
When You Accidentally Break Your School Network in 1995 - mmccaff
https://mmccaff.github.io/2017/05/06/when-you-accidentally-break-your-school-network-in-1995/
======
devrandomguy
Ah, good times. Win95 used to crash so much, that my brother and I became
quite adept at resurrecting Explorer by causing a surviving process to trigger
it. Eventually, we discovered the infamous "Login? No, just help yourself to
the desktop" hack. No one cared, it was normal for stuff to be broken.

[https://imgur.com/rG0p0b2](https://imgur.com/rG0p0b2)

~~~
merb
on windows 95/98 in most networks you could just click cancel since the
anonymous logon wasn't even disabled.

~~~
mkosmo
And even if it was, there were ways to get anonymous execution through the
task manager, or the infamous help-dialog login bypass.

------
CrazyCatDog
Well, I used "the internet" to avoid suspension in high school.

It was 1995, and I had made a fake parking permit for Fairview Hugh school in
Boulder Colorado using Corel draw and Kinko's. The junior class president--my
arch enemy--found out and narked.

I got pulled into the principal's office and was threatened with suspension.
When they asked me how I made it, I told them I downloaded it from the
internet. I explained further, that I had my own business making websites for
local businesses. "Oh, ok then." They told me that my "we sentencing" would
take place the next week.

I didn't sleep that weekend for fear of someone molesting my "permanent
record." That next Monday, a student assistant pulled me out of class and took
me to the principal's office for my sentencing: teacj the principal how to use
the internet!

The best part of all this, is that I later learned the snitch had purchased
his ap history term paper from the back of Vanity Fair magazine. I called him
to tell him that I knew and he hung up. I called again and it went to his
answering machine, where I explained that this was blackmail: he had exactly 1
hour to deliver me his authentic parking permit for the entire next semester,
otherwise I would snitch. He answered the call mid-message and delivered the
goods 40min later.

When I first got busted, my dad told me about revenge being best served cold
(it's a saying in French), that I should bide my time. He was right!

~~~
Twirrim
> revenge being best served cold (it's a saying in French)

It's also a saying in English, one that translates well.

------
noir_lord
I had to personally apologise to the IT department because I sent a message
from 'God' saying "I saw what you did last night" to the entire network (long
time ago but it was Novell something) by mistake (was aiming to send it to
just the one computer lab).

They thought it was hilarious and that was the end of the matter.

~~~
godzillabrennus
I got suspended for teaching kids to use Winpopup in Highschool...

~~~
grkvlt
These stories are all too familiar, probably to many here of a certain age.

I actually got _expelled_ from my school (in Scotland) for installing the
'MacinTalk' network chat software on our Business Studies AppleTalk network
with about ten Mac Classics. The time I only got _suspended_ was for using
Prestel via the Computer department's (only) modem, after shoulder-surfing the
password for the school account when a teacher demonstrated 'the future of
computers' to us. The look of uncomprehending fear on the teacher's face as
they ran into the computer lab after being told I was using the modem was
priceless. I eventually had to go to an entirely different school to study for
my Higher Computing, because none of the teachers at my school were competent
enough to teach it.

~~~
noir_lord
When I was been 'taught' VB (shudder) the lecturer had 'Teach Yourself VB in
24 hours' on his desk, I used to go in before hand to make sure he was up to
speed on what he'd be teaching.

Lovely guy and a good teacher just dumped into teaching something he wasn't
remotely qualified to teach.

It was an interesting situation though since it taught me the value of been an
autodidact early.

------
Cub3
Once upon a time I was suspended from high school for having pen-testing tools
on a flash drive in my locker.

I was interested in network security and asking to my teacher about the best
way to learn this information and whether 'these' tools would give me an
understanding, I told her I brought them in to ask questions about and next
thing I knew they broke into my locker, read the drive and I was pulled out of
class and in the principals office for "possessing" these tools.

I still remember him saying "it's like you brought a gun to school, just
because you didn't use it doesn't make it ok. The only reason we haven't
expelled you is because we can't prove you used them on the school network."

