those changes are unauthorised or not. Getting into a locked system without any of the necessary passwords is cracking, and also may be authorised. That’s what white hat hackers are hired for; to break into systems and fuck around with them, then tell each person who hired them what they did and how so the security of those systems can be improved.
My high school computer science teacher was drafted from the typing and home ec classes. She was fascinated by what we were able to show her how to do on the computers, not so much when the school got a bill for long distance calls to connect to a bbs 😉
They did lock down the phone lines after that, but I don’t remember anyone getting punished. Hard to when she had to give us her code to use the phone to dial out.
Re: Re:
Oh we used to dial Long Distance BBS’s (Overseas mostly) for free… whistles and looks innocent
I guess under some arbitrary zero tolerance policy they have all damaged school property and and should serve their suspensions in federal prison for beaching the computer misuse act.
So, the LAUSD decided to pit their intelligence against the collective desire of all the teenagers at a high school for Facebook, Twitter, Pandora, Angry Birds, and Minecraft?
Did you know that if you put a little hat on a snowball it can last a long time in hell?
(Shamelessly lifted from a Dilbert cartoon. Which this whole episode resembles.)
Two things
1. Students aren’t idiots
2. Students know how to search the internet
Any kind of protection that the school district could possibly put onto the computers is easily bypassed, and clear instructions for how to do it are a quick search away.
Re: Two things
Back when I was in high school I learned through a friend of mine that all the middle school students in his younger brother’s year (7th graders at the time), were getting laptops (Dell, for anyone who’s curious) for the duration of school year so the teachers could communicate better with the students[or something like that].
My friend’s younger brother had cracked the district firewall within a week of getting that laptop.
True story.
(though it should be noted that the district had improved its firewall by the following year.)
This comes down to the same problem that the entertainment cartels have. You are free to find ways around road blocks and artificial blocks. You can’t take a plot of land and say there is an imaginary fence around it.
Re: Re:
…well you can say it, but that doesn’t make it true or mean that other people should pretend that it is.
Re: @ "You can't take a plot of land" -- how did you define it AS a plot, then?
You egregiously insert one of the lamest analogies ever, off-topic, and self-contradictory too. Manifestly around a “plot” of land, there IS an imaginary fence: property rights. If you are found on someone else’s land without authorization, those responsible for enforcing the distinction between yours and theirs will remove YOU.
Re: Re: @ "You can't take a plot of land" -- how did you define it AS a plot, then?
Go salivate over some “second amendment remedy” websites… and your own twisted dreams!
I’m guessing this isn’t so much about students surfing the net and listening to music but rather the too high risk of getting sued because students does something unlawful on devices handed out by the school.
I can sympathize with that fear, it’s in the US after all where lawsuits are a tad too common. I wish it was otherwise.
Why are they always worried about safety?
The issue of safety doesn’t really enter into it. What they could do instead is emphasize that the iPads must be preserved in their original state like you already strive to do with your textbooks, simply because the iPads are school property, not personal property, and kind, decent human beings respect other peoples’ property like that.
It would also be neat if there was an unspoken rule that if you’re skilled enough to hack the iPad and put whatever you want on it, you must also be skilled enough to restore that iPad to its default programs and settings by the time class ends or summer vacation begins. No harm, no foul, so don’t get caught!
Here's an unreconcilable juxtaposition:
Educating is always, always more powerful than blocking.
(This isn’t completely unlike the blindness exhibited by parents who take very active steps to raise their kids to be drug and alcohol-free. and then are shocked when their kids experiment with the forbidden substances anyway.)
The minion’s assertions only serve the moment: if education by parents doesn’t work, then the blockquote statement can’t be true.
Better would be take away the toys and lock them in an empty room to show how they’ll spend time in prison. Sheesh.
The minion just has NO idea of what schools are for: should be for teaching kids how to make their own stuff, not tear at the inevitable flaws in all products. “Hacking” is not creative. It’s not too much of a stretch to say that say “hacking”, tearing at the flaws of minion’s product, is what I’m doing right now — and see how little appreciated it is?
Re: Here's an unreconcilable juxtaposition:
Not even going to bother refuting you. I’m done with OOTB. Enjoy my Report vote.
Re: Re: Here's an unreconcilable juxtaposition:
@ “Rikuo”
Not even going to bother refuting you. — That’s all I’ve ever asked! Just SAY what you want on topic, and that’s your refutation, NOT your childish ad hom.
I’m done with OOTB. — IS THAT A FIRM PROMISE?
Enjoy my Report vote. — I do! Means you can’t refute me, only attempt to suppress. You censor as much as you can.
Here’s one of Rikuo’s previous statements at me:
http://www.techdirt.com/articles/20130415/17080722714/eff-isohunt-bad-facts-make-bad-law.shtml#c165
A thinly veiled threat of physical violence. — And there’s never any action by Mike even after my repeated complaints.
Re: Re: Re: Here's an unreconcilable juxtaposition:
What? You’re expecting me to waste my time defending what I’ve said in the past? Long story short, my comment got reported, like the vast majority of yours, I discussed it with the other TD regulars and learned that what I had said was wrong.
As for a firm promise, that’s rich coming from the guy who’s promised on numerous occasions to leave the site.
