Teen Changes Wallpaper On Teacher's Computer; Gets Charged With A Felony By Sheriff's Office

from the CFAA:-Teen-Edition dept

Change a teacher's desktop wallpaper? That's a felony.
The Pasco County Sheriff's Office has charged Domanik Green, an eighth-grader at Paul R. Smith Middle School, with an offense against a computer system and unauthorized access, a felony. Sheriff Chris Nocco said Thursday that Green logged onto the school's network on March 31 using an administrative-level password without permission. He then changed the background image on a teacher's computer to one showing two men kissing.
Seemingly everyone at every level of government wants to talk about cybersecurity. Most of what's discussed is delivered in the breathless cadence of a lifetime paranoiac. (Won't someone think of the poor multimillion-dollar studios?!!?) This school is one level of government. So is the sheriff's office. Both felt the 14-year-old's actions were severe enough to warrant felony charges. Why? Because somebody hacked something. If you can even call it "hacking…"
Green had previously received a three-day suspension for accessing the system inappropriately. Other students also got in trouble at the time, he said. It was a well-known trick, Green said, because the password was easy to remember: a teacher's last name. He said he discovered it by watching the teacher type it in.
The teen changed a computer's wallpaper and was able to do so because the most basic of security precautions weren't taken. Multiple students took advantage of this lax security to access computers with webcams so they could chat "face-to-face" while utilizing the school's network.

The school got all bent out of shape because some of the computers accessed contained encrypted test questions. It turned the student over to law enforcement because it deemed his "breach" of its system too "serious" to be handled by just a 10-day suspension. It had him arrested because of things he could have done, rather than the thing he actually did.
One of the computers Green, 14, accessed also had encrypted 2014 FCAT questions stored on it, though the sheriff and Pasco County School District officials said Green did not view or tamper with those files.
And yet, Sheriff Chris Nocco is still looking to prosecute a 14-year-old for attempting to annoy one of his teachers. Here's the student's description of what he did.
"So I logged out of that computer [because that computer didn't have a webcam] and logged into a different one and I logged into a teacher's computer who I didn't like and tried putting inappropriate pictures onto his computer to annoy him," Green said.
Here's Sheriff Nocco's statement:
"Even though some might say this is just a teenage prank, who knows what this teenager might have done," Nocco said.
Well... you do know what "he might have done," Sheriff Nocco. And yet, your response to this situation is to hand out felony charges to a teen for something he might have done? Is that the way law enforcement is really supposed to work? [The FBI has issued the following statement: "That's the way it works for us. Almost exclusively."]

He told you exactly what he did and why he did it. Your own investigative efforts confirmed he never accessed the oh-so-untouchable FCAT questions. Incredibly, Sheriff Nocco wants to not only punish this student for something he might have done, but any other teens who might do stuff.
The sheriff said Green's case should be a warning to other students: "If information comes back to us and we get evidence (that other kids have done it), they're going to face the same consequences," Nocco said.
Sheriff Nocco: I will arrest and charge teens with felonies for annoying educators and/or exposing their inability to make even the most minimal effort to keep their computers secure. If I lived in this county, I'd be very concerned that law enforcement officials are keen on the idea of arresting and prosecuting teens for stuff they didn't do (access test questions) or things they might have done (TBD as needed for maximum damage to teens' futures).

Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    That One Guy (profile), 13 Apr 2015 @ 4:21am

    While we're at it...

    If hypothetical actions are now to be treated as though they actually happened, I suggest that along with the felony, the teenager be awarded a Nobel Peace prize for securing peace in the middle east, an Ig Noble Award for finding the most petty way to garner a felony charge(wait, that one's not hypothetical), a Medal of Valor for his daring rescue of an entire aircraft carrier from communist terrorists, and a Purple Heart for injury sustained in combat rescuing said aircraft carrier.

    After all, he might have done all that too.

    reply to this | link to this | view in chronology ]

    • identicon
      David, 13 Apr 2015 @ 6:34am

      Re: While we're at it...

      If hypothetical actions are now to be treated as though they actually happened, I suggest that along with the felony, the teenager be awarded a Nobel Peace prize

      A Nobel Peace prize for hypothetical actions? That's getting old.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Apr 2015 @ 6:00am

    why not just give the internet over to the various law enforcement depts and the entertainment industries? they both live in a totally different world to the rest of us. a world of make believe may well be nice for a while, but it cant go on forever!!

    reply to this | link to this | view in chronology ]

  • icon
    TheResidentSkeptic (profile), 13 Apr 2015 @ 6:06am

    Hey Sheriff

    Can you guess what *I* am thinking...

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Apr 2015 @ 6:11am

    What is really sad is that a bunch of students got in trouble for accessing the system and based on the article it sounds as though the admin never changed the password. Shame on the school! Seriously, what did they expect.