I understand now they reacted this way out of fear but it was a pretty
terrible way of handling a curious kid and ruined both my trust in teachers
and interest in learning any kind of network security.

------
lordelph
Way back in 1988, I was in the sixth form of a school in the UK (that's for
students aged 16-18). We had a bunch of BBC Micros networked together using
Acorn EcoNet.

Very detailed manuals for _everything_ were just on a shelf in the classroom.

I forgot _how_ we did it, but we wrote something that gave us access to the
place where the passwords were stored on the master server. I also forget
_why_ we did this, but somehow we accidentally deleted the master password
file.

We were still logged into the system, but panic set in. We logged out...

...and of course we could not log back in. _Nobody_ could log in.

We owned up right away. The difference between mine and the OP's story is I
just had a very stern talking to from the headmaster and strongly worded
letter home! He did admit he was quite impressed but suggest we channel our
talents into less destructive projects.

Network was down for a day while it was completely reinstalled!

~~~
kwhitefoot
Even further back, as third formers in 1968 or 1969 there were no computers in
schools but we were keen chemists and discovered ammonium iodide.

As we were the best students we had access to the chemistry lab store room, so
we made a big batch and painted it everywhere (under chairs, blackboards,
waiting areas outside classrooms, etc.). It was hilarious. Again all we got
was a stern talking to and a mop and bucket, and told to clean it up.

I suppose that today anything to do with explosives would be taken too
seriously to be fun.

------
lessonone
Stuff like this is still happening. I graduated high school in 2012. During
our final semester, my friend decided to try logging in to the school router.
He thought it would be passworded, but it was completely open. He shared this
info with me and a couple other friends.

We had fun for a bit restarting the router when we wanted to mess with a
boring teacher, but eventually one of them set a password, the school IT guy
found himself locked out, and I found myself getting threatened with
expulsion. The principal interrogated me and asked if I knew what port
scanning was, and even accused me of lying when I said I didn't (I really
didn't!). I told him as much as I knew - which wasn't much - because I didn't
want to get expelled a few months before graduating.

Long story short, the friend that set the password got expelled, the one that
found the vulnerability got suspended for a week, and everyone else got off
scot-free. I heard a year or two later they started offering programming
classes there.

~~~
breitling
There was a school in 2012 that didn't teach computer science? Wow, Poor
students.

~~~
danielsmay1
I also graduated in 2012 and my school was the only one in the county (that I
knew of) that offered any sort of programming class. It was taught in Visual
Basic! Previously it had been taught in C++, but the teacher thought that C++
wasn't used any more!

When I got to college, I was quite surprised to learn how common AP CS was. I
was especially blown away by a classmate who took 4 years of CS in high school
(at Stuyvesant IIRC).

------
flowseph
I had two instances of near expulsion, and these were quite recent (2013).

The first was when I created a small messaging application that allowed
students to message each other on school computers when in study rooms that
had an enforced silence rule - it was really basic and just used text files
that were stored on the shared files on the school network.

The second was worse simply because I was pulled out of class for looking up
how another student was making pop-up messages appear on all the networked PCs
using the school's printing system. So, this student was in the middle of
somehow gaining admin rights, and I was threatened with expulsion because I
was looking up how he was doing it.

Real fun times

------
canadian_voter
_One tech savvy friend was called in for questioning and told that he was
going to be blamed for everything and that they had enough information to
prove it was him even if it wasn’t. He was going to be expelled unless he had
any information that he could share to prove otherwise._

Classic interrogation technique. I also learned a lot about how police states
work when I was in high school.

~~~
duncan_bayne
Speaking as a parent, it's hard to find a school that actually values learning
and development, and isn't some sort of cross between Police detention and
daycare.

We were lucky enough to find such a school reasonably nearby but the cost -
despite their genuine efforts to keep them low - are scary.

