A Lock With the Key Next to It
by ckjbgames
Hello, 2600 and its readership.
I am here to address the insecurities of my school network. These insecurities are absolutely ridiculous and I cannot believe how honestly horrible this network's security is. Even for a middle school. My school's security is like taking a lock, securing it in the right way, but then leaving the key right next to it so that anyone can access all of your important documents.
First off, all of the computers run Windows 7, except for (of course) iOS devices and Chromebooks. This is ridiculous. Even though Windows 7 might have a better UI than 8 and 10, there is no mainstream support as of almost a year ago. That might not seem so bad, but it gets worse... I have several old 2600 issues that I read through (volumes 20-22), and several of the Windows XP-era security hacks still work on these computers!
For example, the network admins know nothing about the Google Translate proxy hack, I presume. I can access any blocked website via this method, and no one has done anything about it. Some kids even have no restrictions on accessing the Internet! I am one of the unlucky people who got an account with Internet restrictions. This laziness is inexcusable: you cannot just add Internet restrictions to some of the accounts and leave the rest with full access to the Internet!
Another thing to think about is that we can insert USB flash drives without being denied permission. This is insanity. Also, even better, you can use Windows Explorer and go into directories including C:\, Program Files, and even a directory full of assembly language code. I am not even kidding. It is that bad. I bet that the admins thought that we wouldn't think about it.
Another thing that you would normally think was a good security measure is laid to waste. So, you are denied access to the Command Prompt. An easy security measure that would make most give up at this point. However, they probably did the stupidest thing possible: forgot to deny access to Windows PowerShell.
You should probably know what PowerShell is: it's a utility that can do what Command Prompt can do and more: you can write shell scripts.
I haven't found PowerShell ISE yet, but I have found PowerShell. All you do is search for "Windows PowerShell" in drive C:\ and a single folder named x86-windows-powershell- and then a bunch of possibly encoded characters that look like gibberish. I didn't care to analyze any; I just wanted to get to PowerShell.
In the folder is a shortcut to - guess - Windows PowerShell. From here, you can access the network, not as an admin, sadly, but you can still run net commands. You can also change settings and possibly (I haven't tested this) access VBScript. So much for a lock when the key is right next to it...
I have not reported any of this to any figures of authority, and none of my friends know about these loopholes, except for the Google Translate one.
I would like anyone reading this to think about what the point of a lock would be with the key right by it, or with the combination just a few feet away.