Thoughts on School comp sys breaches in USA SN 1012,1013

  • Be sure to checkout “Tips & Tricks”
    Dear Guest Visitor → Once you register and log-in please checkout the “Tips & Tricks” page for some very handy tips!

    /Steve.

  • BootAble – FreeDOS boot testing freeware

    To obtain direct, low-level access to a system's mass storage drives, SpinRite runs under a GRC-customized version of FreeDOS which has been modified to add compatibility with all file systems. In order to run SpinRite it must first be possible to boot FreeDOS.

    GRC's “BootAble” freeware allows anyone to easily create BIOS-bootable media in order to workout and confirm the details of getting a machine to boot FreeDOS through a BIOS. Once the means of doing that has been determined, the media created by SpinRite can be booted and run in the same way.

    The participants here, who have taken the time to share their knowledge and experience, their successes and some frustrations with booting their computers into FreeDOS, have created a valuable knowledgebase which will benefit everyone who follows.

    You may click on the image to the right to obtain your own copy of BootAble. Then use the knowledge and experience documented here to boot your computer(s) into FreeDOS. And please do not hesitate to ask questions – nowhere else can better answers be found.

    (You may permanently close this reminder with the 'X' in the upper right.)

D

dusanmal

Member
Dec 12, 2022
10
14
What surprised me the most in the recent school networks breaches in the USA is all the data available there... Why is that data on School systems? As in the old security rule that you don't run all, just crucial crucial services on your machines. Solving this issue may also solve needless education spending. School systems should have education content and grades and schedules. Nothing more. Health data?!? That should sit in Doctors offices and Insurance Co systems. School wants to know - ask Doctors case by case
, none of school business to keep it.
As I am immigrant from another type of education system, here is what I grew up to be properly educated and end with multiple advanced degrees: both our elementary and high schools run on double shifts, school capable of supporting 1000 kids per session had 2000 pupils. Staff? On both levels schools I attended with about 2000 pupils each had: Principal, Vice Principal, 3 secretaries, 4 cleaning ladies who also served as school nurses and one maintainance man. Only extra staff member in HS was additional Counselor. All other employees were teaching. Nobody kept any records other than education content, grades and schedules... There was nobody to do so and nobody was needed to do so.
 
dusanmal said:
School systems should have education content and grades and schedules. Nothing more. Health data?!? That should sit in Doctors offices and Insurance Co systems. School wants to know - ask Doctors case by case
, none of school business to keep it.
Click to expand...
With modern Western societies that seem to visit a lawyer more often that they eat, having some health data immediately on hand may be a requirement for schools, e.g. this pupil may have eplieptic fits, or has an allergy to nuts. Having to locate and call a doctor's office when a child is suffering would take too long.
 
While true, most comes from nver actually scrubbing stale data, and keeping it well past the use y date, often with poor to none existent security. After all a school will often have an IT policy set by a district, but in reality the passwords are written down next to the computer, because changing passwords is hard, and having more than one user is hard as well, what with needing to train teachers how to use a login page. thus the username is Jenny, password is Talia, despite the fact jenny retired 2 decades ago, and is in a high care facility, but nobody has changed the system since them.

As add on Cloudflare could simply use that IP block, and, totally randomly, migrate La Lga streams onto it, blocking the legite streams, and citing that they were looking for matches to the La Liga stream, and blocking every single one, as it was not possible to look up and verify every owner, so they blocked them all as preventative measure.
 
You must log in or register to reply here.

Similar threads

H
AI Talk on SN
Replies
0
Views
232
Security Now Podcast
Harry
H
B
SN 1007 Efficiency
Replies
3
Views
343
Security Now Podcast
Badrod
B
Russell...
3rd Party Cookies in FF (SN 985)
Replies
3
Views
773
Security Now Podcast
bdub76
B
B
SN 1011 Jailbreaking AI
Replies
0
Views
184
Security Now Podcast
Badrod
B
B
Thought experiment to replace government Organization
Replies
3
Views
269
Security Now Podcast
jlee
J
Top Bottom
Back