As for you “asking” to be refuted – no, you don’t. You never do. You come here, skim the articles, spew forth your verbal diarrhea and when your arguments are debunked, you vanish into the ether, until the next article. Never has there been a “Oh, looks like I was wrong, thanks for correcting me” from you. What I am saying is that I’ve been debunking what you say for years now, and I’ve finally gotten tired of it. AJ rarely turns up and for all I know bob is dead. You’re pretty much the last troll left.
I’m no longer going to take the time to reply to you. I’m just going to report you. You have done everything possible to sully your own reputation, such that I don’t want to entertain you any longer. I enjoy reading discussions, seeing new ideas – I don’t enjoy seeing topics derailed by your diarrhea, even though I’m mostly guilty of that myself.
Re: Re: Re:2 Here's an unreconcilable juxtaposition:
@ Rikuo:
“You’re expecting me to waste my time defending what I’ve said in the past?”
“I discussed it [the thinly veiled threat of physical violence] with the other TD regulars and learned that what I had said was wrong.”
The first is a real gem, especially when you accuse me of past items for me to defend! Man, are you UN-self-aware. — But no, I don’t expect consistency here from Mike or fanboys, only facile evasions and convenient use for the moment.
Oh, you “learned” it only after. Then you go on to some more lies and ad hom. Typical.
HEY, I’M THE AGGRIEVED PARTY, SONNY. If you admit what you did was wrong, then I’M DUE AN APOLOGY. Let’s have it.
As for the rest, MY COMMENTS ARE MY COMMENTS. IF you value “free speech” JUST IGNORE THEM! — I LIKE TO PROVE HOW THE TECHDIRT FANBOYS DO NOT ACTUALLY VALUE FREE SPEECH! You’re just the usual clique of ankle-biters.
I’m not required, and not going to, conform to your notions or anyone else’s. You are trying to enforce conformity of opinion here, STILL doing so with your promise to “report”, censoring me as much as you can.
[ Only in unlikely event you do will you find out what the asterisk means.]
Re: Re: Re:3 Here's an unreconcilable juxtaposition:
.
Re: Here's an unreconcilable juxtaposition:
Hacking: Word #476 that OotB does not understand.
Smart Students
Students are much smarter than what they think, I think they should appreciate this 😛
I thought CA was broke? Where did they get the money to be able to give all public high school students iPads in the first place?
I think they forgot to change the admin password from “password”.
>What they could do instead is emphasize that the iPads must be preserved in their original state like you already strive to do with your textbooks,
That’s like no writing on chalk boards to “preserve their original state”
It is a digital device it can be wiped and re-flashed to its original state.
Safety?
In what way is unencumbered net access a “student safety” issue? The last time I checked, there isn’t any way to craft a malicious app or a malicious Web page that will make an iPad bite off the user’s hand, or deliver a dangerous electric shock, or anything.
And if there were, it would represent an Apple product-liability issue that should prompt the recall and free repair of all iPads, not a school issue.
The one legitimate concern I can see the school having here is if the students could, through app purchases or similar transactions on the pads, rack up charges the school would end up paying. Perhaps Apple needs to provide a way to separately password just accessing and using a pad/phone and making purchases (and, in the iPhone’s case, long distance calls). Then the school could retain the password for the latter, meaning they’d still control what got installed that cost them actual money.
(As for the “students will goof off in class” concern, students can goof off with paper airplanes, books, and even just daydreaming, and then no amount of techno-security will do a thing about it — the teacher imposing lost marks, detentions, and other penalties for goofing off in class, whether online or off, is the solution to that, not some sort of networking restrictions.)
Re: Safety?
“In what way is unencumbered net access a “student safety” issue?”
Porn, cyber-bullying, and all the other bullshit “safety” concerns.
“Perhaps Apple needs to provide a way to separately password just accessing and using a pad/phone and making purchases”
Already does. The password to get into the tablet (if there is one) is unrelated to the password to purchase things in the store. I can see no reason why the student would need the cloud password if these tablets are suppose to be locked down anyways.
The year after I left high school, a guy who was still in school told me that they had put a Commodore Vic-20 in the library. No disk or tape drive, just the computer and monitor. Nobody ever touched it. Commodore machines had a built-in graphics font that could be used to make simple pictures. By printing them to the screen, then printing different characters over the same location, you could make simple animations.
Since I had a C64, I used to make up different little cartoons that my friend could type in on the Vic-20. He knew nothing about computers, so I had to write/print the listings for him. Most of them were just simple 2-frame animations, although a couple included an ending. He’d leave them running in a continuous loop. Of course all they had to do was cycle the power to get rid of them.
He said the computer was removed shortly after typing in the one with a guy, a girl and a horse… 😉
OH MY GOD! WHAT IF KIDS SEE THAT SCARY WORLD OUT THERE?
Newsflash: even if you don’t let them they will access everything be it through your device or their own. In an open Wi-Fi if needed.
Really, just educate them on the dangers of revealing their identities (ie: encourage them to remain anonymous) and on the dangers of surfing whatever wherever (damage to their devices, data leak with their details and stuff). Also teach them how to encrypt and lock their self-naked-pics into safety. There, that’s what the school should be doing to protect them.
im mad
i think this is sopme bull corn, you people are over exaggerating
Re: im mad
wow, you’ll never learn will shark bait?