    This is what kids do. Even 20 years ago when I was in school the first thing everyone did when sitting in front of locked computer was try and bypass the controls. It was a badge of honor for the person who broke them. Shoulder surfing for passwords was even then standard practice

    reply to this | link to this | view in chronology ]

    • icon
      Rabbit80 (profile), 13 Apr 2015 @ 6:44am

      Re:

      Brings back memories of when I went to college.. I had many ways around the security - using a RM Networks default account for login, using a modified version of regedit to gain additional privileges then installing whatever we wanted. We gamed the system mainly so we could set up Quake LAN parties - our 10Mb account limit was too small for keeping the game files in so we needed access to the C: drive :)

      Other tricks I used was a DDOS that caused a BSOD on any machines in a list - we used that as soon as a teacher walked in the room to crash all the gaming machines.

      I got into trouble a couple of times - but never serious.

      reply to this | link to this | view in chronology ]

      • identicon
        Call me Al, 13 Apr 2015 @ 6:51am

        Re: Re:

        I remember when I left my primary school a friend of mine changed the system admin password. We'd known it all year and abused it gently to get access to a few bits and pieces we shouldn't have. Our contempt for the head of IT made that leaving present inevitable.

        reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Apr 2015 @ 6:12am

    High School

    When I was in high school I had access to the attached university's network because I was taking AP Pascal and that's where we did our work. There was no web at the time, but I had a modem at home and was active on local BBSes. While messing around on the network my friend and I found a modem and used it to call some BBSes across the country. Apparently we set off some security warning because suddenly my account didn't work. So I logged in using an unused account (they created a bunch of accounts for the class and they all had default passwords at first). Then that got cut. Then a teacher burst into the lab demanding that we stop doing whatever we were doing.

    Luckily our Dean was not an idiot, and after we explained, we didn't get into any trouble. These days I wonder if I would be charged with a felony.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Apr 2015 @ 6:12am

    Sheriff Nocco wants to not only punish this student for something he might have done, but any other teens who might do stuff.

    So how about jailing all police officers for life, as they might abuse their power to commit murder?

    reply to this | link to this | view in chronology ]

  • icon
    That Anonymous Coward (profile), 13 Apr 2015 @ 6:12am

    And the felony is from making someone with power look stupid... and the Sheriff has decided to make himself look even stupider.

    "Even though some might say this is just a teenage prank, who knows what this teenager might have done," Nocco said.

    Which sounds like the justification for each person who gets shot by cops. We dunno what they would have done so we went with the most extreme response. Cop logic.

    The teenager would have done something stupid but pretty much harmless. But for making the powers that be look bad he must be punished to the insane limits of the legal system (and then some) to remind the little people to never ever color outside the lines or question their betters.

    Zero tolerance, zero thought, zero intelligence...
    Perhaps something this stupid should be used to examine how those "unforeseen consequences" from shitty laws play out and how to fix them before ruining a teenagers life.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Apr 2015 @ 6:13am

    In my job, if someone busted into my computer and accessed sensitive info because I used a password an idiot puts on their luggage, the perpretrator would be in trouble, but so would I.

    reply to this | link to this | view in chronology ]

  • identicon
    RR, 13 Apr 2015 @ 6:13am

    Even less

    I believe just logging in with a password is sufficient for him to be found guilty. He doesn't have to do anything malicious, there's no requirement for (unaccessed) sensitive information to be on the computer.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 13 Apr 2015 @ 7:16am

      Re: Even less

      You are right, him logging in was the crime. Anything he might've done shouldn't enter into it.

      reply to this | link to this | view in chronology ]

      • icon
        Chronno S. Trigger (profile), 13 Apr 2015 @ 7:34am

        Re: Re: Even less

        Oh, anything he might have done does enter into it. They aren't saying what he could have done to get a harsher punishment, they're doing as an emotional plea.

        If they just said what he did and nothing else, there would be public backlash. Why should a student face felony charges for a stupid prank? Throwing words like "hacking" and saying what he could have done adds an emotional layer that blinds people.

        reply to this | link to this | view in chronology ]

  • identicon
    David, 13 Apr 2015 @ 6:14am

    He was lucky

    It had him arrested because of things he could have done, rather than the thing he actually did.

    Well, they only got him arrested because he could have accessed tests. Since the whole previous incident involved webcams, he should be glad he did not get booked for child pornography charges.

    After all, he had access to a webcam and a child, and it likely can be proven that he had undressed the child (namely himself) on previous occasions.

    These days, it is probably easiest to arrest people for being in the U.S.A., and if one takes a look at incarceration rates, it seems not too far from what is actually happening.

