back to article Students busted for hacking computers, changing grades

Three high school juniors have been arrested after they devised a sophisticated hacking scheme to up their grades and make money selling quiz answers to their classmates. The students are accused of breaking into the janitor’s office of California's Palos Verdes High School and making a copy of the master key, giving them …


This topic is closed for new posts.
  1. Anonymous Coward

    Not that bright

    They got caught

    1. Will Godfrey Silver badge

      More to the point, they got greedy.

      1. Ken Hagan Gold badge

        Re: they got greedy

        Indeed. It was a brilliant plan right up to the point where they told everyone in the school that they'd done it and that unless these other students gave them cash (to buy a set of answers) they'd get worse grades than their classmates.

        The surprise here is that it took them so long to find a classmate who realised that the cheap way out of this dilemma was to shop the idiots. How many people paid up?

    2. LarsG

      initiative 10/10

      Execution of plan 1/10

    3. Wize

      If they were really bright...

      ...they wouldn't have needed to hack in to up their grades in the first place.

  2. Efros

    Do it once,

    do it big, and never ever do it again.

    High School grades, purlease!

  3. Destroy All Monsters Silver badge
    Thumb Up

    They seem perfectly well adapted to real life

    Not to the bromide retardo make-believe bullcrap for Delta-Minus Semi-Morons one gets force-fed in highschool.

    > when another student heard of the offer and snitched to the school principal.

    A candidate for concrete foot appears!

    1. Sir Runcible Spoon


      They say that two people can keep a secret - if one of them's dead.

      Shouldn'a told aaaaaaaaaannnnnnnnnnnnnneeeeeeeeeeeeeeeooooooone.



      CS = Common Sense

      1. Andrew 59
        Thumb Up

        To quote ZB

        Ten out of ten for style, but minus several million for good thinking, OK.

        1. Marvin the Martian

          This brings back memories.

          Specifically the time we stole a history exam from the teacher's bag while he was standing next to it. Photocopied it all and stressed (especially to the more moronic ones) to not answer much more correctly than normal --- that way, it frees up their time, takes away their stress and makes them some more marks than expected.

          But oh no. One of them actually took the photocopied original into the exam room and made up his almost-correct paraphrasing there, sitting in his unfeasibly large heap of papers (two sets of questions, plus copied plus handwritten answers).

          But that was not in the UK, with teacher-set instead of central examinationg --- in the UK that sort of thing only happens by paying the boss of the Edexcel exam board who also runs a private business coaching for edexcel exam taking.

        2. Zaphod.Beeblebrox

          Clearly, you are a hoopy frood who really knows where his towel is

          Don't mind me, I'm off to find the icon of a two-headed alien.

          Mine's the one with the towel around the collar, thanks.

  4. This post has been deleted by its author

  5. Anonymous Coward
    Anonymous Coward

    There were movies about this in the '80s. Where is the news?

    1. Shades


      "The only winning move is not to play"

  6. Demitrios

    "They were very smart"?

    Is this to imply that they are no longer smart, or have all been sent for lethal injections, you know, to make an example?

    1. Anonymous Coward
      Anonymous Coward

      They were all suspended or expelled from school which means they would have been watching daytime talk shows. After a week of this their intelligence scores will have dropped significantly.

      I once sat through an entire Jeremy Kyle show. It took a month for me to learn to write my name again.

    2. Annihilator

      S M R T. I mean S M A R T

      "They were very smart"

      Were they? I don't think the principal has realised the problem in being shocked that they were honour roll students with great grades, who, erm, only got great grades once they changed them.. :-)

      1. Marvin the Martian

        They were indeed smart at the initial stages, right until they overplayed their hand.

        For example, they could have stolen the masterkey tipping off the janitor that something's afoot -- smart. Becoming greedy -- not smart.

  7. ElReg!comments!Pierre

    *hardware* is for SpecOps

    OK kids, hacking 101: planting hardware is for when you have physical backup (and I don't mean TimeCapsule; I mean jocks in skymasks with assault rifles).

    What is wrong with a simple keylogging trojan reporting to, say, Usenet -or twitter, to be modern, introduced together with a "kim K nude" screensaver to make sure evidence will be wiped before LE is called? Hardware is the ultimate evidence. That means BAD, in case you wondered. Do not use it. Not feeling so bright now, heh?

