School laptop spy software 'exploitable from anywhere'

Remember the school laptops set up to allow staff to spy on the kids at home? It turns out that the spy software used, Absolute Manage, has hard-coded crypto keys. This means that if you hack one client, you've hacked them all. [Freedom to Tinker]

12

    1. When did it become acceptable for school administrators to “supervise” students while they are at home?

      1. It’s not. Not ever.

        Every emerging detail of this story elicits ever louder WTF’s.

  1. Damn! Hard coded, you say?

    Idiots!

    Anyone reading this with a school-issued laptop with built in webcam, you want one of these. The iPatch. Self adhesive sliding cover for MacBooks and Windows/Linux laptops/monitors with built in webcams. US$4.99. Yes, opaque tape IS cheaper. The iPatch is more user friendly. And certainly far less ugly than a piece of tape.

    Second, for Mac OS users in general, Little Snitch. This will alert you whenever an application attempts to ‘phone home’, particularly if it’s an application you didn’t expect to ‘phone home’. It blocks the attempt and pops up a screen advising you of the attempt, and what ports the app is trying to contact. (more info is available via the alert screen.) You can then allow, or deny the attempt, either permanently, or one time only, or until the app quits or is killed.

    At US$29.95, it’s very cheap insurance against spyware and obnoxious software that sends personal info back to its ‘mothership’.

    1. Anyone with a school-issued laptop needs to download and burn a Linux LiveCD, hehe.
      Oh yeah, you can make a Windows LiveCD too, if you have a Windows install disc. WinPE.

  2. Don’t worry, you would have to violate the EULA in order to extract the keys. That’ll never happen.

  3. Sweet. A few google searches should return the key code! Looks like I could have some fun tonight! Who needs roulette chat?

    Seriously, though, laws need to be passed ASAP to make this type of software illegal

Comments are closed.