Turned out I was wrong, it wasn't just spyware, the school system installed a full blown rootkit automatically when kids logged into their email.
1018 2017-05-09 by omnicidial
Here's a better full write up of all the pertinent information. This took forever to put together fully:
TLDR: This is all the data showing how Putnam Co TN is wiretapping any computer that a child from Northeast elementary school ever logged into chrome with (and other vectors) by a browser extension it installs into the background which gives administrator control of the infected device.
All the resources demonstrating how Putnam Co TN is wiretapping the homes of at least all the kids in Northeast elementary school who ever logged into their email accounts on a home computer. