this post was submitted on 07 Mar 2024
136 points (76.4% liked)
Technology
58303 readers
10 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
They didn’t lose their laptop. They got taken to be updated because of a security breach
Intentionally inflammatory and misleading headlines on Lemmy? Pshaw. The hell you say.
Not a Lemmy issue. Click bait unfortunately works to drive views through all social media platforms.
The thing I love is being able to click into the comments first to see the auto-generated summary. Prevents the site from getting my traffic.
The community could make rules on what is acceptable to post or not though. And disallow websites that regularly mislead.
And it should require copying the title from the article and not allow editorializing it (or only slightly).
I never realize what responses like this add to the discussion.
do you have any other community platform free from clickbaits? do you need a pat on the back cuz you think you're immune to clickbaits? what's the point?
Yea the title is extra click baity
The article is news worthy but I downvoted the post due to the title being garbage.
Like everything ad driven has to be.
Calling it a security breach is a bit of a stretch, to be fair. The company that issued them never changed the default BIOS password, so inmates could gain admin control over them if they wanted. Changing default passwords is like the most basic Help Desk 1 training.
I can almost guarantee that the company is owned by someone who also has direct ties to the prison’s leadership, and they spun up the corporation just to issue (and profit from) the laptops. Because there’s no way that an experienced IT team would allow 1200 laptops to walk out the door with default passwords.
Having root access to that computer means they can do a lot of throngs they aren’t supposed to. I fail to see this as anything but a security breach for this.
i’d say that it’s a security vulnerability, but breach implies it’s been used
I see. That makes sense.
They were taken for reasons that inmates had nothing to do with, they have not been replaced, and it's unclear when they'll be returned. Inmates who are enrolled in college courses are having to handwrite papers that are due soon.
Its the us slavery system. The laptops will be returned whenever something happens to some prisoner(s) that gets successfully sold as tragic to the masses. I hope there is some young attractive white mother who was taking classes on the laptops and is about to finish her sentence, or else they're gonna be waiting a while.
and the alternative is…?
Not victimizing all of the student inmates because the prison invested in a poorly designed system that could potentially be exploited when none of the students have attempted that exploit or were likely even aware of it
that’s not an alternative. i agree that’d be preferable, but given where the situation stands, what’s the concrete action to take to remedy the situation?
The devices should be returned to inmates immediately, prison administrators should then slap themselves in the face one time for implementing them poorly to begin with, slap themselves in the face several times for overreacting to a viral story without having any reason to believe there was an active or imminent problem with any of their inmates, and deliver a tooth-loosening punch to their own faces for thinking they could punish these inmates by taking away their education to cover their screw up.
After that, hire a real IT person who knows what they're doing by paying them decently allowing remote work and not drug testing, and then listen to them.
i don’t think you understand how IT works… there will always be vulnerabilities… even the NSA probably has vulnerabilities… when found, these vulnerabilities need to be patched. i’m sure they’ll get their devices back; they just need to implement a fix
none of this is perfect, but shit happens and all we can aim to do is minimise the damage when it does happen
There was no security breach. Did you even read the summary, let alone the article? There wasn't even an attempted breach.
There is a breach as he released the default password, but no one attempted to breach it, as in no one tried to use the default password on their computer. Did you even try to understand what you read?
It's a vulnerability, not a breach. As you pointed out, no one attempted to breach it.