ShortNews
+ + + 3 BRANDNEW NewsTickers for your Website! + + + easy configurable in less than 1 Minute + + + GET'EM NOW! + + +

   Home | Join | Submit News | MyShortNews | HighScores | FAQ'S | Forums 0 Users Online   
   
                 01/18/2018 10:59 PM  
  ShortNews Search
search all Channels
RSS feeds
  ShortNews User Poll
Are you excited about the holiday season?
  Latest Events
  7.931 Visits   7 Assessments  Show users who Rated this:
Quality:Very Good
Back to Overview  
01/12/2007 05:42 AM ID: 59458 Permalink   

Teen Charged With Hacking School Grades

 

Two New Jersey teens have been charged with computer theft after an audit discovered a discrepancy between grade reports and school transcripts.

The eighteen year old hacker faces up to ten years in prison, his younger accomplice could be detained until the age of 21.

The incident has been likened to the movie War Games, in which a teen played by Matthew Broderick, hacks into his school's computer to improve his grades. He is later captured by the FBI for inadvertently hacking a military computer system.

 
  Source: www.theregister.co.uk  
    WebReporter: ZCT Show Calling Card      
  Recommendation:  
ASSESS this news: BLOCK this news. Reason:
   
  26 Comments
  
  Better than college... kinda  
 
The 18 year-old will serve very little (if any) time – provided that this is his first run-in with the law.

While this illicit activity isn't going to do his criminal-record any favors, it will surely secure him a six-figure income in the IT industry.

Remember Kevin Mitnik? He served a few years for hacking telephone companies, credit card companies, and banks. When released, he was immediately hired by a network-security firm and later began his own VERY lucrative security-consulting firm (http://www.kevinmitnick.com).

Sometimes crime DOES pay... after you’ve served your sentence, that is.
 
  by: CArnold     01/12/2007 05:54 AM     
  War Games? ...wha???  
 
I was thinking more along the lines of Ferris Bueller's Day Off (1986) - haha, but there again I think he altered the number of days he was absent, but it's all just as illegal.
-np-
 
  by: NicPre     01/12/2007 06:10 AM     
  @CArnold,  
 
@CArnold,

Unless you have other information about this case, I do not believe this will help him with a career. I work in an IT field and have a background in security. There is nothing special about finding flaws in a school's network and/or machine that the grades are stored on and it's hardly a challenge. From personal experience you would be surprised how bad security could be when the people managing it are under staffed/trained/paid. As an example a hacker cracks or finds a password for something that is not important (to the school) may discover the school uses that same password for everything else. I would never hire someone based on something like what this kid did without further details showing something special. While it's not impossible for him to find work from this incident, it would have to be offered by someone with little technical knowledge and he would have to 'wow him' in some way.

As for Mitnik, you are right he is successful now. However it's important to note he was also not very special from a security perspective and his success (in my opinion) is due to jail time and publicity of the case which was revolutionary. Now people get busted hacking, writing viruses and serving pirtated software regularly so it's not that special.

You are right in some sense though, that hacking can pay off better than going to college. You would have to be writing proof of concept exploits and papers about security while making sure to stay clean. If you make a name for your self its possible to get job offers based on your experience and analytical skills. However you have to handle this carefully. Most companies will not hire malicious hackers and script kiddes as they will feel that they can't trust you or they will see that you are incompetent (script kiddy.)
 
  by: OneEightSeven   01/12/2007 06:53 AM     
  Jail  
 
What I don't get is why everything is getting handled by the legal system these days.

Back in my day, and I am only 33, if you did something wrong the school handled it. Police would only be involved in a very serious incident, perhaps if a schoolboy vandalized some property on the way home from school or something like that. Even then the police would generally just turn it over to the school to deal with.

In recent years there seems to be a slew of stories in which reasonably innocuous incidents have resulted in criminal charges, prosecution, threat of jail time etc.

Sure, the kid should not have hacked into the school computer and changed his grade, but seriously I doubt it was that hard. They caught him, the could just as easily punish him 'in house' and not even involved the police. Putting one kid in states custody and threatening the other with a decade in jail is just retarded.
 
  by: ZCT     01/12/2007 07:01 AM     
  yeah..  
 
I thought ferris straight away... It's a classic...