------
rxlim
In 1998 I installed the NetBus server on computers in the computerlab at my
school. I would then run the NetBus client on a computer in a secluded corner,
and watch the reaction from people while I messed with their computer. The
best reactions I got from randomly opening and closing the CD-tray. Good
times.

~~~
haeric
We did the exact same thing! This one time, me and my group of similarly nerdy
friends sat in a different room and opened all of the CD-trays in the computer
lab during a computer class. The teacher came running to the room we sat in,
and we were so sure we had been caught. But no, she started explaining that
all the computers were acting up horribly, and that we were the only ones who
could help her. She didn't know how right she was :)

So we helped her naturally, undoing our own work and uninstalling NetBus. I'm
not sure she ever figured out it was us, though.

They DID figure out who was spamming "net send" messages to certain people. A
kind of war had started, where people would compete in sending the most net
sends to each other, forcing the other side to click "OK" on a message box. It
got sort of nuclear once we discovered batch scripts and for loops.

~~~
amiga-workbench
I got banned off the computers for months for finding net send because the
other students abused it.

I just brought a Linux live USB stick with me and did my work that way.

------
Pica_soO
A friend of mine installed sub7 back then in the school network and tried to
host a starcraft server. Didn't work out, for some reason- but yeah, that's
youth. To criminalize such creative vandalism, wouldn't help anybody.

------
stestagg
When I left school, I got the deputy-head, during an official meeting to state
that they didn't teach computer science because they were afraid of what the
pupils might do.

A school frightened to teach pupils ...

~~~
BenjiWiebe
If I was a teacher in that sort of scenario, I think I'd go ahead and teach
the pupils, and take it as a challenge to keep on top of their hacks. I'm
guessing it could be a lot of fun and all parties involved would probably
learn quite a bit.

------
throwaway84352
Some 10 years ago, when I was in 8th or 9th grade, I was threatend to be
expelled as well, and charges were allegedly brought against me (I never
really checked). I "hacked" the school website (as the CS teacher explained to
my parents) and deleted all it's contents. In reality, I only logged in via
FTP and renamed all HTML files (the hosting did not event support PHP, and
this was around 2008). I had access to the FTP because a year ago I was
briefly responsible for running the school website and nobody bothered to
change the passwords when they took over running the website.

I got a call from the principal the next day. He congratulated me and asked me
to apologize to the CS teacher. After I did that, she agreed to drop the
charges. In the end, I was only reprimanded and I had to apologize to the
whole school as well. My only other "punishment" was helping the CS teacher
fix some computers after school.

As this was playing out, I was hoping they wouldn't find out what I did a year
earlier - I'd set up a phishing website for the country's most popular email
service and I'd set it as a homepage on all the school computers. Needless to
say, noone bothered to check the address bar, so in a week, I had passwords of
half the school, including some teachers and the principal himself.

------
Symbiote
My friends and I were accused of interfering with the school computers on a
few occasions. I think we were just bored -- we lacked direction and
inspiration.

The computers had Visual Basic installed, and my uncle had given me a "Teach
yourself VB in 24 hours" book. I followed all the exercises, but I didn't know
what to do next. The book was obviously intended for business programming, so
it didn't have any interesting suggestions. I wanted to make a game, or
animations, but didn't know where to start.

I did implement a card game, but couldn't get any animations to work smoothly,
and eventually gave up. The teachers knew nothing about programming, so they
couldn't help, and couldn't even recommend other books or a web site. I think
they regarded whatever I made with suspicion.

Competant teachers should have been able to provide programming exercises (or
a larger project) that I was capable of implementing, but challenged me to
learn something new with each task.

Instead, we made bar charts in Excel, and had about as much respect for IT as
a subject as we did for gym class.

------
Vaskerville
In 1981, when I was 12 years old, I visited my brothers university to watch
him graduate. I didn't have much to do so they showed me the computer they had
installed in one of the study rooms at his fraternity. It had a phone modem -
they connected me to the campus network so I could play around. At the time
everything was run out of one of the campus libraries. So, finding it all
rather boring, I turned on a nearby stereo and put the phone to the speaker
for a minute or so. Afterwards, I could no longer use the computer so I turned
it off and went to wander campus. While I was away the library (security?)
visited the fraternity wanting to know who crashed their network. Nobody even
suspected it was me. They were told that they might face a temporary
suspension. I only found out about this part 20 years later. So, which
university was it? Stanford. ;)

------
xena
I nearly got expelled for learning how to use Flash 8 in middle school to make
games.