    Maybe just put a fence around the entire country, not just the Mexican border, and put everybody on probation.

    reply to this | link to this | view in chronology ]

  • identicon
    avideogameplayer, 13 Apr 2015 @ 6:15am

    Changing wallpapers?
    That's a paddling...

    https://youtu.be/pv_2a9Gira0

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Apr 2015 @ 6:18am

    I wonder how justification will be made when the taxpayers ask how much money will be spent on a questionable offence that has no victim, no one was hurt and nothing was broken, stolen or damaged. The kid should gave left a penny on the desk and claimed it was freedom of speech.

    reply to this | link to this | view in chronology ]

    • icon
      sigalrm (profile), 13 Apr 2015 @ 9:48am

      Re:

      "no one was hurt and nothing was broken, stolen or damaged"
      Not entirely true - tremendous damage has been done to the reputation of the School District and the local police department.

      reply to this | link to this | view in chronology ]

  • icon
    Spaceman Spiff (profile), 13 Apr 2015 @ 6:38am

    While you are at it

    Why not charge the teacher with felony stupidity? Kids will be kids and do this stuff. The teachers are supposed to be smarter than that! Bad sheriff! Bad sheriff! Your kid is next...

    reply to this | link to this | view in chronology ]

  • identicon
    carrie berlin, 13 Apr 2015 @ 6:51am

    teen gets charged with felony

    I think the Sheriff did the right thing based on the terrible attitude of the teen. At 14 you should know right from wrong and obvisouly this kid does not.

    reply to this | link to this | view in chronology ]

    • identicon
      Rich, 13 Apr 2015 @ 7:08am

      Re: teen gets charged with felony

      So, he should be a felon for the rest of his life for a harmless, teenage prank?

      reply to this | link to this | view in chronology ]

      • identicon
        avideogameplayer, 13 Apr 2015 @ 7:13am

        Re: Re: teen gets charged with felony

        Realistically, he probably ended up in juvenile hall for awhile...

        At 18, he can get it expunged...

        reply to this | link to this | view in chronology ]

      • icon
        PaulT (profile), 13 Apr 2015 @ 7:30am

        Re: Re: teen gets charged with felony

        That's the way it is with morons in these threads. If the kid's life can't be destroyed with a felony conviction, there's somehow no way for the school to discipline their students. Doubly so if the phrase "on the internet" or "on a computer" are involved. Brilliant.

        reply to this | link to this | view in chronology ]

    • identicon
      Just Another Anonymous Troll, 13 Apr 2015 @ 7:15am

      Re: teen gets charged with felony

      No one said not to punish him. He did tamper (if you can call screwing with the wallpaper tampering) with a school computer and should face some sort of consequence. Charging him with a FELONY is about as dumb as it gets. It doesn't matter how old he is, his attitude, (protip: having a bad attitude is not a felony), or whether or not he knows right from wrong, a practical joke is not worthy of felony charges, not even if it's on a computer. Teenagers do stupid stuff. Their lives should not be ruined just because of a minor lapse in judgement at 14. I pray to God that you are never on a jury.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 13 Apr 2015 @ 7:38am

      Re: teen gets charged with felony

      I'm pretty sure he knew this was wrong and just did it anyway. He deserves a suspension. Maybe he deserves to be banned from the computers for the rest of the year. But a felony? You think he should be in prison for the next year or so? You think that will produce the best outcome for society?

      Not every bad action needs to be a crime, and not every crime needs to be a felony.

      My guess is that the school was afraid of getting into huge trouble for letting a student access a computer with those standardized test questions on it (even though the student would have no reason to even want to look at those questions since their grades are unaffected by those tests - and in fact he did not even attempt to look at them even after he got access to the computer that had them) and decided to come down as hard as possible in the hopes that this would mollify the state.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 13 Apr 2015 @ 7:54am

        Re: Re: teen gets charged with felony

        This is the authoritarians bureaucrats ways of increasing security, use sever punishment to discourage people, rather that them having to take security seriously. It is an approach that suits them, because they do not have to understand or deal with security directly.
        Like all authoritarian measures it is prone to failure, and this is dealt with by making the punishment more sever, and applicable to more minor infractions of the rules.

        reply to this | link to this | view in chronology ]

    • identicon
      JEDIDIAH, 13 Apr 2015 @ 12:14pm

      Re: teen gets charged with felony

      The kid clearly has some sense of proportionality that "The Law" clearly does not.

      It should require a little bit more than being a disrespectful kid in order to get the kind of criminal record that can strip you of basic rights and prevent you from holding many professional and even non-professional jobs.

      This nonsense is in the same territory as jaywalking or spitting on the sidewalk.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 13 Apr 2015 @ 12:15pm

      Re: teen gets charged with felony

      Ah, I see...make it a felony based on a teenager's attitude.

      Let me ask why you don't think the teacher should be punished for potentially exposing students' personal information because of a weak password?

      You know, since you're all hell bent on punishing the kid for what "could've happened..."

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 13 Apr 2015 @ 1:09pm

      Re: teen gets charged with felony

      Based on what, exactly, did you come to this conclusion?

      reply to this | link to this | view in chronology ]

    • icon
      JMT (profile), 13 Apr 2015 @ 4:57pm

      Re: teen gets charged with felony

      "I think the Sheriff did the right thing based on the terrible attitude of the teen."