What the hell's War Games?!?!
 
  by: dook   01/12/2007 07:09 AM     
  @dook  
 
War Games is a classic 80's movie. Worth seeing. The computer scenes are of course quite laughable by today's standards.

http://www.imdb.com/...

http://www.amazon.com/...
 
  by: ZCT     01/12/2007 07:19 AM     
  @ FURP  
 
Ferris Buellers before my time :)
 
  by: dook   01/12/2007 08:27 AM     
  @OneEightSeven  
 
You certainly bring up a few good points.
I, too, am in the IT industry and have been so for 15 years. I don’t have any more info on this story that what has been provided but, I have never considered password-thieves “hackers”. To steal login credentials and use them, to me, is not “hacking”. It’s simply “unauthorized used of a system”. Within the industry, use of the word “hacker” means someone that is capable of defeating or circumventing the security system of a secured computer and/or its infrastructure/network. Granted, this vague classification can be divided into two categories: 1) Script Kiddies, and 2) Real hackers with extensive technical know-how of what they’re doing.
The source doesn’t give any sort of detail in re to how the kids hacked the system, so my assessment was based on the assumption that the kids had some technical ability to “hack” the system and carry out their devious plans (Mmmmoooiiihahahahah!!!)
Having contracted to many government agencies, I know that the majority of their software is not internally developed – as you mentioned, they pay below the industry average and, hence, only attract less-than-mediocre talent that have been rejected from the private sector. It confuses me why they would cap their salaried employees at sub-par salaries, yet pay out-the-nose (per hour, mind you) for contractors that they keep around for just as long. Go figure…
But if this kid is the “real thing”, he’s got a promising future in the field and will have a great salary, to boot.
I’ve been looking for an entry to junior level developers (VB.NET/C# with SQL exp) for the past 2 months, now. I recently hired a guy with an associate degree (recently graduated) and only 1 year of experience. I hired him @ $40K p/yr. That’s industry average, these days. Ridiculous, huh? Furthermore, he’ll be worth $50K in about a year. That’ll probably mean a salary negotiation at the end of the year (or if a recruiter finds his resume online and calls with a high-dollar offer). I have to hold his hand through much of the coding and architecture of the apps we’re developing. So, you can imagine what someone would be worth that could hit the ground running on a seasoned level. $$$
As for Mitnik, I can’t believe you don’t find his past remarkable! Are you kidding me? Google him and read up on his “adventures”. It’s amazing what he did with the technology, at the time. His story is amazing. His sentence was EXTREMELY light, relative to everything he did. The reason it was extremely light was because he agreed to work with many of the corporations he hacked and helped them to better secure their systems.



9 years ago, I created a brute-force hacking utility written in C++ (Borland was the king of the C++ realm back then… before Microsoft took over). It was pretty good at breaking into e-mail accounts and other web-based systems that relied upon password-only protection for security. In order for it to work, you had to know the username of the account – for e-mails, this was easy (abc@hotmail.com meant that “abc” was the username). It would call upon the login URL and submit the username and a generated password. The password submitted would either be generated from a dictionary file (always the first method of attack for weak passwords based on known words, because it took less time to crack), or the password would be generated using a sequential code generator. This process took the longest because it used ASCII values in increments of 1. It basically threw every possible alpha-numeric combination at the system. The HTML response from the server would be parsed to determine if the account was successfully compromised. (ie – if the page retuned contained the text “incorrect username or password”, the system would know the response indicated a failed login.) It would keep throwing passwords at the system until it eventually got a different response, which was either a successful login, or a nasty message from a vigilant system admin informing you that your IP address had been blocked :P . With a 28 Kbs modem, it would take anywhere from hours to weeks to crack an account, but it would eventually crack it.
This brute-force hack was pretty effective until the “Type in the characters you see below” countermeasure began popping up everywhere. Because the text was contained within an image (vs text) and the “text” within the image was purposely deformed to thwart screen-scraping and OCR techniques, it was very effective at countering my cracking method – nobody wants to make out those weird looking letters and manually type them in with each failed attemept… at least, not me.
 
  by: CArnold     01/12/2007 09:52 AM     
  @CArnold  
 
I understand what you mean, that hacker is not a term that should be used for everyone. I was looking at it from the perspective of how the media sees it. To the average person anyone who knows how to do anything remotely useful with a computer seems to be a hacker. If the kid is intelligent and has talent/ability in this field then yes he will likely succeed and if the attack he carried out was interesting he could use it to his advantage if he presents it correctly.

When it comes to government ran schools it makes sense that they don't pay very well, because to them it's not a high enough priority. They do not need to hire quality techs to setup a school's network and workstations as even mediocre ones can do a half-assed job. A part of the problem may be underestimating the students and others with access to the network/machines. As far as contractors go it would make sense to me that they just want results and don't really care about costs as it's the tax payers money any way, which of course is not an excuse.

I know what you mean about pay rates, but it also depends where you are hiring because in some areas you can barely survive on $40k. But yes entry level jobs tend to go for around $35-$40k for associates degree or relevant experience in my experience. As far as incompetence goes I am with you on that one, which is why I don't tend to rely on degrees. In my experience the people with degrees often do worse than those without them. I can't tell you how many AS/BA/BS grads I've seen that apply for say level 3 system administrator (sr. system administrator) for Linux systems and don't seem to remember UNIX 101 at all. Of course these guys never want the support tech positions that pay $10-14/hr which we end up offering. Quality employees are worth their weight in gold.

