- My Forums
- Tiger Rant
- LSU Recruiting
- SEC Rant
- Saints Talk
- Pelicans Talk
- More Sports Board
- Fantasy Sports
- Golf Board
- Soccer Board
- O-T Lounge
- Tech Board
- Home/Garden Board
- Outdoor Board
- Health/Fitness Board
- Movie/TV Board
- Book Board
- Music Board
- Political Talk
- Money Talk
- Fark Board
- Gaming Board
- Travel Board
- Food/Drink Board
- Ticket Exchange
- TD Help Board
Customize My Forums- View All Forums
- Show Left Links
- Topic Sort Options
- Trending Topics
- Recent Topics
- Active Topics
Started By
Message
re: Anyone with IT experience at a High School
Posted on 2/21/22 at 6:33 pm to cbr900racer22
Posted on 2/21/22 at 6:33 pm to cbr900racer22
Students each have a unique login. A tech can do an audit on the user and see all events and actions that the user has done... Basic IT security...
As for expulsion, challenge it. Get a copy of the district's student rights and responsibilities (most have it online).
As for expulsion, challenge it. Get a copy of the district's student rights and responsibilities (most have it online).
0
Posted on 2/21/22 at 7:05 pm to cbr900racer22
quote:
This was a big mystery to them and said it took days for IT to pin it down to my Son. I am really confused.
the audit trails in the Google Admin console would make this a five minute task. As another poster mentioned someone is covering their arse. The trails would also show the user and when the permission levels were changed. View only status for an entire Google share drive is literally one click. It's not some NSA level security system we're talking about..
This post was edited on 2/21/22 at 7:06 pm
Posted on 2/21/22 at 7:36 pm to cbr900racer22
quote:
He is being accused of Unauthorized Use of Technology. They are saying numerous files were moved or had permission changes. They couldn't prove it was actually him but said forensic evidence showed it was his login that made these changes.
There is a lot wrong with this statement.
If your son is not allowed to move these files, why does his account have privileges to do so. Why does any student have privileges to change permissions on these files (or any files on the network not in the students personal drive).
This is a failure of the system admins, not your son.
If he was storing and sharing porn on their network, that is one thing, but this is not anything that warrants more than a hand slap, if that.
Posted on 2/21/22 at 7:42 pm to philabuck
I'm not familiar with the google drive school accounts.
How easy would it be for a person that isn't an admin to change their own permissions?
ETA: I'm sure its possible in a dark web, hacker envionment, but this link says only the ADMINISTRATOR can give permissions to either edit, comment on, or only view the file in Google Drives.
Looks like the admin screwed up and gave permissions that shouldn't have been granted and from there it can be as simple as an errant key stroke or another kid in the room accessing his PC, but either way this sounds like its at least 90% on the admin of the school and especially the network director of said school.
How easy would it be for a person that isn't an admin to change their own permissions?
ETA: I'm sure its possible in a dark web, hacker envionment, but this link says only the ADMINISTRATOR can give permissions to either edit, comment on, or only view the file in Google Drives.
Looks like the admin screwed up and gave permissions that shouldn't have been granted and from there it can be as simple as an errant key stroke or another kid in the room accessing his PC, but either way this sounds like its at least 90% on the admin of the school and especially the network director of said school.
This post was edited on 2/21/22 at 7:51 pm
Posted on 2/21/22 at 11:31 pm to cbr900racer22
Man, we used the schools scanners, digital cameras and ID maker to make fake ID's in high school. He moved a file and changed permissions... allegedly... and his account was allowed to do it and they want to expel him. The can frick right off.
Posted on 2/22/22 at 12:20 am to cbr900racer22
Just want to summarize what most people have said in here in a way you can go back to the school and speak with them about.
1. If he did move the files and change the permissions as they are claiming, then they were not following the Principle of Least Privilege. Least privilege says that a user only has as much access to a system as he absolutely needs. This is the a basic security principle that should be in place ever. If he has more than read access (which is required to move or change permissions) into the google drive then the person (likely a teacher or yearbook sponsor) gave him this permission. That person granting him the access likely violated the schools Information Security Policy.
2. If this access was granted to him by a teacher or sponsor, then it is more likely (arguably) that he made the file move and permission change in accident by a drag and drop error. He was likely meaning to copy the files but instead the drag and drop acted as a cut and paste removing it from the original location.
3. If you went back into that folder and do not have the ability to move the files then they likely went in and changed his file permissions after the fact to remove this access from him. Ask them why he had that access in the first place and how he got it.
4. Tell them that after speaking with a couple of security experts and telling them about the scenario that they said it is far more likely that this was would have been completely unintended based on him being granted too high of privileges within the system, a user error of you will. After all teachers cannot be expected to be computer experts just like high school students cannot. Tell them that you understand the severity of the situation and after a long talk with your son that he does as well. Tell them that you are willing to look past this as a learning opportunity and not push the issue any further if they are. And thank them for their time and concern.
