First, that the pranksters were so egregiously responsible in the way they went about it. They avoided disrupting any actual educational activities; it was meant to be harmless fun, not vandalism. No harm came to anything here.
Second, that they documented their findings to the administration as part of the action, including recommendations for improvements.
Third, the administration took this as exactly that: a harmless prank by smart, ethical kids who ALSO did them a favor by pointing out the vulnerabilities. If the admin had a panicked fit about this, they could have made it an ugly situation.
My educational experience was populated far more by "freak out and yell" types than this school district, which was a shame.
In our high school they didn't expose the gradebook in that you could get in and change it, but we were able to see everyone else's grades. Teachers would post grades for their class and "obscure" it by posting it with the student ID (you were only supposed to know your own) next to the grade. But when the posted, the entire list was still in alphabetical order so it wasn't hard to figure out everyone's grade and student ID.
And the cherry on top of this was that all the students' passwords were their student ID.
Junior year in high school, I got suspended for "hacking."
The tl;dr is that I was using a proxy to fetch assignments for class (because the county decided "yeah, this state run Moodle instance is obviously not appropriate for education" and one of my classes used Moodle) and got caught with the proxy configuration screen open. I wish I was joking.
Anyway, when I was sitting in the guidance counselor's office as the teacher was talking up how "dangerous" I was, I noticed a sticky note with a username and password written on it. Turns out it was an admin account for the gradebook, though I think it was just intended for scheduling.
I never did anything bad with those credentials, but that really tanked what little respect I still had for the administrators there.
On a lighter note, when stack exchange & co got blocked the next year, I was good friends with the librarians since I helped out a fair amount fixing up their laptop carts (and doing other things the sysadmins were too busy to take care of), and they were able to get them unblocked. It taught me a lot about office politics: people are willing to return favors, so you should always make those connections.
I mean, why did you have any in the first place?
I've met very, very few employees of high schools who were worthy of any sort of intellectual or professional respect.
Assuming you took the video at the top of the article, it was presumably trivial to figure out who was in the class you were in and then rule out everyone who appears on camera as the camera man. Or just ask the teacher...
It was Rainmeter; I was showing it to a friend. The IT guy even was like "yeah Rainmeter's pretty cool, I read about it in a magazine". But it was auto-detected and school policy, apparently.
Why report when you can simply administratively deny?
My own child will never use a school-issued laptop or school wifi.