I came across an interesting article on the IOError blog about a group of schoolkids in the Kutztown PA School District who were caught installing extra software, including iChat onto their school provided laptops. The situation has now progressed to the kids being charged under Computer Trespass laws – a crime equivalent to asault.
Whilst on the one hand I am well aware of school policies towards computers, it is also the case that many kids will attempt to get around the rules, and as such should probably get some punishment. However the response of the authorities seems a little excesive, especially when you consider the examples of administrative incompetence displayed by the staff responsible for the machine set-up, that left the door wide open. If the kids had been involved in major hacking attempts, then maybe – but the IT staff didn’t follow the most basic of rules.
For example, the first administrator password was actually written and taped to the laptops, so all the kids had to do was read off the password. Even if it wasn’t written on the machine, the password was the street address of the school. After that the password was changed, but again was easy to obtain. There is more press coverage over at Wired, who make the point that school IT staff are usually pretty poorly trained, however it seems to me that money would be better spent training IT staff in basic security practices than prosecuting kids who just read a password taped to the back of their machine!
The kids themselves also have a web site – www.cutusabreak.org.