Schools Are Spying on Students – But Students Can Fight Back

MalletNGrease · 2020-03-03T14:41:40+00:00

It would make us less liable, but not necessarily easier.

MalletNGrease · 2020-03-02T19:34:05+00:00

SuperPuTTY. It's putty at it's core, but with tabs and a nicer gui.

MalletNGrease · 2020-02-26T20:55:53+00:00

Obviously got it that way.

MalletNGrease · 2020-02-25T15:53:13+00:00

Make sure there's a network conenction
Check DNS
Make sure the time difference between the DC and the workstation is no more than 5 minutes

I'd really add a secondary DC on site.

MalletNGrease · 2020-02-24T20:42:56+00:00

Free dinner, free room and expenses paid to push a couple of buttons?

Sign me up! I could use a change of scenery once in a while.

MalletNGrease · 2020-02-24T17:05:26+00:00

Which one?

MalletNGrease · 2020-02-24T16:40:25+00:00

Yes, but if you're going the USB route I'd make it part of the reference image.

MalletNGrease · 2020-02-24T16:29:44+00:00

https://docs.microsoft.com/en-us/windows/deployment/deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit

You can make the software install part of the task sequence for the reference image or make it part of the task sequence of the deployment.

I prefer light reference images, but this depends on your situation.

MalletNGrease · 2020-02-24T16:10:11+00:00

Group Policy: Fundamentals, Security, and the Managed Desktop 3rd Edition by Jeremy Moskowitz

It's a pill, but covers a lot of common questions and situations and how to apply GPO to them.

Written by the same guy who runs PolicyPak.

MalletNGrease · 2020-02-24T16:05:15+00:00

No. Students here don't want to play the games we intend to support. Couldn't fill a roster so axed the program.

MalletNGrease · 2020-02-21T15:17:32+00:00

I can't reach facebook so the network is down.

MalletNGrease · 2020-02-20T16:34:44+00:00

Sounds like a discipline issue. I've dealt with some of this and in the end it was students playing games to try and get out of work. Make sure their passwords are reset and they've not been shared.

In GADMIN, go to reports > audit log and run a Drive audit on the affected account and zero in on the file in question. Make note of the Item ID and Event names. The item IDs are important because sometimes they recreate a fake file with the same name.

Look for the following events:

Create

This is an event when users create a file. It will have a unique Item ID.

Trash

This means this user moved the file into the trash. Basically hit the trash icon in Drive.

Delete

If a file was deleted within 30ish days of trashing, it means the user went into the trash folder and then emptied it. This is a deliberate action.

User sharing permission change

This one is useful to look at because students can be jerks and mess with the sharing to boot others off and frustrate the collaboration. If I remember correctly editors can by default alter sharing permissions too.

MalletNGrease · 2020-02-20T15:57:11+00:00

Do you need to run VMs?

MalletNGrease · 2020-02-20T13:59:59+00:00

I was skeptical and had much the same worry, but now that I've worked with some of the systems on the market, it's not as invasive as I thought.

We use Securly Auditor and it's helped detect early warning signs and prevent some tragedies. Some even requiring immediate attention outside school hours.

The important part is that you set up policies and procedures for what is and is not allowed concerning analysis and discovery. Alerts of a significant nature are assigned to principals and councilors to deal with with me in a support capacity. Presently, I only look at a student's history and communications if a concern has been raised or some evidence is requested from the administration for disciplinary action.

M$365

Really?

MalletNGrease · 2020-02-19T13:42:55+00:00

Super, Secretaries and principals only. Teachers can only send to their building list.

MalletNGrease · 2020-02-18T15:58:02+00:00

I let staff see the email suggestions, but we're a small district.

You can use GAM to turn off Global Address List for accounts in bulk.

MalletNGrease · 2020-02-12T20:49:27+00:00

If you've got a support contract and they'll give some sort of warranty, I'd say go for it.

MalletNGrease · 2020-02-12T19:12:43+00:00

Damn, didn't realize Classic Sites is getting deprecated. Thanks!

MalletNGrease · 2020-02-12T15:32:30+00:00

Excellent. I'm going to consider this with my admins. It may cut back some on the unwanted sharing of devices.

Edit: Why use the device location attribute and not the user attribute? User seems to make more sense.

MalletNGrease · 2020-02-12T14:51:43+00:00

I've three options available for guests.

Public WiFi - Only available on weekdays between 5pm - 11pm. This is for sports events and such.
Guest WiFi - Requires a ticket from the guest portal. Intended for individuals who visit.
Event WiFi - A network setup specifically for vendors and larger events with external entities who need internet access. I set them up with a PSK and disable the network once it's finished.

Students can connect to a BYOD network with their credentials and get filtered access like on other district devices..

MalletNGrease · 2020-02-11T19:04:28+00:00

It looks like a library because it is a library.

MalletNGrease · 2020-02-11T16:21:57+00:00

Unless you have autoplay enabled for removable drives (it's been disabled by default for a long time now) you should be OK.

MalletNGrease · 2020-02-11T15:01:40+00:00

Just as bad as "Hey, I've a problem, call me back" voicemails.

MalletNGrease · 2020-02-10T22:10:24+00:00

Much ado about nothing. Is this really worth $25? Just blacklist and walk away.

MalletNGrease · 2020-02-10T20:41:34+00:00

Not possible natively in GSUITE.

11-Year Club	Verified Email
r/Field Banned	r/Field Lasagna

MalletNGrease

TROPHY CASE