Discuss Scratch

#381Nov. 11, 2017 13:59:44
herohamp
Scratcher
1000+ posts

School IT

TheUltimatum wrote:

Sigton wrote:

NoMod-Programming wrote:

Sigton wrote:

I've found enough loopholes in the school security to host web servers from the school PC…

Sigton
Same here! I've also found things like security cameras, printers, network shares with the final exam, only hidden with a dollar sign… It's amazing how bad my school's security is if you bother to look for even a few seconds
We found spreadsheets of the usernames and passwords of all the pupils in the school from 2010…

Sigton
Good for you.
I found a spreadsheet of all the current students, parents email/phone number, address, student id, and password. and yes, I anonymously reported the issue

Last edited by herohamp (Nov. 11, 2017 14:02:21)

My website hamptonmoore.com
UMass Amherst All Campus Makerspace
Supporting the wife's SEO
Click for a Scratch based programming language I made
#382Nov. 11, 2017 14:28:48
Sigton
Scratcher
1000+ posts

School IT

eeymao wrote:

Your school should expel you. Sure, breaking into the system to install software or to make life easier is something that is acceptable and that I have done, but you're actively invading the privacy of fellow students and teachers? That's just not cool.
Well is it really our fault if they leave them all sitting on the server?

myeducate wrote:

Bad school IT: Not blocking powershell.
wmic useraccount list brief
Bam! List of full names and ages of everyone in the school, including teachers. Told the IT and they did nothing.
Our school doesn't block powershell either.

Sigton

Last edited by Sigton (Nov. 11, 2017 14:28:54)


#383Nov. 11, 2017 14:58:27
-stache-
Scratcher
500+ posts

School IT

Sigton wrote:

eeymao wrote:

Your school should expel you. Sure, breaking into the system to install software or to make life easier is something that is acceptable and that I have done, but you're actively invading the privacy of fellow students and teachers? That's just not cool.
Well is it really our fault if they leave them all sitting on the server?
I mean they did technically give you permission to access it in their server giving it to you, no?

If someone knocks at the door and the dude you put at the door to open it let you in against your wishes, is it that someone's fault? lol

3x3 pb: 13.240
3x3 avg: ~21-26
#384Nov. 11, 2017 21:03:32
Jonathan50
Scratcher
1000+ posts

School IT

Was it called “THE USERNAMES AND PASSWORDS OF ALL THE STUDENTS.xlsx” or just “Spreadsheet1”?
Not yet a Knight of the Mu Calculus.
#385Nov. 11, 2017 21:14:40
herohamp
Scratcher
1000+ posts

School IT

Jonathan50 wrote:

Was it called “THE USERNAMES AND PASSWORDS OF ALL THE STUDENTS.xlsx” or just “Spreadsheet1”?
(schoolnamel)students2017
My website hamptonmoore.com
UMass Amherst All Campus Makerspace
Supporting the wife's SEO
Click for a Scratch based programming language I made
#386Nov. 11, 2017 21:25:19
Sigton
Scratcher
1000+ posts

School IT

Jonathan50 wrote:

Was it called “THE USERNAMES AND PASSWORDS OF ALL THE STUDENTS.xlsx” or just “Spreadsheet1”?
I can't remember the exact title, but there was a mention of usernames, passwords, year group and year in the title.

Sigton

#387Nov. 11, 2017 21:41:34
Sigton
Scratcher
1000+ posts

School IT

eeymao wrote:

Sigton wrote:

eeymao wrote:

Your school should expel you. Sure, breaking into the system to install software or to make life easier is something that is acceptable and that I have done, but you're actively invading the privacy of fellow students and teachers? That's just not cool.
Well is it really our fault if they leave them all sitting on the server?
Man, is it really our fault if we steal stuff from a house just because the door's unlocked?
We didn't steal it.

Sigton

#388Nov. 11, 2017 22:45:23
myeducate
Scratcher
500+ posts

School IT

herohamp wrote:

Jonathan50 wrote:

Was it called “THE USERNAMES AND PASSWORDS OF ALL THE STUDENTS.xlsx” or just “Spreadsheet1”?
(schoolnamel)students2017
It's common practice to put user account info in CSV files.
INACTIVE
SPA Member and Assosiate - Creator and overlord of ScratchNetwork - 700+ Forum Posts - Web and Desktop Dev - Fluent in VB, PHP and HTML. I'm okay at CSS and Javascript but am still learning. Sig written in PHP using the picture libary. Firebase is fun.