    1. Crazy Operations Guy

      Actually hardware is king

      With software you need administrative access on the systems in question, which I am sure they did not have. Second, you actually get in less trouble with hardware than you do with software (HW keyloggers are not illegal to own, where a piece of malware is). Third, hardware is much harder to detect, yes you have an object on the aback of the system, but many if the HW keyloggers I have seen are pretty small and some look just like those PS/2 to USB adapters, so they would assume it belongs there even if they were looking right at it; whereas a software keylogger can be detected in mere seconds by the antivirus software.

      1. ElReg!comments!Pierre

        @ Crazy Operations Guy: Joke obviously

        That was a jocular comment along the lines of the bad movie plot these kids obviously followed. Hackers do not usually have sky-masked, assault-rifled backup. Well I hope they don't!

  8. Anomalous Cowturd

    advised teachers to change their passwords???


    What's wrong with enforced password changes?

    Teacher, obviously.

    1. Kevin 6

      School I worked at once 98% of the teachers had 12345 as their password till we forced them to change then they went 123456.... the principal had the never to be guessed 54321.... that account also had full access to the boards network...

      Me and my boss quit due to the security nightmare that place was cause no one would listen to us... Our higher up even made us make the admin password abc123, on the server, and routers cause the ones we originally had (it was a randomly generated password) were too hard to type in(I kid you not that was the reasoning)

    2. Anonymous Coward
      Anonymous Coward

      They may have had enforced password changes. In this situation, enforced password changes don't make a difference as they had key loggers attached and could just take the new password once changed.

      Once the key loggers were removed, then it's a good time to change your already compromised password. Which is what they were advising.

    3. Anonymous Coward
      Anonymous Coward

      I work for a school district so I feel fairly safe in answering this. Of the many times one or another of us in the IT department has suggested some sort of password policy we have had success exactly once. That one time the only effect was to enforce a six character minimum.

      I kid you not: we have everthing from 123456 to the users first name as passwords here and they never expire. The only time anyone's ever been forced to change a password (to my knowledge) has been when they were foolish enough to give me thier password, and I had to defend that the first time I checked the 'force user to change password' box. Fortunately my boss had the sense to go along with my refusal to know anyone's password but my own. The complaining party had suggested that I just forget it.

  9. Anonymous Coward
    Anonymous Coward

    They make prisons for people in denial

    If they needed to hack to up their grades, they ain't that smart - as they are soon to learn.

    1. Shades


      Is that your answer for everything Morris?

  10. This post has been deleted by its author

  11. Wombling_Free

    Youth these days....

    "devised a sophisticated hacking scheme to up their grades and make money selling quiz answers to their classmates."

    In MY day, they'd promote you to Captain of a starship for that!

    Scotty, one to beam up, don't forgot my coat.

    1. Anonymous Coward

      Very funny Scotty.

      Now beam down my clothes!

    2. Colin Miller

      Kobayashi Maru


  12. Anonymous Coward
    Anonymous Coward

    Government departments and corporate boardrooms [especially in the UK] are filled with more than their fair share of people who can barely tell the time of day, yet sport impressive qualifications from prestigeous schools and universities.

    Stealing is wrong. If these kids were thick but wanted better grades, they should have paid for them, like our leaders had to do.

    1. Danny 14


      it wouldnt have worked i the UK. Teachers cant be bothered to put their grades in until the final deadline dates so any grades that were in early would be instantly suspicious. Plus the MIS would fall over if too many grades were put in. And the USB ports are all falling to bits due to chewing gum so even the students wouldnt have been able to use the USB ports.

      They would have given up long before and simply bribed the teachers with fags and booze.

  13. Mr Young
    Thumb Up

    Here I was

    scratching my head - marvelling at all the technological advances I've witnessed. Now you tell me it's the 80's again? Please help

  14. ravenviz Silver badge
    Thumb Up



    1. Sir Runcible Spoon


      "Let's get the prom queen....."

  15. Anonymous Coward
    Anonymous Coward


    this also falls under the remit of terrorism offences...

    1. Anonymous Coward
      Anonymous Coward

      no they haven't launched that false flag yet

      "terrorists" use military grade explosives to destroy school records, presumably because they hate our school records? Government announces that going forward school records will be kept by the police but dont worry its not a police state its just to protect you.