~~~
andai
Wow. What kind of games?

~~~
xena
KETM spaceship games, nothing super exciting. I got kicked off the computers
before I got a whole game put together.

------
bigjimmyk3
I have a story from the other side. In the late 90s my university RA position
involved installing and maintaining a network in a nearby school district. One
day, a teacher at a junior high indicated that one of his brighter students
was "messing around" with one of the workstations. I took a look, and sure
enough he had rebooted it with a linux CD-ROM distro. No problem. However,
there were clearly multiple logins for people who weren't students, and the
server was accesible from outside the network. Problem. Further tracking led
us to a password sniffer installed back at the university, which in the 90s
was serious business (and a whole other story).

Once the teacher understood what was going on, he quickly ran it up the chain
and we wound up in a vice principal's office with an SRO and the boy's parents
(SRO = School Resource Officer). I was a pretty bright kid in high school and
the one time I wound up in a vice principal's office, it was pretty
unpleasant. However, when the kid walked in I think he outdid me -- he
instantly went #ffffff and almost fell over. To his credit, once he started
breathing again he was honest and open about what he did. I tried to emphasize
that he didn't act out of any bad motive, so I'm pretty sure the worst
punishment he received was that office experience.

In retrospect, I'm glad I was there because (even as a college student) I had
enough credibility to explain the situation. I did not keep up with the
student, but I hope he went on to much career success.

------
a3n
I sorted some of my work product with bubble sort (I wrote maintenance
procedures and docs for a defense contractor), in 1982 or 3; I figured out
bubble sort "all by myself". I don't remember the mini-computer or the
language. The system admin visited me and told me not to do that anymore. I
went to school after that (where I learned that it was called bubble sort).

~~~
mmccaff
Hah. Any idea why the system admin didn't want you to bubble sort anymore?

Was it noticed to be taxing on some system's resources or too long-running of
a process or something?

~~~
a3n
Yes, that was why. It was long ago, I'm sure it was a particularly inept
implementation. He didn't say "don't bubble sort," he said "don't run that
anymore."

------
noonespecial
My 'episode' was in '93\. I'd just learned about TSR's and execution vectors
and really wanted to try to write a floppy disk boot sector virus. Coded it up
in turbo pascal. Thought I was being ultra careful: promptly spread it
everywhere.

My school was much more laid back, thankfully.

~~~
andai
What safeguards did you build in to it?

~~~
noonespecial
I wrote, in big red letters on the disk, "Don't insert into computers with
hard disks or with other floppies."

I can't imagine how this could have failed...

------
orthecreedence
Was the early 2000s, but in my high school library I did a

    
    
       NET SEND comp1231 i know where you live
    

to mess with my friend who was sitting right next to me. Then the hacker in me
decided to see if asterisk worked (of course, without changing the message)

    
    
       NET SEND * i know where you live
    

(Hint: it works). Everyone in the school who had a computer on got the
message. I caught hell for that one, had to write a letter of apology to a
bunch of school staff who didn't "feel safe" after receiving the message.
Never got access to my account after that either, so I always had to get my
friends to log me in.

I didn't break the network...but hey, I helped expose a vulnerability, right?
That's something.

------
wjh_
In 2015 (perhaps more recent than other comments...) I was in trouble for
starting powershell via a shortcut and using it to kill the monitoring
process. Apparently it was "causing intentional damage", when in fact I just
wanted to finish reading something online after the teacher disabled the
internet.

Luckily they didn't take it any further than a stern telling off, unlike the
article.

On top of that, I had actually revealed a vulnerability allowing anyone to
access anyone elses' files earlier in the year.

------
rootsudo
Meh, I got a suspension for using Net Send on Windows XP back in 2003/4.

I got the date with the girl and I annoyed some people and pissed off the
network admin, win/win.

------
ErikAugust
I was looking for the keyword "Novell" to make me smile. I used to comb the
web for exploits all the time.

My stories of mischief are probably like many of yours who were in high school
in the late 90s - phone systems, Sub 7 and BackOrifice installs.

------
tiredwired
After my first week in high school computer class they moved me to a separate
room where I was free to work on my own. This was in 1984. The class was using
Commodore PETs. They gave me a Commodore 64 to play with. Easy A.

------
warsharks
i did something very similar to this in 1998 at high school, good times

~~~
mmccaff
I wonder how many similar stories there are out there and how they were
handled.

