Monday, February 22, 2010

A PA High School Covertly Monitors Students via Webcams

In a recent class action lawsuit, the parents of a Pennsylvania high school student allege that school administrators monitored their son via the webcam installed on his school laptop.  No parents or students were informed that each laptop had software installed that could activate the webcam remotely and take a picture of whatever was in front of the computer.  The plaintiffs became aware of it when their son was approached by a school administrator who said that he was engaged in inappropriate behavior at home and used a photo taken by his webcam as proof.
Schools can't monitor children in their own home-- especially without their or their parents' knowledge and consent!  Pictures could (and probably were) taken of students and their family members in compromising situations.  I know that I've gotten undressed when my computer was in the room. Administrators allege that the software was only installed for help finding laptops after thefts.  Really? Software that can activate a student's webcam remotely and send you the pictures, no matter how you paint it, sounds messed up.  It's either a covert monitoring tool or a way to collect child pornography.  You'd think people would think before using this software.  I sincerely hope it was a rogue employee, otherwise I shudder at the state of the world.  No matter someone's age, a person deserves privacy in their own home!

 

Thursday, February 18, 2010

Guilt and Action

After reading The Cuckoo's Egg, I've had to add one more book to the list of books that dredge up feelings of guilt when read.  Oh, the poor, poor systems I've configured.  So open.  So vulnerable.  Of course I had heard of hackers, I knew that they took advantage of vulnerable systems.  "So what?" I thought, "Who would want to take advantage of some purely academic system?  It just handles boring data from experiments."  I was so wrong.  I'd never thought of hackers using my machines as lily pads on their jump across the internet to their real targets.  I want to go back in time and tell myself to be more careful.  But I can't change the past, so on to action and the future.

There are several things that must change:

  • No more complacency and universal trust.  While most people are trustworthy there are some sinister snakes seeking to sneak into servers.  The more restricted the server is, the better.  Only valid users should be able to get in. And password and other vital files should be hidden from everyone but the administrators.  
  • Assume that people are not going to play nice with software.  Assume that they are going to look for weaknesses.  More security testing needs to be done.   
  • Every program needs to be tested for security.  Even a small editing program, like Gnu-Emacs, can be the hole hackers are looking for.  
  • Computer accounting needs to be more stressed in the field.  If someone breaks in, how are you going to know about it?  How are you going to know who is on the computer, what is being done, and for how long without computer accounting?

I demand that everyone in the industry care about security!  I know that almost no one will read this, but I demand that all who do think about it!  Every program that is going beyond the classroom should be tested for security.  Buffer overflows, users without permissions, weak passwords, and other security topics need to be thought about before you can think about releasing "working" software.  The software doesn't work until it is secure.

Thursday, February 4, 2010

Genetics of Genealogy

I love the genetic aspect of genealogy.  I love looking at old pictures and finding out more about my ancestors' physical characteristics, it makes the people somehow more real.  It's great to be able to look back in time and blame an Irish ancestor for my unruly hair, or see how Mom's sharp nose can be traced back to Great-Great-Great-Grandpa Johnson.  I also can use the knowledge of my ancestors' health troubles to make lifestyle choices to avoid diseases I am predisposed to.  I know that Great-Grandma Ruth had Parkinson's disease, so I'm on the look out for any neurological issues.  Grandma Dickerson has had a life-long problems with obesity, so I'm careful to keep a healthy weight.  My husband's family stays skinny until 30, so I know to start our exercise habits now.  My entire knowledge of my family's health history comes from interviews with my grandmas, and old picture albums.  It would be great if FamilySearch made it easy to upload family photos so that this knowledge could be shared with more distant relations who don't have access to the same sources.