  16. XVar

    Pretty complex compared to...

    the extent that we had to go to to get admin access on the school network - admin2 / changeme, thanks RM default passwords and stupid IT staff.

  17. The Alpha Klutz

    i wish someone would put the kids in charge of the school

    tired of schools run by idiots you know?

  18. Anonymous Coward
    Anonymous Coward


    I still remember our CS teacher's password for the entire network - "rem". Didn't require any super-sleuthing techniques, just watched him pigeon-type the password in one day. Never figured out if it was a throw-back to the BASIC comment command, or a fan of Michael Stipe et al... I suspect the latter.

    I'm hoping he's changed it if he hasn't retired already..

    1. Paul 129


      Always had the best access, in my day I simply asked them to open the door. As if I was allowed to go where I was. I didn't cheat grades. I just wanted to play games, so I needed to own the network.

      If you have physical access....

      Oooo Weird.... 25 years on and I repair PC's. Given physical access, I can still make them do anything, (have yet to run up against bitlocker)

      1. Danny 14


        first thing I did when I started rolling out W7 - bitlocker. AD password complexity still doesnt stop a teacher with Qwertyuiop1. Add "password history" and I shit you not they will change the password X times only to change it back to Qwertyuiop1 again. And teachers wonder why I have to add them to an "allowed OWA" firewall group/remote access/webdav etc.

        Get decent passwords and i'll let you use the system remotely.

  19. Microphage

    Principal Nick Stephany is shocked

    I don't think so, the principal should be sanctioned for allowing his computer system to be so easily hacked ..

  20. Anonymous Coward
    Anonymous Coward

    Too dumb to know better

    Can't they claim Arsewipers Syndrome like McKinnon?

    1. Mr Young

      "Arsewipers Syndrome"

      Tends to happen daily for me - eating seems to help it on its way

  21. Anonymous Coward

    only a few years ago

    Only a few years ago this would be deemed one of the best qualifications to get into the security industry. Though personaly why they recruit people who got caught is beyond me. Maybe next time somebody will get replica keyboards, add the keylogger inside the keyboard with remote bluetooth control to get the illgoten typings and ship the keyboards to the school as replacements under health and safty waffle and be safer :).

    That all said, there are alot of people in schools who could of executed such a plan of there's, indeed making your own master key from scratch in metalwork classes would of been more the standard. It gets down to mentality. Anybody can say hand over the cash in a bank, remarkably few people try it, go figure.

  22. Anonymous Coward
    Anonymous Coward

    Just stupid

    Hacking is just stupid and it certainly would not be a good qualification to get a job in the security industry. It may be a good means to get free room and board at a prison however.

  23. JeffUK

    It says a lot about the state of IT security awareness in the UK

    that we call "buy a key logger from think-geek, plug it in, unplug it again" a sophisticated hacking scheme...

  24. Bruce Ordway

    They were very smart

    Kids trying to be clever.

    If they were that smart....

  25. Local Group

    "When I was a lad, I served a term..."

    in Juvenile Hall.

    I went to a private high school in the '50s. Everyone had to take the Stanford-Binet IQ test to get admitted. In my sophomore year a colleague stole the list of the IQs for everyone in our class. How happy we 15 year olds were to have that information!

    Any fool can turn an 'B' into an 'A'. But to be able to look at the class athlete or stud and think: "heh, heh, only 108."

    In the middle of the 20th century, we had very simple desires. Oh, and no one tried to change his IQ score.

  26. Anonymous Coward
    Anonymous Coward


    LOL. I like how the author uses the word sophisticated when all the kids were script kiddies. Only having to download a keylogger, buy a decent crypter to remain undetected by antiviruses and gain access to the teacher's computers. Use usb spread if os is vista or xp or simply execute the file if windows 7. Then receive reports via either ftp or email. They are so stupid they didn't even chose the melt option or hide process via rootkit or attributes. I managed to hack 30+ accounts when i was 11 including hotmail twitter etc by making my own video.... Do I think they are smart? of course not.

    1. hplasm

      Smart people

      would read the article carefully before commenting...

    2. Local Group

      Isn't this why we have cliches?

      Like "separate the men from the boys?" To tell us that some people in a group can do something difficult (commit crimes and not get caught) and some people cannot.