Good times they were not, though. As a kid who didn't have bad intentions,
dealing with the repercussions was a lot.

There was no precedent (at my school, at that time) for how to prevent and
deal with a situation like that, though.

~~~
nickpsecurity
"I wonder how many similar stories there are out there and how they were
handled."

In-school suspension and police interrogation for me on different occasions.
In each, I had actually done nothing but was smart and _could_ have done
something. The first was actually a setup by the most notorious hacker in the
school who I was showing up a bit with my demos. He had some script
downloading and popping up porn on my computer that a teacher saw while I was
at lunch. Looking at the times, it added new files to IE cache every 15-30
minutes all the way into the 2-3AM's. My defense was I couldn't possibly be in
class surfing porn after the school closed. The non-technical authorities had
made up their mind someone would be punished, though. ;)

~~~
simmons
_In each, I had actually done nothing but was smart and could have done
something._

I had the experience in high school in the 90's of being wrongly accused of
computer mischief solely on the grounds that I might be capable of such. I was
astounded that merely possessing knowledge would be sufficient for such an
accusation. Thankfully, no suspensions or police involvement came out of it.

~~~
c22
This happened to me in highschool in the 90s too. There were several Mac
laptops available for students to check out of the library, on one occasion
someone changed all the desktop icons on one of them to little piles of shit.
I was an immediate suspect because I brought my own laptop to school and
people had seen me using a terminal. For some reason they didn't think to look
at the list of people who had actually checked out the "hacked" laptop, which
obviously didn't include me. My fate was sealed when they asked to see my
school-issued floppy disk and found a picture of a mushroom cloud on it (part
of a hypercard presentation on environmental destruction). I ended up getting
a 3 day suspension and being barred from using the school laptops that I had
never used anyway.

------
obv_a_throwaway
When I was 11 years old or so, I did not yet have a computer of my own but I
had taken an interest in computers and wanted to learn more about them than
just playing games. First and foremost I wanted to command computers to do my
bidding. To create my own games and so on. So I read a couple of books and
magazines and wrote a bunch on paper.

My father had a computer that he would let me borrow at times. One time my
father brought with him home a copy of the installer for a program called POV-
Ray, an open source raytracer and together we used it to describe a couple of
simple scenes and render them. Aside from that my interactions with real
computers at the time remained limited to playing games, using MS Paint and a
little bit of supervised web browsing. However my interest in learning about
computers remained and my father encouraged this. He would bring with him
print-outs from the internet about various things relating to computers. One
time he had printed out a few pages from the website of the Chaos Computer
Club.

Those guys, the CCC, what they were able to do was amazing to me. They seemed
like gods, well not quite gods but some sort of wizards or something.

The movie The Matrix had also captivated me when I saw it. It remains one of
my all time favorite movies to this day.

At the age of 12 I got a computer of my own. It had a red rescue floppy, the
contents of which I belived to be the entire installer for the Windows XP
operating system. My father told me that the installer would weigh in at a lot
more than the 1.44 MB that was able to fit on a floppy. I did not believe him.
He was right of course, as I would come to understand a few years later -- the
rescue floppy was booting the computer from a hidden partition and then the
recovery stuff that was stored on that partition would take over and continue
from there. Nonetheless, I had a blast and aside from a few misconseptions
like the one mentioned, I learned a lot from having my own computer. Being
able to restore Windows XP back to the factory state turned out to be very
useful in the process of learning as I would regularily mess up my install in
various ways that would lock me out of the computer or even make Windows
unable to boot, but each time I would pop in the recovery disk and within 30
minutes to an hour or so I think the recovery program would have made the
computer good as new. I lost a lot of data that way of course but little of it
was of value to me anyway. The process of trying things and discovering and
learning was much more important than my data. So on my computer I could
experiment and if something broke there was no consequence. This would shape