I never researched Mitnick in detail so I may be unaware of many things, but the things I have read do not seem to make him in any way exceptional. I looked him up on wikipedia and found that he served 5 years. “Mitnick served five years in prison (four years of it pre-trial), 8 months of that in solitary confinement, and was released on January 21, 2000.” Which as far as I understand was much for these type of crimes and resulted in new laws which wikipedia also mentioned. “The case against Mitnick tested then-nascent laws that had been enacted for dealing with computer crime, and it raised public awareness of security issues involving networked computers. The controversy remains, however, as Mitnick is often used today as an example of the quintessential computer criminal although his exploits are less notable than his notoriety suggests.” I understand wikipedia is editable by the public and not always the best source, however this is the perception I always had of him and the events that I am aware of in his life.

I remember using Turbo C++ back in the DOS days. I have toyed with writing brute force crackers in the past however nothing really public. I remember that AOL dialup accounts were an easy target same way as you mention email was a good target. You could go into a chat and get usernames then use word lists to crack them and you had free crappy dialup.
 
  by: OneEightSeven   01/12/2007 11:51 AM     
  Why is it...  
 
Everytime someone uses the word 'Hacker' you always have to have people who come on and correct the usage of the term etc.

Everyone realises what the kids done, but face it the term 'hacker' has come to mean practically any illegal activity on a computer with which a person gains unauthorised access to something.
 
  by: dook   01/12/2007 03:24 PM     
  You guys want to hear the real truth?  
 
I am responsible for building and maintaining report-cards for my school (which is private, not public).

Guess what- if a kid accesses the report-cards then they'd have to change the grade at the last minute because all teachers submit grades at the last minute. Trust me on this.

You have an entire school's network of computers at the disposal of teachers who often leave their workstation (classroom, lab, library, offices) to take a piss, drink coffee, or go off and teach a class for an hour and they FORGET TO LOG OFF (or simply do it naturally). They all have computers in their classrooms... they leave them unattended. Hell, I've seen teachers let students just use their accounts because it saves precious classroom time instead of waiting for that kid to log in, or maybe the student accounts can't access certain programs, etc... What can I do about it? I am not the police. We have security, cameras, firewalls, blah blah blah... but the best preventitive measure is human diligence. An inept student will usually not be bright enough to trick anybody for real. Come on.

How easy is it to break into staff's server? Easy... wait till someone is making coffee. Doing it remotely (like 'hacking' it)? Impossible and not worth the time.

If a kid alters his grade, trust me... someone will notice. It doesn't take a genius to change grades.

The best method to change your grade is to sit down, shut up, listen to the teacher, and take the tests well. Hacking, or any other hooliganism, will only get you kicked out of the school. My school is led by intelligent administration-- we'd never have cops ARREST a child for something unless it involved a felony crime. Ridiculous the way American schools are failing their students now...

You guys can all talk about what cool hackers you were back in the day, but what counts, I guess, is geniune understanding of society to get away with real crime. Nerds aren't known for their understanding of how humans behave.

Breaking into security-systems might make you guys drool and get raging hard-ons, but you won't find much of interest in a school's servers unless you want to read some really banal crap.

As OneEightSeven said-- teachers and school staff are severely underpaid (even in private schools) and the talent is just not there. On the other hand, why would you hire the best IT team at ridiculously high salaries to handle protecting report-cards? They are better off working for banks, for example.
 
  by: theironboard     01/12/2007 04:57 PM     
  @dook  
 
Ever see an 8” floppy disk? Watch the movie, it’s a great trip back to the dark ages. If you would like, I have an old file on how to hack a pay phone like he did in the movie too. Things were so much simpler in the old days. I still have a tone generator used to make phone calls on a rotary dial phones, when is the last time you saw a rotary dial phone? You just have to laugh when they brag about how powerful their computers are....a 286 processor with 1meg of RAM and a 10 meg harddrive, all running a 300 buad modem. WOW!
 
  by: Valkyrie123     01/12/2007 05:23 PM     
  When I was in school....  
 