      That our very own manly masterminds like AC are separated from the legions of incompetent high school bat boys in the league of Ali Baba and the Forty Theives.

    3. Danny 14


      cool story bro.

      Must have been one helluva badly run network to A) allow FTP B) let staff/pupils have install rights C) let their mailserver act as an internal open relay, D) allow access to hotmail and twitter on a school network, E) not have central mandatory profiles to stop people injecting startups or other oddities.

      Bread and butter things in schools really. Expect the kids to try and break the system, even down to learning japanese to beat the filters and screen readers....

  27. Piro Silver badge

    Expel? What the hell?

    If I witnessed an elaborate scheme by some kids at a school, I would be downright impressed.

    They've shown more initiative, ingenuity and technical ability than the majority of people ever will.

    1. Anonymous Coward
      Anonymous Coward

      Reward criminals?

      I don't think so unless you feel prison is the proper reward. Rewarding criminals shows that you've missed the point completely.

  28. b166er

    Did the grass get a thorough beating?

    I was suspended from school for shoulder-surfing the teacher's password.

    It was 'clowne' from the fictitious Clowne Industries used in the training literature for our BBC B micros.

    Our Computer Studies teacher, was, shall we say, blessed with some enormous norks, so I did what any self-respecting geek would in that situation, send a network message to all the screens in the computer room 'Miss Low is a top heavy fraction'

    Some punk-ass little kid from the second year grassed me up. I got suspended for the rest of my school career because, apparently, I corrupted the platter-based storage system!

    <remembers fondly trying to un-crease my 5 1/4 floppy>

    Bring on the Raspberry Pi

  29. Lance 3

    "The school has also upgraded its security and has advised teachers to change their passwords."

    The school should implement two-factor authentication and this wouldn't happen again.

    They should bee up that janitors closet as well.

    Weak physical security = weak computer security.

  30. Matt Bryant Silver badge

    Ah, the good ol' days!

    Reminds me of when USB 1.0 came out, shortly followed by the first scare stories of USB hardware exploits and keyloggers. The government agency I was working at had just gone through a consulting exercise around centralised printing, with only the senior managers' PAs getting personal USB printers to replace their old serial-port ones. They'd just about got all the PAs' new printers in when we heard they were going to disable all the USB ports on all desktops! One of the unwanted USB printers promptly found its way to my home office.....

  31. Winkypop Silver badge

    Not smart, too greedy.

    School wheezes and japes:

    Rule # 1:

    Don't tell anyone!

    This often helps with the primary objective:

    Don't get caught.

  32. Anonymous South African Coward Bronze badge

    WarGames (1983)

    Remember that movie - when you can log in with only an username, no password...

    They should do a remake of that movie :)

    1. Danny 14

      oh noes

      be careful what you wish for.

  33. proman

    If only people knew the technical side. They wouldn't be so "impressed". It's sad how the genuinely skilled people remain unemployed and these halfwits are described as very bright when anyone with an iq 90+ would be able to succeed in such a task.

  34. Anonymous Coward
    Anonymous Coward

    Wouldn't you prefer a nice game of chess?

    These kids are 2 steps away from Global Thermonuclear war!

  35. Anonymous Coward
    Anonymous Coward

    @AC - Sunday 29th 9.46GMT

    Funnily enough, i'd also put you into the script kiddie category. Also you say you hacked 30+ twitter accounts when you were 11, does that make you 13 now?

  36. tony 33

    took a while then !

    The master key was stolen from the janitors office (physically or just a software number?) and security wasn't changed?

    maybe someone other than the kids should be leaving the school........

  37. I think so I am?

    No imagination, AT ALL!!

    They used hardware key loggers to get admin. They then had admin access and all they did was change their these days have no imagination.

  38. Alan Brown Silver badge

    As I once told a school secretary.....

    .. "When - not if - the students hack this system, I hope you're very lucky and they only alter their grades. They can do a LOT more damage if they start circulating sensitive personal information."

    The response was to tell me my services were no longer needed. 6 months later the inevitable happened and having shown their insurers proof of the warning their public liability cover was voided.

    $2 million in payouts later, that school has a half decent security system which DOESN'T have staff and student machines on the same physical network.

