Chromebook SH1MMER exploit promises admin jailbreak Users of enterprise-managed Chromebooks now, for better or worse, have a way to break the shackles of administrative control through an exploit called SHI1MMER. SH1MMER – you may pronounce the "1" as an "i" – is a shim exploit, or more specifically, a weaponized Return Merchandise Authorization (RMA) shim. A shim is Google- …
That's not how it works.
Most schools coerce the parents into paying for the Chromebooks, on the basis that it is technically optional, but your child will not be able to participate in class or do their homework without it.
You have to buy it through their approved dealer at above market price and they insist that it must be fully locked down and managed by the school's IT department. So the parent owns the device, not the school, but the school has complete control of it.
You get to keep it after 5 years when the OS lifecycle timer expires and it no longer gets updates.
Aah the simpler times when the hot new hack was F1 at boot to access the BIOS and enable booting from a floppy(*). How I miss those days of yore.
(*) So that you could install a keylogger, capture the administrator's password, lock-pick the sever-room door and abuse the password mercilessly. But I digress.
The only management my offspring's school has done to Chromebooks is disable the Play Store, which ironically makes it impossible to install Qustodio. Otherwise it's all the internet, all Chrome store apps, all the time so this exploit means nothing in the grand scheme of things.
This, by the way, is what parents have to contend with these days. Just to pre-empt the "why aren't parents parenting like they did in my day" crowd. Google is working against them to get the next generation hooked and the school is working against them because they saw a bandwagon to jump on but they don't really have a clue when it comes to IT.
Chromebook never interested me, I don’t care about it. “Internet apps” are ok once in awhile but I’d way rather have the software & data on my HDD. If I want to “share” the software & data with the teacher, email still works.
But you know what I always wanted was one of those “Personal Internet Communicators” from AMD, with the Geode CPU, or else perhaps the “One Laptop Per Child” units. I heard they were rugged, adequately powerful, and included a hand-crank for power in a pinch. So cool!!
https://www.engadget.com/2006-11-13-amds-pic-canned-as-olpc-production-begins.html
> “Internet apps” are ok once in awhile but I’d way rather have the software & data on my HDD.
It's not like that. While Google has an online word-proc it is much too slow on my CB. I went to store and found a simple text editor, which is what I really wanted. It runs on the CB, I tell it to store files on the CB, all is well. Yes, I know the CB cc:s Google with all I do, moreso than Kindle (every touch is logged), but Google will be bored to virtual tears with the text I edit.
Good. Now when my kids leave school they will finally be able to make good use of the chromebooks that the school insisted I had to buy for them. Currently they have to use their windows laptops for their homework because their chromebooks are blocked from accessing the websites that the teacher told them to refer to.
I'm not familiar with all the ways of locking down a Chromebook (I bought one for the lad on the basis that I didn't have to waste much time managing it), but in our case it was perfectly allowable for him to have a school login with all the limitations thereof and a personal login free of the shackles. Or at least limited to the shackles I had put on it. The logins were completely different environments on the Chromebook. The school eventually bought CBs for each child, but we kept on using our own since it was (naturally) better than the school's spec. So I don't know if their own machines were somehow tied down even further.
School education on PCs has, in recent years, offered no real "digital literacy" at all as the usual (outside of Chromebooks) is just learning to use Office (and not even something free and open that can be examined inside for those curious enough about code.
Also you have to remember the folks on this forum are as far from the usual chromebook clients as you can get, it is basically a tablet with a keyboard.
For some folks that is really the best choice, I gave one to a friend who was both simultaneously paranoid about being shafted on a Windows PC, and quite capable of screwing it up. It was almost perfect as they could not easily screw it up, and when broken they could get a new one and sync it to their google account and off they go! Yes, their privacy is raped but no worse than social media, and it almost worked out fine. Until I got a call saying it was broken as they stood on it with the cable's ferrite between the screen and keyboard trashing the display. The best bit? They told me "Oh last two times I did that it didn't break" strewth!
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