      If you think this teen's actions rise to the level of "terrible" compared to the sort of things most teens do during a period of incomplete emotional growth, then you must be seriously lacking experience with actual teens.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Apr 2015 @ 7:01am

    One Punishment Fits All.
    We're not a nation of thinkers.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 13 Apr 2015 @ 10:12am

      Re:

      Not all, only the oppressed. Notice the FBI, CIA and NSA who we know for a fact have done far worse to people who should be protected from such searches only gets a sternly worded talking too.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Apr 2015 @ 7:06am

    While we're at it why not charge the teacher because he/she *might have* deliberately used a weak password and allowed it to be seen to entrap the student?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Apr 2015 @ 7:06am

    While we're at it why not charge the teacher because he/she *might have* deliberately used a weak password and allowed it to be seen to entrap the student?

    reply to this | link to this | view in chronology ]

    • icon
      sigalrm (profile), 13 Apr 2015 @ 9:05am

      Re:

      If we're going to wield the "What part of illegal don't you understand" hammer, then here's a random thought:

      The school district needs to be investigated for probable FERPA violations by the DoE Family Policy Compliance Office. Because based on what's in the article, they clearly have problems controlling access to the computer systems containing student records.

      Oh, and the head of their IT department needs to be fired for gross negligence - for allowing the system to be configured to use such a weak password in the first place. Because in Active Directory, at least, you have to specifically enable use of such crappy passwords.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 13 Apr 2015 @ 12:00pm

        Re: Re:

        Hah. As someone who works in the IT department. You clearly have no understanding of what some IT departments have to deal with to keep everyone online and running. First, there wouldn't be a FERPA violation as most student record system in my state are cloud base and not integrated into AD. Otherwise you can specify a more complicated password but what ends up happening is then you then have a far high amount of students coming in to reset their passwords. Administration then gets upset because students are losing learning time since they are having to change their passwords. You fight with them for a couple years till they finally see that you are right. You are not allowed to put a fine in place for repeat offenders. My only reprieve after increasing the complexity in our district was that I was allowed to give librarians the ability to reset passwords. Then you top it off with trying to keep 10 year old machines running.

        reply to this | link to this | view in chronology ]

        • identicon
          JEDIDIAH, 13 Apr 2015 @ 12:17pm

          Great, the "but it's too hard excuse".

          The fact that most people are mouth breathing, knuckle dragging, idiots doesn't absolve you from legal and professional responsibilities.

          Anyone that works in IT should be able to tell you that.

          This is especially funny since we are talking about SCHOOL where the "but it's too hard excuse" should get you laughed out the door.

          reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Apr 2015 @ 7:15am

    This is what happens in a larger town where no one really knows those around them. I live in a small town and if this happened here the game would then be on. That teacher would hack his computer or cell and post a picture that might embarrass him, for certain it would get a laugh out of everyone. Yes I really know my neighbors and most of their dogs and cats names as well. It is sad what this world has come to, arresting and charging children, making them felons over a common sense issue.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Apr 2015 @ 7:16am

    Hey remember when you could hit Cancel on the login screen and it would log you in?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Apr 2015 @ 7:19am

    In other news, Instructors who have chosen their own passwords (poorly) for administrative functions were not "sent a message" about how serious the consequences of their actions can be.

    We only care about the victims, not the dangerously ignorant behaviors of those tasked with overseeing children 180 days of the year.

    reply to this | link to this | view in chronology ]

  • icon
    PaulT (profile), 13 Apr 2015 @ 7:21am

    "Even though some might say this is just a teenage prank, who knows what this teenager might have done"

    I once snuck into a storage room at school without permission and unsupervised. While there, I could have looked at some test papers. I might also have poured petrol over the paperwork there and set the whole place on fire. So, even though I didn't do so much as steal a pencil or copy a test question, I should have been charged with arson and attempted murder, because that was possible.

    I what kind of mental deficiencies you must have for this to sound reasonable just because you put "on a computer" after the initial action.

    reply to this | link to this | view in chronology ]

  • icon
    John Fenderson (profile), 13 Apr 2015 @ 7:32am

    As long as they're handing out idiotic punishments for non-crimes

    ...where is the teacher's punishment for choosing (and sharing) a completely ineffective password?

    reply to this | link to this | view in chronology ]

    • icon
      sigalrm (profile), 13 Apr 2015 @ 9:16am

      Re: As long as they're handing out idiotic punishments for non-crimes

      Or the IT administrators for configuring the system to allow such a password to be used?

      reply to this | link to this | view in chronology ]

  • identicon
    lars626, 13 Apr 2015 @ 7:38am

    ... and when do we hear about the punishment for the teachers and administrators for the lax security features? They created the situation in the first place. If the 14 year old is to be charged then they should be charged with 'contributing to the delinquency of a minor' or what ever it is called these days.