  39. MahFL22


    No point in changing your grades when the teachers know which grades you have been getting all year.

  40. This Side Up

    @Danny 14

    No, forcing people to change their passwords every n days is a bad idea. You either have to use a fairly weak password or write it down, otherwise you'll never remember. Stick to one strong password and don't change it unless it's compromised. Also the more rules you put on what can be in a password - e.g. dictionary words - the easier you make it to hack the password (because rules exclude whole rafts of possibilities).

  41. Anonymous Coward
    Anonymous Coward

    Halcyon days and the impetuousness of youth

    My hearty congratulations to anyone who hasn't tried to gain a competitive edge over their classmates through subterfuge. My personal experience was this: When I was studying 3 languages at GCSE level you could take an extended written examination or choose coursework which involved recalling from memory (under exam conditions) two A4 pages of text you had written yourself a week before. You were allowed dictionaries and could use anything printed inside them. So I would type up my essay and reduce it to a tiny font then flip the image and change the settings on the printer so the ink was quite wet. I could then carefully "print" this onto a blank page in the dictionary. I was careful to make a couple of deliberate mistakes when copying out so as not to be rumbled. This assured me 25% of my grade at A standard in these 3 subjects. What did I do with the time I should have been committing this to memory? I was studying for the other 9 GCSEs I had to pass. I'm talking Maths, Science, English and the like not Drama and Art.

    Bottom line is there is so much pressure on kids to do well that this sort of thing is bound to become commonplace. I ended up with 11 A* and 1 A. I'm no idiot by any stretch of the imagination and everything else I got honestly, but my other grades would've suffered had I not exploited a loophole. When you’re pitted against a kid with photographic memory who only has to read the relevant info several times 2 hours before the exam and then regurgitate it, you appreciate how unfair life can be. A simple fluke of in built ability can affect your chances of doing well in exams. He wasn’t the brightest kid but could reproduce a piece of text he’d seen verbatim.

    Sometimes you feel the need to even the odds in your favour. I'm not saying I condone what these kids did, but I understand. Yes, if they’d been smarter (and less greedy) they would’ve kept this to themselves and given themselves a chance at an excellent college. I suppose that’s filthy capitalists for you, they couldn’t see the long term investment and bigger payoff down the road.

  42. Jerren

    If they where smart....

    1) They would not have done it at all, agreed. And this is the MOST important point!

    2) They would have written their own software key-logger vrs a hardware one to make it harder to detect and hopefully harder to trace back to them. (kids and credit cards these days, way too lazy!)

    3) They would have retrieved the hardware devices after they had captured the needed passwords to avoid detection. (Granted there is a risk of detection on re-entry but it appears these guys where rather proficient at infiltration of the school...)

    4) And this is the big one.... they should have never tried to profit and never told anyone, ever!!!

    Like most criminals it's the greed that gets them every time! But will they learn their lesson?

    Now that they are expelled they have plenty of time to learn how to use metasploit and SET to do it from the outside (Just what we all need...).

    School or not Security needs to be baked in to everything you do these days, and expulsion alone is not harsh enough to prevent the students from continuing down a rather dark and dangerous path.... lets hope their parents straighten them out before the courts have to!

  43. Marty McFly Silver badge

    School system

    The school system failed to keep smart kids occupied & challenged. Classes are taught to the speed of the slowest student. These kids needed a challenge and they found one. Their teachers should be punished for not keeping the smart students intellectually engaged.

    Now about the endpoint security technology which failed to detect a keylogger..... Probably should punish the IT department too.

    1. Mr Young

      Is that you Marty?

      Do you have the Flux Capacitor...tell me have it!

    2. Jerren
      Thumb Down

      They apparently used hardware based keyloggers, which are virtually impossible to detect by software as they plug inline with the keyboard cable out of the back of the PC. More of a physical security issue. Besides almost every company I hear about being hacked all act dumbfounded at the breaches because they all had "AV and Firewalls" The biggest threats are from within, and AV can only stop what it knows about if ti's something new or just newly encrypted in low volumes it's not a priority and often times will slip right though most AV...

      I don't think this was a case of a lack of being stimulated or engaged here, they used COTS hardware, a copied key from the janitor, it was fairly low tech breach overall. This is simply a case of B&E, academic fraud, and being greedy.

This topic is closed for new posts.