Now, if your son snuck onto the teachers computer and gave himself that permission with her account, or was otherwise able to give himself those permissions inappropriately then this is a much different story. So you need to have a clear eyed conversation with your son and ask him if you need to go to bat for him and let them know that this was not a malicious action and you will under no circumstances accept punishment for the accident and will lawyer up if needed. Or if his actions were not as innocent as he lead you to believe ask him and let him know that you will do your best to minimize damage and work on getting temporarily suspended and not expelled.
As a security expert I can say that kids generally do inappropriate things on computers because they are curious at how things work, not because they are trying to be malicious. Good luck, keep us updated on the outcome.
1. If he did move the files and change the permissions as they are claiming, then they were not following the Principle of Least Privilege. Least privilege says that a user only has as much access to a system as he absolutely needs. This is the a basic security principle that should be in place ever. If he has more than read access (which is required to move or change permissions) into the google drive then the person (likely a teacher or yearbook sponsor) gave him this permission. That person granting him the access likely violated the schools Information Security Policy.
2. If this access was granted to him by a teacher or sponsor, then it is more likely (arguably) that he made the file move and permission change in accident by a drag and drop error. He was likely meaning to copy the files but instead the drag and drop acted as a cut and paste removing it from the original location.
3. If you went back into that folder and do not have the ability to move the files then they likely went in and changed his file permissions after the fact to remove this access from him. Ask them why he had that access in the first place and how he got it.
4. Tell them that after speaking with a couple of security experts and telling them about the scenario that they said it is far more likely that this was would have been completely unintended based on him being granted too high of privileges within the system, a user error of you will. After all teachers cannot be expected to be computer experts just like high school students cannot. Tell them that you understand the severity of the situation and after a long talk with your son that he does as well. Tell them that you are willing to look past this as a learning opportunity and not push the issue any further if they are. And thank them for their time and concern.
Now, if your son snuck onto the teachers computer and gave himself that permission with her account, or was otherwise able to give himself those permissions inappropriately then this is a much different story. So you need to have a clear eyed conversation with your son and ask him if you need to go to bat for him and let them know that this was not a malicious action and you will under no circumstances accept punishment for the accident and will lawyer up if needed. Or if his actions were not as innocent as he lead you to believe ask him and let him know that you will do your best to minimize damage and work on getting temporarily suspended and not expelled.
As a security expert I can say that kids generally do inappropriate things on computers because they are curious at how things work, not because they are trying to be malicious. Good luck, keep us updated on the outcome.
Posted on 2/22/22 at 6:21 am to Stuckinthe90s
Very helpful. Thanks for taking the time to put this together.
Posted on 2/22/22 at 6:36 am to BabySam
quote:
Ive had to deal with issues like this with adults in a work environment. Someone accidentally dragged/dropped a folder into another folder
This happens all the time in a corporate setting. If a ticket comes in to restore a folder it has almost always been accidentally dragged,dropped into a nearby subfolder.
If all he needed to do to complete his assignment Is acces to the files in the folderthen all he should have is "read" permission on the folder/files and not "write".
Sounds like an IT problem to me. You are supposed to assign the minimum permissions that a user needs when designing your security strategy.
Posted on 2/22/22 at 7:30 am to cbr900racer22
quote:
it is a Google drive page
Dude, I don't know where you live but do your child better and move out of that shithole school district. My wife teaches and uses google drive. The type of files that should be on a teacher's google drive are assignments, etc. If the teacher didn't set up the permissions correctly, that's on them.
There should be nothing contained on a google drive that tampering should ever warrant an expulsion.
Posted on 2/22/22 at 7:55 am to cbr900racer22
quote:
Now that I am home to do some investigating it is a Google drive page. [...] These are yearbook photo files by the way.
They want to expel your son because he inadvertently changed file properties on a Google Drive containing yearbook photos?
This is like a teacher asking your son to file his assignment in a file cabinet and expelling him because he accidentally put it in the wrong drawer.
I believe your son because unless there's something we're not being told here (like your son manipulated or deleted yearbook photos), there's very little opportunity for your son to gain anything out of messing with the files.
Let this serve as an early lesson to your son in the crippling nature of bureaucracies. Some teacher or faculty member was inconvenienced over something trivial, now someone is overreacting, ignorant, or covering their arse, and now the system will crush your son as collateral damage to their incompetence.
Posted on 2/24/22 at 2:34 pm to cbr900racer22
Expulsion got denied. Back to school tomorrow. Still not happy the way all this went down so about to be visiting the school board so him getting kick out or me with some chrome bracelets is still a possibility.
Thanks for all the suggestions.
Thanks for all the suggestions.
This post was edited on 2/24/22 at 2:35 pm
Posted on 2/24/22 at 3:21 pm to cbr900racer22
quote:
Expulsion got denied. Back to school tomorrow. Still not happy the way all this went down so about to be visiting the school board so him getting kick out or me with some chrome bracelets is still a possibility.
Thanks for all the suggestions.
You won. Don’t frick it up right at the finish line because you can’t help yourself but take a victory lap. If you want to talk to the school board, go for it. But act like an adult.
This post was edited on 2/24/22 at 3:26 pm
Posted on 2/27/22 at 11:35 am to cbr900racer22
quote:
He is being accused of Unauthorized Use of Technology. They are saying numerous files were moved or had permission changes. They couldn't prove it was actually him but said forensic evidence showed it was his login that made these changes.
