this post was submitted on 18 Aug 2023
90 points (84.6% liked)

Privacy

31932 readers
970 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Hi. My school just started issuing devices last year, and they have this Lightspeed spyware on them. Last year I was able to remove it by booting into Linux from a flash drive and moving the files to a separate drive and then back at the end of the year. This year I have heard from sources that they have ways of detecting someone booting from Linux so I am hesitant to do that option. My only other idea is to buy an old laptop off eBay that looks like it and install Linux on it. I could probably get one for about 50€. Does anyone have any cheaper ideas?

Oh also talking to IT isn’t an option.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 21 points 1 year ago (1 children)

They can't detect if you boot into Linux; but they can detect the presence of external storage devices and scan their contents. It is best if you do not plug in your LiveUSBs or disks while the system is [ONLINE] (Meaning while the device is booted into any default operating system)

Chances are if your hardware has not changed; the capabilities have also not changed. I do however have a few tips for you:

  • DO NOT MODIFY THE DEFAULT OS OR SPYWARE! It sounds like they are now monitoring the files for the software and will now notice if you have disabled it; as your machine will probably be sending heartbeats to a centralized server. You must accept this spyware when operating the machine as intended to interface with your school environment; but you can limit yourself to submitting schoolwork only on it
  • Boot into a Live(CD/USB/Media) environment of Linux with Persistence. Google it. They can't detect this without BIOS tampering.
  • Do Not plug your Live Media into the system when booted into it's default mode. Your drives are probably being scanned.
  • Keep a separate media storage device for storing your documents and such.
  • You can boot into your Linux key to work on school things and browse the web privately. Remember though that you are [OFFLINE] and may be unable to access the school network and will be required to save your work on a different piece of media, shut back down and boot into the default OS again to submit your work.
  • You may be unable to complete assignments in Linux [OFFLINE] that require you to respond to questions interactively [ONLINE] or otherwise require that you be interactively [ONLINE].
[–] [email protected] 7 points 1 year ago (2 children)

They can't detect if you boot into Linux

It depends what they use for monitoring. If they use Intel vPro then they can technically take over from any operating systems since it runs at the TPM/firmware level.

[–] [email protected] 8 points 1 year ago

I had no idea this type of thing existed! Scary!

https://petri.com/intel-vpro-platform/

[–] [email protected] 4 points 1 year ago (1 children)

I'm assuming that unless told otherwise; they have no such capability in the BIOS. It IS probably a public school and IT department that isn't that clever/resourced.

[–] [email protected] -1 points 1 year ago* (last edited 1 year ago) (1 children)

They are very dumb. I am not just being mean I met the head of IT personally and he is an idiot, but students from some of the computer classes were responsible for some of the configuration, meaning some competent people looked at it.

Edit: The bios was password protected last year so it isn’t stock at least.

[–] thisisnotgoingwell 6 points 1 year ago* (last edited 1 year ago) (1 children)

Something tells me your intentions aren't innocent(you want to be able to act maliciously at school or on the school network), or you have an overinflated sense of ego, the head of IT likely didn't give two shits about explaining anything to some brat. You're going to have to face some harsh realities pretty soon. Expecting digital privacy on a school issued device on the school network is asinine thinking.

[–] [email protected] 6 points 1 year ago (2 children)

I wanted to do goofy stuff last year like the 4 line script that only uses tons of resources, but I have no intention to be malicious in any way. They now have a whitelist instead of a blacklist for website blocking, meaning many educational sites are blocked by accident. My teacher’s website was blocked for most of last year. We are required to use MS Office even though it takes 3-4 times as long as LibreOffice to load. I don’t want to be hackerman or to play csgo in class, I just want basic functionality on the computer I have to use.

[–] [email protected] 3 points 1 year ago

Well your easiest option would be to buy the another laptop.

Or you could just use a different hard drive and install Linux. (and switch back the old drive once you need to give it back)

But if the bios is password locked I don't know what they might block in there

[–] thisisnotgoingwell 1 points 1 year ago (1 children)

Is this a school owned device? Goofy 4 line script that uses tons of resources, so that script that unnecessarily and intentionally taxes the laptops hardware, purely innocent right? Any chance why they might not want you to do that?

That's pretty standard across any respectable industry. You're given suitable alternatives, if everyone could use whatever applications they wanted then it would be a nightmare.

[–] [email protected] 3 points 1 year ago

It unnecessarily taxes the cpu. CPUs don’t die except for cracked dies and improper thermal solutions. Do you think that was really going to do anything to it? Also it isn’t like I can’t do that already, so all their shit does is make it harder to do legitimate work.