my attitude against computers. The lack of consequence however, not so.

Fast forward to 2006, I was in high school. I finally learned to program
thanks to TI-BASIC on the graphing calculators and a book about PHP, after
previously while in midleschool having given up on programming when the C++
Hello World program I copied from a book didn't seem to work. (I had compiled
it successfully but I had failed to understand that I would have to run it
from a command prompt in order to see the output, so what happened was that
when I double-clicked the executable, a command prompt opened itself, and as
soon as the program finished it closed itself, leaving me to think that the
black box that flashed on my screen meant that the program didn't work.)

With the understanding I had gained from programming I figured maybe I would
be able to create my own cracks for games and other pieces of software. After
a bit of searching I came across a site called woodman.com, which had a bunch
of tutorials on reverse engineering. I read them with great joy and after
having followed guides and practiced on various crackme's, I downloaded a
shareware program that had a serial protection on it and was able to crack it
all on my own.

Well, well, well. I am able to write software, I am able to crack other
people's software. Now I think it's time that I look into network security. I
bet there is some security issue with the school computers and I bet that the
school will be happy when I tell them about it.

Yes and no. There was a security issue, but the school did not enjoy me
finding it nor what I did once I had found it.

The first thing I did was I downloaded a collection of rainbow tables.

Next I tried to boot one of the school computers with a boot-CD so that I
could copy the LM hashes file if it existed on the computer.

The school computers had a BIOS password and were configured not to boot from
the CD-ROM drive.

So I gave up on that and focused my attention on other things.

Later one day when I booted one of the school computers, the boot process
looked a bit different from what it used to (don't remember how, but probably
it attempted network boot or something) and I figured that maybe I should try
to enter the BIOS menu on this computer. The computer allowed access without a
BIOS password. (The school IT administrator had disabled the BIOS password
temporarily and had forgotten to re-enable it afterwards.) I shut down the
computer again and the next day I brought a boot-CD.

I booted from the boot-CD, found the file with the LM hashes and copied it to
a USB stick. Brought it home and put my computer to work at using the rainbow
tables I had downloaded.

After some time (several hours, perhaps several days) the password cracking
program had found a match for the password of the local Administrator user.

At school I then tried to log in as Administrator on one of the computers
using the password that the password cracker had found and it worked. Holy
shit!

Instead of telling the school about this, I decided that I should investigate
what more I could do. Bad idea. If I had stopped at this point, perhaps the
school would have been thankful indeed, who knows.

So after a bit of pondering, I decided that I should install a keylogger on a
bunch of the machines. I found something called FakeGina.dll online and was
going to replace MSGina.dll with it. This triggered the antivirus software on
the school computer which gave me a bit of panic. I logged off and didn't do
anything out of the ordinary for a while, expecting that the school IT admin
would have gotten a notification and that he was going to question me about it
and that it wouldn't look good.

(Continues in a child comment.)

~~~
obv_a_throwaway
But the school IT admin didn't know. (Makes sense, students probably trigger
the antivirus on a daily basis so even if the antivirus software did have
reporting functionality the IT admin probably wasn't making use of it.)

So when nothing happened for a while, I continued my investigation. I learned
that by splitting a file so that you have a file with the first byte of the
original file in it, a file with the first two bytes, a file with the first
three bytes in it and so on, and then looking at which file in the sequence
was the first to be discovered by the antivirus, you could learn what part of
the file the antivirus was fingerprinting (nowadays antivirus is more
sophisiticated and applies more than just fingerprinting but at the time at
least the one they were using at school was operating in this fashion), and
you could edit nearby values with a hexeditor hoping that the byte you changed
would alter the fingerprint without breaking the program. If you were lucky a
text string was part of the fingerprint and could be altered without
consequence to the function of the program.

