(Swell tee-shirt available too!)
Thanks to Bruce Schneier for drawing attention to this one on his blog: http://www.schneier.com/blog/archives/2010/02/remotely_spying.html
A security researcher named Stryde Hax has blogged about his research into the public-facing web presence of Mike Perbix, a network technician at Lower Merion School District near Philadelphia. Perbix probably set up the system to turn on web cams in students’ laptop computers which is at the center of the federal lawsuit filed earlier this month. (See Sunbelt blog “FBI will investigate Pa. school district webcam spying”)
Hax writes on his blog: “Network Tech at LMSD. Mr. Perbix has a large online web forum footprint as well as a personal blog, and a lot of his posts, attributed to his role at Lower Merion, provide insight into the tools, methods, and capabilities deployed against students at LMSD. Of the three network techs employed at LMSD, Mr. Perbix appears to have been the mastermind behind a massive, highly effective digital panopticon.”
Apparently Perbix made a promotional video about LanRev remote monitoring software and in which he discusses using it to monitor students as well as setting it to a special remote administration mode that makes the monitoring invisible to those being monitored.
(Side note: here’s an example of why you need to put a password on your wireless router)
Perbix recounted using the LanRev software to recover a stolen computer:
“As a prime example, we initially attempted to recover a stolen laptop that reported back to us its internet address and DNS name. The police went to the house and were befuddled to find out the people we knew had the laptop was not the family that lived there…well, we eventually found out that they were the neighboring house and were borrowing the unsecured WI-FI.”
He concludes his very detailed blog post:
“What amazes me most is that the family and lawyer filing the suit appear to have… no digital forensics going in, and no enterprising student hacker ever jailbroke a laptop and proved this was going on. The greatest threat to this investigation now is the possibility that the highly trained technical staff at LMSD could issue a LANRev script to wipe digital forensic evidence off all the laptops. This is why it is imperative for affected parents to have the hard drive removed from their children’s laptops and digitally imaged before the laptop is connected to a network. With enough persistence, and enough luck, we may eventually learn the truth.”
In an update yesterday, he discusses Perbix role:
“The impression we both got was of a man who was charged with enormous responsibility, worked very hard, was very adept, and was fanatical about protecting kids and the assets he was charged with managing. I don’t have all the facts yet, but the impression I got was of someone who was trying to build a state of the art capability and revelled in the promise of technology. If I had to put my finger on what when wrong here, I would say that someone cared too much. Personally I’m much more interested in who this capability was distributed to, and its persistent pattern of access, than I am in the person who built it. If you’re reading this, please, let us not participate in a rush to judgment especially against a guy who worked this hard. Yes, he built the capability. Yes it was used. But if it was abused or simply misguided, that remains to be proven.”
. . .
Hax describes himself on his blog: “I am a consultant with the Intrepidus Group, {of New York city} a proactive security firm known for launching the first proactive anti-phishing service, phishme.com. I have a wide ranging security background, from reverse engineering to penetration testing. In my spare time, I find things on web servers that were never meant to be found.”
Tee shirt available here:
http://www.zazzle.com/lower_merion_school_district_scandal_parody_tshirt-235568003500926676
Tom Kelchner