Ed Brayton is a journalist, commentator and speaker. He is the co-founder and president of 
AP reports that the FBI is now investigating the school in Pennsylvania that has been remotely activating the webcams on laptops issued to students.
The FBI is investigating a Pennsylvania school district accused of secretly activating webcams inside students' homes, a law enforcement official with knowledge of the case told The Associated Press on Friday.The FBI will explore whether Lower Merion School District officials broke any federal wiretap or computer-intrusion laws, said the official, who spoke on condition of anonymity because the official was not authorized to discuss the investigation.
The school admits to remotely accessing some of the laptop webcams, but only for a good reason:
Days after a student filed suit over the practice, Lower Merion officials acknowledged Friday that they remotely activated webcams 42 times in the past 14 months, but only to find missing student laptops. They insist they never did so to spy on students, as the student's family claimed in the federal lawsuit.Families were not informed of the possibility the webcams might be activated in their homes without their permission in the paperwork students sign when they get the computers, district spokesman Doug Young said.
"It's clear what was in place was insufficient, and that's unacceptable," Young said.
The district has suspended the practice amid the lawsuit and the accompanying uproar from students, the community and privacy advocates. District officials hired outside counsel to review the past webcam activations and advise the district on related issues, Young said.
And the story quotes Vic Walczak, one of the attorneys in the Dover case who is with the ACLU of Pennsylvania:
Either way, the potential for abuse is nearly limitless, especially since many teens keep their computers in their bedrooms, experts said."This is an age where kids explore their sexuality, so there's a lot of that going on in the room," said Witold Walczak, legal director for the American Civil Liberties Union of Pennsylvania, which is not involved in the Robbins case. "This is fodder for child porn."
And that's just one of the many ways this could be - and perhaps already has - been abused.
Politics
Comments
A solution to this would be password-protected access, with the password set by the student or a parent, so that the student/parent has to report their laptop stolen or missing, then [i]give the administrator a password[/i] to access the webcam. That way as soon as the laptop is found you can just change the password and you know you're safe from spying.
But of course, doing it the right way is more work. :|
Posted by: Uncephalized | February 23, 2010 9:57 AM
Presumably the school has adequate paperwork to back up their story that 42 laptops have gone missing.
'Cause if they don't someone is up shit creek.
Posted by: NoAstronomer | February 23, 2010 9:57 AM
I am curious as to why they would think they would know where a computer was, unless its camera was pointed at a street address.
Posted by: Hathor | February 23, 2010 10:01 AM
This is a downright stupid security measure. If you have remote access to a stolen laptop, why not just lock it up and display a message saying something like "This computer has been reported stolen and must be taken to so-and-so to regain function." Then put large stickers on the laptops saying "This laptop will not function if stolen."
Taking random pictures after it is stolen makes a lot less sense.
Posted by: penn | February 23, 2010 10:05 AM
One can put a GPS device in a laptop that is a lot better at tracking down a stolen computer than a fuzzy picture.
Posted by: Alan B. | February 23, 2010 10:17 AM
So what was this story about a student getting punished for "inappropriate conduct at home"? IIRC, that's what blew the lid off this thing in the first place.
Posted by: Eamon Knight | February 23, 2010 10:34 AM
One other final irony in all of this - according to one site (linked to by slashdot), the "improper behavior" was he was seen popping pills, which turned out to be Mike N Ike candies, not drugs.
So they not only walked into one hell of a 4th amendment mess for which they had no jurisdiction or authority in the first place, but also for one in which the kid seems to really have been innocent of the whole time.
Posted by: Joe Shelby | February 23, 2010 10:41 AM
I'd be very interested in finding out what turns up on the hard drives in the principal's office. The school officials are obviously lying about only using the remote-access feature to recover stolen computers, since this all came to light over a photo used to confront a student about something completely separate from any stolen equipment issues.
Not that I wish ill on any of the kids involved here, but I almost hope the FBI finds some nude pics of teenagers in the school office, and the administrators involved end up going away for a very long time, with sex-offender status to keep them out of schools forever.