I changed my grades in Jr. high and got away with it no problem. In high school I got caught, was suspended, and lost access to computers for the remainder of my time there (with the exception of my computer classes, in which I had my own personal guardian there to supervise every mouse click). Now I am still on my way to get to the career I want in network security, and already have an internship that seems to be working out quite well. The moral of my short story is.....ahhh damn I forgot.
 
  by: darkrom666   01/12/2007 07:20 PM     
  oh yeah  
 
Don't get caught. And if you do, hope that the school doesn't take it as seriously as this one did!
 
  by: darkrom666   01/12/2007 07:21 PM     
  It not cheating unless you get caught  
 
I just had to say that, a few years ago we had the same thing happen at a school in Broward County Florida. Some kids broken and changed grades,the Principal made every teacher submit every grade for every day that school in, 2 weeks the teachers had to come in to redo the grades. My friend is a postal carrier and everyday for 2 weeks he had kids coming up to him asking if has the report card.
 
  by: thedrewman   01/12/2007 09:03 PM     
  FURP  
 
it was a joke
 
  by: thedrewman   01/12/2007 11:03 PM     
  You know the law is screwed up when...  
 
One teenager faces 10 years in a prison for being 18 while another faces a couple years in a most likely a youth facility. We really need to make adult hood either start at 13-14 or 25. Students in highschool should all be equal and students in college should all be equal. Those outside of school should also be equal.
 
  by: insomniac84   01/12/2007 11:56 PM     
  @ FURP  
 
"A cheat is a cheat. A person of "low-character" !"

Are you that clueless!?
The world is full of such people with "low character", you dont have to go far to find one, while you're at it get off your moral high horse...
 
  by: zmethod     01/13/2007 04:19 AM     
  10 Years?  
 
For that? Murderers in this country get less like 2-4 years in some cases.

10 years is a long time, technology will change rapidly and without obvious access to a computer he'll need to teach himself when he gets out.

I wish I knew how, get me a good job.
 
  by: Mr-Anderson   01/13/2007 04:36 AM     
  I agree with posters..  
 
.. saying that there is a difference between hacking and just bypassing authentication by stealing a password or whatever.

Not sure what route these kids took, but chances are that it's the "lolz the teacher left the machine logged in, lets change our grades!" rather than say remotly accessing the network via an open port, creating an admin account in the relevant system, then logging into that account and changing grades.
 
  by: Dedolito     01/13/2007 04:40 AM     
  It warms the cockles of my dark heart  
 
to know that I live in a country (USA) where a ten-year-old boy can murder his mother and father, then successfully throw himself on the mercy of the court because he is an orphan.
 
  by: white albino   01/13/2007 05:24 PM     
  Yeah, on school security  
 
Theres an electronic register system available in the UK, called BromCom.

Me and two friends hacked it in two weeks, we thought we were leet, till we found out a group of about 20 first years had hard wired into several of the transmitter boxes on the second day.

Breaking into a schools computer networking is nothing.
However, had they left the password around (in the UK at least), he wouldnt have been breaking the law.
 
  by: GogeVandire   01/15/2007 10:51 PM     
  This reminds me of something we did in HS  
 
We placed a keyboard logger on the PC of a teacher while she stepped out of the room. After that we came back the next day and grabbed everything she had typed. Got her login and password. the county we were in was totally linked together so any staff members could get right into their gradebooks of any student in any school within the county and check/change grades, check/change attendance, etc. We were to chicken to change anything but we were proud of the fact that we managed to get in. We checked out our grades and were able to see our attendance and scanned through other students grades too. Even were able to read notes placed on our files by the teachers. Some of those teachers were mean as crap in their notes!

Anyhow its not very hard to gain access if you have a few tools and know a user that is incompetent enough to leave their PC logged on with full rights. Many other ways to get in too but that was how we did it. would be even easier now what with wireless technology the way it is and all.
 
  by: slavefortheman     01/15/2007 11:02 PM     
  Desiigner  
 
Well I´m A Fashion Design Student and I actually Hired a hacker at hackteam33@hotmail.com. I paid him to change my grades several times but I feel bad for it but it was my only hope at passing the semester.
 
  by: MyShortNewsHacker   05/04/2016 12:56 PM     
  Hacker  
 
ReputableHacker is an experienced online Private Investigator/Ethical Hacker providing investigative solutions and related services to individuals. You may find my services of use, my areas of expertise include the following: fidelity check, mobile hack and access, social media hack, email, educational institutions, clearing criminal records, accounts recovery, websites, database etc
Email - reputablehacker@gmail.com OR text +15014824662
http://www.reputablehackingservices.yolasite.com
 
  by: reputable01   05/09/2016 01:33 AM     
  Hacking Services  
 
mobhack007@gmail.com render the best grade change on the internet. We render a global service for any grade change, school transfer, and transcript change. Our service speaks for us. We are unified hackers. You want your job to get done. Simply contact us and get exactly what you need. Communication between partners is secure and safe. We are high rate hackers and our talent knows no bound. Simply contact us today for a better grades.
 
  by: Benjamin Haim   01/23/2017 01:55 PM     
 
 
Copyright ©2018 ShortNews GmbH & Co. KG, Contact: info@shortnews.com