    A better outcome would be for the sheriff to get the parents and kid in a room and give them the 'stern cop' treatment. He then collects the school staff and rips them up for being lazy, stupid, and wasting his time.

    reply to this | link to this | view in chronology ]

  • icon
    Berenerd (profile), 13 Apr 2015 @ 7:41am

    So, as this computer had sensitive materials on it, does the teacher get fired for not following security procedures put out by those who do the testing? How about the school administrator who allowed this to happen? If they are going to go over board with the student they should be doing the same for all who were involved on both sides. Seems fair to me.

    reply to this | link to this | view in chronology ]

    • icon
      PaulT (profile), 13 Apr 2015 @ 7:52am

      Re:

      In fairness, this is consistent with modern corporate and government procedures. If someone finds a security flaw, the usual reaction is to get the researcher who found the flaw arrested and prosecuted rather than admit fault or fix the error. Doesn't matter how easy it was (people have been prosecuted for changing the URL in a link, for example), as long as those responsible can divert blame, it's all good.

      reply to this | link to this | view in chronology ]

    • icon
      sorrykb (profile), 13 Apr 2015 @ 11:28am

      Re:

      I'd guess the school sacrificed the student in order to appease the company that made the FCAT tests. I wouldn't be surprised if the company has some clause in its contract with the state demanding as much. Testing is big business.

      reply to this | link to this | view in chronology ]

  • icon
    Chronno S. Trigger (profile), 13 Apr 2015 @ 7:46am

    "'Even though some might say this is just a teenage prank, who knows what this teenager might have done,' Nocco said."

    I don't get it. Why is human motivation treated like Quantum Theory? The wave form has already collapsed, we know the outcome.

    The kid wasn't interrupted while logging in, he completed his prank. We know what he might have done because he already did it.

    What would you do if you had unfettered access to a school computer? Well, for this kid the answer was: put up a stupid wallpaper.

    reply to this | link to this | view in chronology ]

    • identicon
      eye sea ewe, 13 Apr 2015 @ 8:15am

      Re: You can't expect a lowly LEO to understand...

      anything regarding high technology, quantum mechanics or advanced mathematics.

      It is very likely that he has only mastered the rudimentaries of "reading, riting, and rithmatic".

      My sheep probably know more than he does about the complexities of computer technology. One can only hope that, if he has any children, they are somewhat more intelligent than he is.

      I suppose it's time to stop being sarcastic at this little man and let it go. But stupidities like this wear thin against my charitable side.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 13 Apr 2015 @ 8:30am

        Re: Re: You can't expect a lowly LEO to understand...

        But stupidities like this wear thin against my charitable side.

        Which stupidity, a kid being a kid, and which a teacher should know how to deal with, or authority figures turning a harmless prank into a felony.

        reply to this | link to this | view in chronology ]

        • identicon
          eye sea ewe, 13 Apr 2015 @ 8:45am

          Re: Re: Re: You can't expect a lowly LEO to understand...

          Which stupidity, a kid being a kid, and which a teacher should know how to deal with, or authority figures turning a harmless prank into a felony.
          I thought it was obvious that I was talking about the "supposed" adults (you know the copper and the school admin).

          The kid has been a kid that could use some good self-discipline, but he isn't going to learn that from the examples of the various "authorities" he is now dealing with. They are acting more like little tantrum throwing children and are not providing any sort of decent adult example.

          reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Apr 2015 @ 7:53am

    haha
    Welcome to the Glorious Peoples Republic of Freedom!

    reply to this | link to this | view in chronology ]

  • icon
    DeadBolt (profile), 13 Apr 2015 @ 7:58am

    Welcome to the United States Of Incarceration

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Apr 2015 @ 7:58am

    Is common-law no longer a thing?

    How is this allowable under corpus delicti? You have to prove a crime occurred before prosecuting for said crime. Otherwise you are assuming mens rea ("guilty mind") is the actual actus reus ("guilty act"), and this all goes from a justice system (hardly at all anyway) to Minority Report.

    reply to this | link to this | view in chronology ]

    • icon
      James Burkhardt (profile), 13 Apr 2015 @ 8:33am

      Re: Is common-law no longer a thing?

      UNfourtunately, all the talk about what he MIGHT have done is just adding emotional justification for the charge. Learning and using the password is the actual crime.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Apr 2015 @ 8:00am

    Working in a school, we had a student who brute forced a computer and started installing a bunch of games. That was actually hacking and not just figuring out someones password. As punishment, we had him do some work for the tech department. We got 4 hours of his time and he never did it again at the school.

    reply to this | link to this | view in chronology ]

    • icon
      Vincent Clement (profile), 13 Apr 2015 @ 8:09am

      Re:

      What? Your school didn't blindly suspend him for a couple of days and expect him to change his behaviour?

      reply to this | link to this | view in chronology ]

    • identicon
      DCL, 13 Apr 2015 @ 12:37pm

      Re:

      I disagree with your definition of "hacking". Hacking a system is just to get unauthorized access to a computer and the majority of the time that is not done via code but by "social engineering".