They can prove it was his login, absolutely, presuming they use AD (which I cannot imagine they don't). Of course you could take them to court and demand they show said evidence.
Now the other thing it can prove is WHEN it occurred and from which device or IP. Are the systems accessible outside of their network? Do the students have access from outside the network? I would guess the second one is "no". If so, can he prove that he was not on a computer at the time (like if it occurred when a teacher can verify he wasn't in front of a computer)? Then, as someone above has already stated, then he might be more in trouble for password sharing. This presumes, of course, that he simply didn't use a password that was easy to guess (like his girlfriend's name and the year she was born or something).
There's more evidence than just the logon name. I'd ask for the date and time the files were moved and the corresponding logon information (computer name and physical location of the computer).
That being said, there's this:
quote:
My Son says the was supposed to be in that folder because of an assignment in another class
This implies your son was definitely in the folder. In all honesty, he shouldn't have been able to make ANY changes to the files. Why his account was granted that level of access to a folder is beyond me - that's definitely something that should not have been possible (as a student his account should have "Read Only" access to files and incapable of altering their permissions or location).
Posted on 2/28/22 at 1:37 pm to cbr900racer22
For what its worth, I know high schools like to use scare tactics many times when finding out something. Like straight lying and bluffing, shady MOFOs...
Maybe your son has a friend who might've done it.
Maybe your son has a friend who might've done it.
Posted on 3/2/22 at 6:25 am to OldRebYeller
your son shouldn't have access to serious files. that is a security issue on their end. not your kid's fault. if he hacked into a teacher's account that is another story but the fact is this low level student some how has access to important files that the schools deems for expulsion. you have to hit them with that angle to save your kids life
Posted on 3/3/22 at 8:37 pm to MountainDewGF
quote:
You could do a public records request regarding the incident to get the "full story"
This. And, if his account had access to thing it should not then that is on the IT Admin that gave his account that access. He did nothing outside of what his account was granted access to do. Still not saying he did anything, just that however it happened his account had permissions it shouldn’t. It would be a miracle if he was able to give himself those permissions, it would be highly believable that the SysAdmin is an idiot.
If you need someone to dive deep into any log data they provide, pm me. I have a very low tolerance for inept SysAdmins.
Edit: just saw further up that his expulsion was denied. Glad to hear that.
This post was edited on 3/3/22 at 8:53 pm
Posted on 3/4/22 at 3:39 pm to cbr900racer22
quote:
Today I get a call saying I have to pick my Son up from school and the school is recommending expulsion. We have a hearing later this week.
He is being accused of Unauthorized Use of Technology. They are saying numerous files were moved or had permission changes. They couldn't prove it was actually him but said forensic evidence showed it was his login that made these changes.
Produce the empirical evidence he did it, like video tape of him at a computer doing it or GTFO.
quote:
Does anyone know how these systems work? Do they not have screen recorders, wouldn't the files be somewhat protected if they were that valuable, is there anyway to prove that he was the one that actually did it? All they are telling me is it came from his account.
Can there be screen recorders? yes Are there screen recorders? not likely, to expensive and takes up to much space.
Security is only as good as the administrators and software being used. Most likely its a Windows domain situation and most administrators I have dealt with do not understand the difference between Share and NTFS permission. I have seen so many over-permissioned system in my career simply because people do not understand how to issue them properly and they go straight to full control for everyone.
If someone did it on his account, there is no way to prove it was not him, but unless they have time stamp of video matching the audit logs, they have no clue who did it. In these situations, I have the student change the password immediately. I have seen too many administrator mistakes blamed on students in my life. Goes back to that other thread, they do not understand how it happened so your son must be a hacker.
quote:
All they are telling me is it came from his account.
This does not mean shite. Seriously, a good hacker will use someone else's account and they will never even know it. Seriously, I would get serious with these people.
quote:
Right now I can't prove he didn't do it and they couldn't prove to me he did and I think expulsion is a little harsh for his first infraction.
I cannot say for sure, but I would bet more money on some administrator screwing up permissions over some random kid hacking their files. If a high school kid can hack their stuff with modern windows domain security, they are incompetent.
quote:
your son shouldn't have access to serious files. that is a security issue on their end. not your kid's fault. if he hacked into a teacher's account that is another story but the fact is this low level student some how has access to important files that the schools deems for expulsion. you have to hit them with that angle to save your kids life
This is 110% correct MountainDew. Bingo.
Give your kid the benefit of doubt until proven otherwise, I have seen too many students get blamed for incompetent administrators.
If they cannot point to the exploit he "used" to "hack" the system, then this is not an actual hack.
quote:
Expulsion got denied. Back to school tomorrow. Still not happy the way all this went down so about to be visiting the school board so him getting kick out or me with some chrome bracelets is still a possibility.
Thanks for all the suggestions.
Have them produce all audit logs pertaining to the incident. That will include server logs and the logs from the computer where he did it and any other relevant information pertaining to their accusation.
This post was edited on 3/4/22 at 3:50 pm
Page 2 of 2
Back to top
Follow TigerDroppings for LSU Football News