Cyntech’s Tech Blog

A colleague told me today that her son was suspended from school for ‘hacking’ the school computers.  It turns out that he had managed to bypass the Department of Education’s firewall by guessing the password to the local system and was browsing game websites that were blocked by said firewall.

I understand that he did something that was wrong, but I believe the suspension was a complete knee jerk and not appropriate for what had been committed.  Firstly, the network administrator at the school had a password which was a name, a cat’s name to be specific.  This breaks probably the simplest, if not the most important rule on passwords; Do NOT use names/single word for passwords!  Secondly, he was only browsing websites.  It’s not like he had broken into a database or was performing some malicious action against the school or another organisation.  Punishment was necessary/required for breaking the rules, but suspension? Come on, he only highlighted the fact that the brain-dead administrator was stupid enough not to secure his network/systems properly.

It also tells me that not much has changed since I was at high school, when the staff tasked with the school’s network administration or even teaching of computer studies courses knew little about IT or computers in general.  I don’t know if this is a funding issue or the fact that there just isn’t anyone with the required skillsets interested in working for schools, but something needs to change there.

Update: It turns out the passwords are a little more secure than I first understood.  It turns out that another student discovered the staff member’s username then through a process of asking said staff member questions in general discussion worked out the answers to the three security questions required to access a ‘forgotten password’.  This student then logged in as the staff member for my colleague’s son to use (an accessory after the fact as it were). This is a little more sinister, but still doesn’t change the fact that it was possible for a student to obtain the staff member’s password.  More stringent precautions need to be in place for retrieving passwords (email confirmation etc).

The fact that the son in question was suspended when they weren’t the one who obtained the information is even more so a glaring insight into how much the school has got it wrong.

This article over at the SMH tells about the University of New South Wales (UNSW) getting a bit hot and bothered by the fact that their free wireless internet service is being used to download pirated software and music.

I have just one word…

DUH!

In a demographic where people are more technologically savvy about the internet and software/music piracy, a University should know better than to offer a free internet service.  I know I would love access to a free internet service, but this is exactly what I would expect to happen in todays age.

The state of Australian free to air TV and the cost of Pay TV means that pirated copies of American and British TV shows are some of the most popular items to be downloaded.  Tie that in with the cost of Australian Broadband and you’ll have thousands flock to a free broadband service to soak up as much as they can before the Cyber Cops turn up.

A friend of mine has been renowned for pushing computers and their inner parts to their limits in the past. So when he destroyed 4 Gigabytes of RAM the other day, I automatically assumed he’d overclocked it.

I don’t understand why people want to change hardware from their default settings.  Why bother get that extra 5 frames per second?  Why bother risking the items destruction milking that extra little bit of performance out of it when the manufacturer has already set it to it’s most efficient setting?  To me, it just sounds like a huge waste of money.

/discuss.