Saturday, May 11, 2019

Education of Kiddos: "Old Credentials" left on school server

https://www.whec.com/news/gates-chili-csd-students-gain-unauthorized-computer-access-to-privileged-portions-of-districts-network/5348914/?cat=565

I... this hits close to home.

I made a mistake in college. A big one. But a kindly professor took a shine to me and helped me survive some bad outcomes. I've since done much mentoring various communities. I turned out pretty OK, I think.

Given most of the kids I work with now are in the 'hackerspace', just how do I help them see the difference between good whitehat/blackhat. They're not going to learn if they don't poke.

Those creds should have been removed immediately. The accounts should have been locked down. All of this is a case study in what NOT to do for account/network security. Yet the kid makes the front page.

I'm thinking of the next project where we tear apart an old camera... and what to do.

edit: (And this may not be the right forum. I'm hoping more from a security professional point, but then we'd get "don't do that ever" and never find any problems...)



No comments:

Post a Comment