#389Nov. 11, 2017 22:47:04
TheUltimatum
Scratcher
1000+ posts

School IT

myeducate wrote:

herohamp wrote:

Jonathan50 wrote:

Was it called “THE USERNAMES AND PASSWORDS OF ALL THE STUDENTS.xlsx” or just “Spreadsheet1”?
(schoolnamel)students2017
It's common practice to put user account info in CSV files.
Oh, it is? Sony definitely did this so I guess it's fine.
solve the cube
#390Nov. 13, 2017 21:44:53
JGames101
Scratcher
100+ posts

School IT

bybb wrote:

-stache- wrote:

All email passwords in spreadsheet accessible to all teachers…
They told us our passwords by showing the spreadsheet of everyones password to the whole class.
Well… all of our passwords were student.
ALL OF THEM.
They didn't teach us how to change them until High school (grade 8-12 where I live), and they reset them every three months, NOT WHEN REQUESTED. It's… pretty sad. They also wanted us to use Office 365 to store all of our school files, which used the same accounts. That meant that if you knew someone's user number, you could login to their account, get all files stored in their drives AND on their school cloud storage, and generally be evil. This is all theoretical, but it's very easy to even accidentally login to someone else's account.
Scratch 3 Modding
#391Nov. 15, 2017 03:22:46
TheUltimatum
Scratcher
1000+ posts

School IT

eeymao wrote:

myeducate wrote:

bybb wrote:

PLEASE READ BEFORE POSTING
-snip-
Bad school IT: Not blocking powershell.
wmic useraccount list brief
Bam! List of full names and ages of everyone in the school, including teachers. Told the IT and they did nothing.
Well, I don't think your school would care if you know the names and ages of people, as it is already obvious, and you don't need to hide it.
Not when the user passwords are {name} + {age}.

Last edited by TheUltimatum (Nov. 15, 2017 03:23:25)

solve the cube
#392Nov. 15, 2017 06:55:51
Jonathan50
Scratcher
1000+ posts

School IT

eeymao wrote:

Still, everyone is already aware of your name and age, so it's irrelevant.
Except if you go to a big school with hundreds of students.
Not yet a Knight of the Mu Calculus.
#393Nov. 16, 2017 00:40:57
herohamp
Scratcher
1000+ posts

School IT

This not school IT but my login system on a site I made for someone…

https://cdn.discordapp.com/attachments/377218477066420226/380505459078987778/image.png


ik it's bad and insecure but for all they know it's secure and there is nothing that needs to be super secure behind it

Last edited by herohamp (Nov. 16, 2017 00:41:38)

My website hamptonmoore.com
UMass Amherst All Campus Makerspace
Supporting the wife's SEO
Click for a Scratch based programming language I made
#394Nov. 16, 2017 08:25:37
awesome-llama
Scratcher
1000+ posts

School IT

Some computers were upgraded to Windows 10. Nobody except me uses them because people don't know how to operate windows 10. Also, they don't properly support (outdated) computer games which is what everyone wants.

#395Nov. 16, 2017 17:17:15
TheUltimatum
Scratcher
1000+ posts

School IT

Jonathan50 wrote:

eeymao wrote:

Still, everyone is already aware of your name and age, so it's irrelevant.
Except if you go to a big school with hundreds of students.
Correct, but I don't go to a “school” in general so probably what I say is null and void.
solve the cube
#396Nov. 16, 2017 17:19:11
TheUltimatum
Scratcher
1000+ posts

School IT

herohamp wrote:

This not school IT but my login system on a site I made for someone…

https://cdn.discordapp.com/attachments/377218477066420226/380505459078987778/image.png


ik it's bad and insecure but for all they know it's secure and there is nothing that needs to be super secure behind it
Uh… What happens when someone gets rid of the “/login” part of the url?
solve the cube
#397Nov. 17, 2017 00:22:42
Jonathan50
Scratcher
1000+ posts

School IT

TheUltimatum wrote:

Jonathan50 wrote:

eeymao wrote:

Still, everyone is already aware of your name and age, so it's irrelevant.
Except if you go to a big school with hundreds of students.
Correct, but I don't go to a “school” in general so probably what I say is null and void.
I don't either, and in the past I've been to 3 schools with very low (all under 40) students
Not yet a Knight of the Mu Calculus.
#398Nov. 20, 2017 10:01:17
bybb
Scratcher
1000+ posts

School IT

Year 8 students got everyone banned from laptops at Lunch and Break. Luckily, I have a laptop only I can use!
Game Over
You'll find me on @LastContinue from now on.
#399Nov. 20, 2017 21:39:53
awesome-llama
Scratcher
1000+ posts

School IT

bybb wrote:

Year 8 students got everyone banned from laptops at Lunch and Break. Luckily, I have a laptop only I can use!
What were they up to?

#400Nov. 21, 2017 14:27:30
bybb
Scratcher
1000+ posts

School IT

awesome-llama wrote:

bybb wrote:

Year 8 students got everyone banned from laptops at Lunch and Break. Luckily, I have a laptop only I can use!
What were they up to?
FRII GAEMS!!1!11!
Scratch got blocked at my school a few months ago since kids were playing games in lesson and it was blocked as “just another games site”. Luckily, it's unblocked now.
To everyone, has Scratch ever been blocked by your school?
Game Over
You'll find me on @LastContinue from now on.

Powered by DjangoBB