Posted by: Artor | February 23, 2010 10:47 AM
There are more details on this story going on. Apparently the kid was disciplined for eating Mike&Ike which the administration thought were drugs.
http://techdirt.com/articles/20100222/1118438253.shtml
And a security consultant started to look into the spyware and it doesn't look good for the school district.
http://strydehax.blogspot.com/2010/02/spy-at-harrington-high.html
One of the largest problems is that the spyware is very poorly written. It installs a client, but anyone can access the client just by binding to the port on laptop. No authentication at all. Meaning that anyone at anytime could access any of these laptops possessed by these kids.
-Matt
Posted by: Matt Harris | February 23, 2010 10:50 AM
So they not only walked into one hell of a 4th amendment mess for which they had no jurisdiction or authority in the first place...
Simple solution: declare all the kids "enemy combattants" and turn the school's surveillance records over to DHS.
Posted by: Raging Bee | February 23, 2010 11:04 AM
The software maker is decrying the stupid use of their product and pulling that feature.
(ComputerWorld, via Fark)
Posted by: abb3w | February 23, 2010 11:10 AM
I have a feeling that a few hard disks are going to be seized and analysed...
Posted by: Christophe Thill | February 23, 2010 11:15 AM
You have got to be shitting me.
<checks link>
They have got to be shitting me.
Posted by: DaveL | February 23, 2010 11:17 AM
I wonder how many people realize that email sent to and from faculty and staff at high schools (using their school addresses) are routinely scanned for certain keyword and then read by school authorities if those keywords are hit. Shifting from spying on married couples when one is a teacher or staff member to peeking in the kiddie's bedrooms is not a small step, but it is in the end only that ... a mere step, not a change in overall policy.
Posted by: Name withheld | February 23, 2010 11:22 AM
Lower Merion officials acknowledged Friday that they remotely activated webcams 42 times in the past 14 months, but only to find missing student laptops
So on average, they claim that 3 laptops per month go missing long enough to be reported and acted on.
Posted by: Odie | February 23, 2010 11:44 AM
If you were a student and knew this was going on, perhaps you could do a "roaming gnome" prank with this. You wouldn't even have to take it anywhere, just report it "stolen" and set up pictures in front of the webcam whenever you're not using the computer. First one Cairo, second one Guatemala, third one Alaska (hey I can see Russia!), fourth one Tatooine . . .
. . . and then start mixing in the (legal but doesn't look like it) porn!
Posted by: Rob Monkey | February 23, 2010 11:56 AM
So on average, they claim that 3 laptops per month go missing long enough to be reported and acted on.
Given that there are 1475 students at LMHS, and this is described as the "One-to-One" laptop program, suggesting one laptop per student, I think 3 laptops per month going missing is quite reasonable.
Posted by: Dave | February 23, 2010 12:15 PM
Exactly. I'm guessing someone needed to come up with a cover story very quickly and didn't think through how well it would hold up to investigation.
Posted by: Scott Hanley | February 23, 2010 12:19 PM
The thing is this would have been perfectly valid for its stated purpose if they had decent security procedures, like requiring permission from the party the laptop was lent to to use the feature and had it secured.
Posted by: Ace of Sevens | February 23, 2010 12:55 PM
This is why my Apple webcam is and always will be covered by a banana sticker. At least they admit there is no off switch.
Posted by: User Protection | February 23, 2010 4:24 PM
Is it just my imagination, or do some of the stupidest people in the entire world seem to work in school administrations?
Posted by: Eamon Knight | February 23, 2010 4:37 PM
Eamon Knight "Is it just my imagination, or do some of the stupidest people in the entire world seem to work in school administrations?"
It's your imagination. Stupid, like ignorance and malevolence, respects no boundaries. And I say this as a current member of Stupid Anonymous. I assume I'm supposed to go to the meetings, but for the life of me I have no idea where they are held. Going by the real world, everywhere, apparently.
Posted by: Modusoperandi | February 23, 2010 8:48 PM
Quoth Name Withheld:
....Shifting from spying on married couples when one is a teacher or staff member to peeking in the kiddie's bedrooms is not a small step, but it is in the end only that ... a mere step, not a change in overall policy.
If the marital status of the sender and recipient is relevant, that is a clear indication that the email *should not* be sent using an employer's network. In most (should be all) workplaces, employees are given guidelines for the appropriate use of their employer's resource that advise against this type of thing.
That is a completely different situation from using school-owned equipment to spy on students with no advance warning or consent, which is completely inexcusable.
Posted by: Theo Bromine | February 23, 2010 10:50 PM