School Spy Program Used on Students Contains Hacker-Friendly Security Hole

    Date24 May 2010
    CategoryPrivacy
    3220
    Posted ByAlex
    A controversial remote administration program that a Pennsylvania school district installed on student-issued laptops contains a security hole that put the students at risk of being spied on by people outside the school, according to a security firm that examined the software. The LANrev program contains a vulnerability that would allow someone using the same network as one of the students to install malware on the laptop that could remotely control the computer. An intruder would be able to steal data from the computer or control the laptop webcam to snap surreptitious pictures.

    The vulnerability was discovered by researchers at Leviathan Security Group, who provided Threat Level with a video (see below) demonstrating an exploit they developed.

    They began examining the program after customers who saw media coverage of the Pennsylvania case expressed concern that the program might be exposing their employee computers to intrusion from outsiders. The same software is used by many businesses to monitor and maintain their employee laptops.

    The Lower Merion School District in Pennsylvania is embroiled in a lawsuit and FBI criminal investigation over use of the LANrev software. The cases involve allegations that administrators spied on students through the software installed on 2,300 school-issued Macbooks.

    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    Do you read our distribution advisories on a regular basis?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /component/communitypolls/?task=poll.vote&format=json
    23
    radio
    [{"id":"84","title":"Yes, for a single distribution","votes":"0","type":"x","order":"1","pct":0,"resources":[]},{"id":"85","title":"Yes, for multiple distributions","votes":"4","type":"x","order":"2","pct":66.67,"resources":[]},{"id":"86","title":"No","votes":"2","type":"x","order":"3","pct":33.33,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.