So with a version of FakeGina.dll that I had modified in the fashion just
mentioned, I installed it on a few of the school computers. A handful of
computers in one of the computer labs and a couple of classroom computers.

Because I had installed the keylogger on a couple of classroom computers and
because teachers were using those computers, I ended up with the passwords of
not other student accounts but also some teacher accounts.

I was about ready to tell the school about what I had found but not until I
first bragged to some of my friends, a couple of which asked if they could
have the admin password so that they could install some games on the school
computers. Sure, why not. Just don't tell anyone about it, I said. Basic op-
sec failure. If I didn't want others aside from my friends to know, I
shouldn't have told my friends either.

One of the people I bragged to told one of his friends and that friend told
the principal about it.

One of my friends heard that that other guy had told the principal about it
because that other guy told other people that he'd told the principal. My
friend sent me a message on facebook to warn me about it but I wasn't logged
onto facebook so I was sitting at the computer lab blissfully unaware of what
was going on. Even if I'd known it wouldn't have mattered. Once they know it's
too late.

So one of the school staff marches into the computer lab with a stern look on
her face, says "come with me". I paniced and looked around, considered jumping
out of the window as we were only about half of a story above street level but
decided that since none of the windows were open there was no point in trying
that.

She escorts me out of the computer lab and I ask "what's going on", trying to
sound normal but my voice was shivering. She didn't answer, just kept walking
alongside of me guiding me towards the principals office.

I knew that the principal was a nice person so I hoped that I would be able to
explain what my initial motivation had been and that I was sorry that I had
gotten carried away.

The principal was a nice person but he was also concerned about what I'd done
and the impact of it, and the fact that I had logged teacher passwords meant
that I could in theory have altered report cards, and that that amounts to
falsification of official documents or somesuch and so on.

In the end I was expelled from school for three days and the school reported
me to the police.

At this point I had recently turned 18 years old so the school told me that
they could not inform my parents of this without my consent, and neither would
the police be able to, so I told them that I did not want them to inform my
parents of it.

A couple of weeks later the school told me to go to a local police office for
questioning, which I did. The police officer that questioned me was a likeable
person. Not friendly but not hostile either. Simply serious and factual.

In the end, I was given a fine of about $600 and the incident was recorded on
my criminal record, which up until then had been clean.

My father found out about it when a letter arrived in our mailbox, sealed and
addressed to me but with the name of the governmental entity that collects
fines on it. When I got home he was sitting at the table with the letter. He
was visibly upset. He had not opened the letter because he couldn't but
instead he told me to open it in front of him. I said I didn't want to but he
said that I had to so I did. The letter did not say what it was about, just
the amount of money I had to pay and when I had to pay. So instead I had to
tell him everything and I did and he was upset with me for a very long time.
Since then I have regained his trust.

At first I was upset that someone "ratted me out", as I saw it. Esecially
since not only was he a friend of a friend, but he was also a person I had had
classes with and while we were never friends perhaps, we did have some sort of
bond through our shared passion for programming.

Over time, I have come to realize that his alerting the principal about what
was going on was the best thing that could have happened.

I was headed down a path that could have landed me in a much worse position.

Thanks to him, it stopped there.

I am a different person now. My fasination with computers remains but I have
learned to adhere to the policies and the laws that apply to systems, as well
as being respectful of the privacy of others in a manner that I clearly wasn't
when I thought it was ok to keylog the account credentials of my fellow
students. (Thankfully though I never was tempted to read other peoples e-mail,
personal files etc., and most of the other students in my school were
impressed with, not mad at, what I'd done once it became known.)

Some of my recklessness and disregard may have been due to lack of maturity,
some of it due to lack of experience (where up until then anything I did with
a computer always was undoable with a red little floppy disk, since up until
then only myself was affected by my actions on the computer). Still, as I
said, I think that if it hadn't stopped when it did, I might have ended up a
very different person.

------
peapicker
Based on the timeframe, I bet the software that found/cleaned the virus was
F-Prot.