      Over the shoulder attacks are really just an old form of social engineering since you have to make the user feel comfortable to enter the password yet still be able to watch. Even easier is the "password under the keyboard/in the drawer".

      Even "brute force" methods start with the common passwords (see the yearly list of common passwords)if you know the person then you start with birthdays, kids names, favorite sports teams etc.

      reply to this | link to this | view in chronology ]

      • icon
        John Fenderson (profile), 13 Apr 2015 @ 12:45pm

        Re: Re:

        "Hacking a system is just to get unauthorized access to a computer and the majority of the time that is not done via code but by "social engineering". "


        But the AC said that the password was brute-forced, not obtained through social engineering. It sounds like hacking to me.

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 13 Apr 2015 @ 1:15pm

          Re: Re: Re:

          Agreed, brute-force is more hacking than "password cracking" which is what the 14yr old in the instant case here did.

          reply to this | link to this | view in chronology ]

    • icon
      JP Jones (profile), 14 Apr 2015 @ 2:56pm

      Re:

      I did the same thing when I was 14. I "hacked" our school's advanced security system. Basically, the system prevented you from right clicking on the desktop or accessing the "run" command (Windows 95) to lock students into approved programs. So I opened Word, opened a "Open" dialog, and right clicked the C:\ drive and chose "Explore." A couple seconds later I found File Manager, which conveniently had a run command...yeah, you get the idea.

      Four player deathmatch Grand Theft Auto (yes, the original top-down game) is all I remember from my typing class. I ended up getting the "Excellence in Computer Science" award all four years in high school, even after finally being caught (well, someone else got caught and told on me). I ended up helping them out with the computers after hours, no big deal.

      Seriously, though, I've committed half the crimes students are getting criminal charges for in high school. I've hacked computers, wrote threatening messages, drew pictures of guns and knives, got in fights, and even proved teachers wrong. It sickens me that normal behavior has become such a huge deal.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Apr 2015 @ 8:00am

    Blame the school administrators

    Its well known that passwords alone are no longer an effective security measure. One would like to think that an educational institution would know this.

    The lack of two-factor authentication is what allowed this prank to take place.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 13 Apr 2015 @ 8:15am

      Re: Blame the school administrators

      As an IT administrator at a school, I can tell you that the teacher union would come down on you if you tried to make dual authentication a standard. Passwords are effective in a school environment. They don't need to have high level of security. Teachers already have a problem remembering passwords. Any additional complication, that could be viewed as unneeded, such as dual authentication, would cause the teachers to get angry and go to their union rep. Passwords are only effective if it is a proper password. The password in this instance was the teachers last name. I have stronger requirements in place but I still find teachers making passwords that are easy to guess.

      reply to this | link to this | view in chronology ]

      • icon
        sigalrm (profile), 13 Apr 2015 @ 9:27am

        Re: Re: Blame the school administrators

        Forget 2-factor:

        In AD Group Policy Management:
        Computer configuration -> Policies -> Windows Settings -> Security Settings -> Account Policies/Password Policy -> Password must meet complexity requirements.

        Turn the knob from Disabled back to Enabled (which is the default, anyway) and hit apply. And now Windows won't accept a password as simple as a person's last name.

        Where should I send the consulting bill?

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 13 Apr 2015 @ 9:59am

          Re: Re: Re: Blame the school administrators

          "Student logs into teacher's computer! Password written on a post it note under the keyboard! When asked for comment, the teacher said 'I kept forgetting my password, so finally I just wrote it down and put it where I could get it when I needed it. I didn't think any students would start messing around at my desk.'"

          reply to this | link to this | view in chronology ]

          • icon
            sigalrm (profile), 13 Apr 2015 @ 10:26am

            Re: Re: Re: Re: Blame the school administrators

            Then that's on the teacher, and punishable as per their employment agreement. You know, the one where they agree to follow district policy, and then make a conscious decision not to?

            It would - at the very least - partially insulate the school district from liability in this case. Which doesn't seem like a lot until your lazy teacher brings the federal government down on the school and the district.

            reply to this | link to this | view in chronology ]

            • identicon
              Anonymous Coward, 13 Apr 2015 @ 11:42am

              Re: Re: Re: Re: Re: Blame the school administrators

              Trying getting that past the teacher's union. You can't just fire them like in a business. It is difficult to even get minor changes in the contract and once it is set, you have to wait 3 years before you can implement even more minor changes. Anytime you try to make any changes, it is instantly associated with better pay. If you can't afford to increase their pay then you can't really make a change unless you give up on another issue. On a lot of these issues, you just have to hope that the teachers holding up that section of the contract will retire. Then new younger generation of teachers are much more conscious about their digital citizenship so it isn't a problem. Otherwise, I completely agree with you.

              reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 13 Apr 2015 @ 11:28am

          Re: Re: Re: Blame the school administrators

          You can keep your consulting fee to yourself. Mine is already setup with that but it is still get things like FirstLastname15. But you know what ends up happening even after you implement a layer of complication? They put a sticky note with the password attached to their monitor. What is more secure? An easy password that they can remember or a hard password that they attach a sticky note to the monitor.

          reply to this | link to this | view in chronology ]

          • identicon
            Anonymous Coward, 13 Apr 2015 @ 1:21pm

            Re: Re: Re: Re: Blame the school administrators

            These are.. teachers? That we entrust the future of our countries children to?

            How did they become teachers if they can't remember anything more difficult then their name? Isn't college, and being a teacher requires college, supposed to prepare you for the hardships of life?

            I didn't finish college but I made my way to Engineer. Even without college I can remember a complex passPHRASE. (Insert obligatory correct horse battery staple XKCD here). You should have moved to this method over all others.

            reply to this | link to this | view in chronology ]

            • icon
              John Fenderson (profile), 13 Apr 2015 @ 2:06pm

              Re: Re: Re: Re: Re: Blame the school administrators

              Even without the XKCD method, memorizing random passwords isn't hard. Ignoring my personal machines, I have five passwords that I need to use on a daily basis for work. These must be changed frequently. They are all random. Here's a typical example: mZcN&Or-xE

              When password change day comes around, I do have a couple of days of fumbling because I need to look the passwords up in my password locker, but after that, my fingers just know what they are. I wouldn't be able to tell you what they are, because I don't remember, but my fingers know.

              Muscle memory FTW!

              In any case, remembering passwords isn't so hard even without using mnemonic tricks. Part of the problem is that people have had it drilled into their heads that they should never write down passwords. This is incorrect and harmful to security overall. What people should be told is how to keep passwords safe regardless of the medium they're stored in.

              reply to this | link to this | view in chronology ]

        • icon
          John Fenderson (profile), 13 Apr 2015 @ 12:06pm

          Re: Re: Re: Blame the school administrators

          You're assuming that the school is using AD.

          Even if it is, AD complexity requirements aren't a silver bullet. Users that think their last name makes a good password are users who will write the complex password on a sticky and affix it to their monitor.

          reply to this | link to this | view in chronology ]

      • icon
        Uriel-238 (profile), 13 Apr 2015 @ 12:18pm

        "Passwords are effective in a school environment."

        Obviously not.

        reply to this | link to this | view in chronology ]

    • icon
      John Fenderson (profile), 13 Apr 2015 @ 8:19am

      Re: Blame the school administrators

      "Its well known that passwords alone are no longer an effective security measure."

      No, that's not well known at all. What is well known is that many people don't want to be bothered with creating and using passwords correctly.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Apr 2015 @ 8:29am

    The greatest scheme ever...

    I might have become a copyright lawyer, so I DEMAND that you all pay me, since you are on the internet and you could possibly break copyright law!
    MUHAHAHHAhahahhh.... what do you mean that someone is already doing this?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Apr 2015 @ 8:35am

    Why am I not surprised this is Florida? What is wrong with those people? Is it something in the water?

    reply to this | link to this | view in chronology ]

  • icon
    Jeff Green (profile), 13 Apr 2015 @ 9:11am

    Fair is fair

    If the student's name is to be made public for playing a stupid prank then the school principal, the school head of IT and the teacher in question must all be named too so we can see what sort of incompetent idiots are in charge of educating young Americans.
    We could then start a couple of watch lists
    "People who should never be allowed to teach or work in contact with young people"
    and
    "People who must never be allowed to work in any way connected with law enforcement"
    This could also be a shot in the arm for the American paper ink and pen manufacturing industries ...

    reply to this | link to this | view in chronology ]

  • icon
    LVDave (profile), 13 Apr 2015 @ 9:50am

    Re: Re: While we're at it...

    You don't have to have your tin-foil hat on too tight, or hell, even HAVE a tin-foil hat, to realize that this government is working hard to make EVERYBODY a criminal.. With all of the laws/rules, written by unelected bureaucrats, its close to impossible to NOT break some law/rule every day of the year.. No matter how law-abiding you are, I gar-on-tee you you've broken *some* law or "rule" every day of your life, and are just lucky some gun-happy LEO hasn't caught you and put you behind bars.. THAT, Friends, is the aim of our current "government"....

    reply to this | link to this | view in chronology ]

  • icon
    Valis (profile), 13 Apr 2015 @ 9:57am

    Homophobic Americans

    There is *nothing* inappropriate about two men kissing!

    reply to this | link to this | view in chronology ]

    • icon
      Uriel-238 (profile), 13 Apr 2015 @ 12:21pm

      Re: Homophobic Americans

      We have lots of them who think so and are distressed by gay PDAs as they are dark-skinned people walking freely in their neighborhood.

      reply to this | link to this | view in chronology ]

  • icon
    scatman (profile), 13 Apr 2015 @ 11:19am

    the fix is

    all the kid has to do is say that he (himself) is gay, and all is forgiven

    reply to this | link to this | view in chronology ]

  • icon
    Falindraun (profile), 13 Apr 2015 @ 11:53am

    Could have done ?!? Might have done?!?

    i could have ran over about a dozen people on my way home from work on friday, but did I? No I didn't.

    If we as Americans were arrested on what we could have done or might have done, then everybody would be in jail. I hope this kid gets a good lawyer and sues the sh*t out of the school district and the sheriff for this misuse and abuse of justice and the law.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Apr 2015 @ 1:13pm

    Quite funny that the humans involved act like computers themselves. Unable to think outside "the rules" they've been programmed with.

    reply to this | link to this | view in chronology ]

    • icon
      Uriel-238 (profile), 13 Apr 2015 @ 1:26pm

      Not unable. Unwilling.

      This is how it works.

      If you follow policy then you are not held responsible for the outcome.

      If you used discretion, even if it was in good faith (e.g. rational, compassionate or proportionate to the circumstances) then you are held responsible for the outcome, even if the outcome had nothing to do with the decision you made.

      In this case, held responsible can be anything from being publicly censured to fired to sued directly by parents or even imprisoned.

      So people follow policy because if they have to choose between some other guy's kid or their own ass, they're going to cover their own ass. Every. Single. Time.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 13 Apr 2015 @ 7:00pm

        Re: Not unable. Unwilling.

        "If you follow policy then you are not held responsible for the outcome."

        In a lot of places and situations, even if you follow policy you *will* be held responsible for the outcome if a stupid policy backfires. Either way, you loose.

        The ones *not* usually held to any meaningful level of accountability are the ones who make stupid policies in the first place. Sh*t still flows downhill.

        reply to this | link to this | view in chronology ]

        • icon
          Uriel-238 (profile), 14 Apr 2015 @ 2:00am

          In a situation that goes south...

          being able to say this is what I was supposed to do, and that's what I did is a better position than being able to say I acted on my best judgement at the time.

          Policy may make for more situations in which things turn out badly (than discretion), but it's much more defensible when things do.

          reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Apr 2015 @ 1:46pm

    So, the point is that our Law Enforcement and school officials have sunk to the lowest common denominator. Whatever you do, DON'T THINK! Follow the "rules" exactly and literally. Any deviation will be grounds for dismissal or worse.

    Kids? We don't need no stinkin' kids. Throw 'em in a concentration camp where they belong.

    What's next? Arresting toddlers in preschool and charging then with felony assault for throwing their sippy cups at another student? Wouldn't put it past them! Where does it end?

    reply to this | link to this | view in chronology ]

  • icon
    Padpaw (profile), 13 Apr 2015 @ 2:01pm

    you will only think about what you are told to think about. Any deviancy will get you charged with thought crime

    reply to this | link to this | view in chronology ]

  • icon
    Padpaw (profile), 13 Apr 2015 @ 2:03pm

    Why not have the sheriff charged with murder since he has access to guns and he might go crazy and start shooting up people on the street.

    he has the means, and it has happened in the past to other cops. Let's just use his own twisted logic on himself. Though no doubt he will exempt himself.

    reply to this | link to this | view in chronology ]

  • icon
    Uriel-238 (profile), 13 Apr 2015 @ 5:17pm

    The sheriff will exempt himself.

    They always do.

    Obama believes the drone-strike program and the dragnet surveillance program are both safe while he wisely administrates.

    But there were lame-duck bills standing by to curb presidential power if Romney were to get elected.

    Ourselves, we are pure and good and incorruptible. It's the other people we have to watch out for.

    Always the other people.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 14 Apr 2015 @ 1:59am

    Keeps me wondering

    Why the Sheriff has not been charged with rape yet? He has the tool and knows how to use it, I suppose? So he MIGHT have done it.

    reply to this | link to this | view in chronology ]

  • identicon
    Ole Canadian, 14 Apr 2015 @ 1:47pm

    Thought crimes

    I have grown up as a Canadian, smug in the knowledge that 'we' Canuk's were smarter, kinder, more compassionate and sharing [of our tax dollars funding healthcare for all] than our American kin folk down south.

    That, is about to end; Comrade Harper , our glorious evangelical [American GOP/tea party inspired] Leader, is about to pass legislative Bill C-51. C-51 will allow our version of the NSA, to 'interrupt' the activities/financing/travel/freedoms of anyone who 'MAY' commit a criminal/terrorist act. Presently, the threshold stands at 'likely to'

    Amazing, when you realized that presently, peaceful environmental activists, and/or peaceful tar sands demonstrators, are tagged in the same category as domestic jihadi terrorists...

    Once C-51 becomes law, our smugness will be wiped from our faces.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 14 Apr 2015 @ 7:53pm

    By their logic we should give all drivers tickets because they all have the potential to speed and run over children...think of the children.

    reply to this | link to this | view in chronology ]

  • identicon
    Realist, 15 Apr 2015 @ 1:36am

    Be sure to watch the documentary "The War On Kids"

    It's on YouTube.

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Show Now: Takedown
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.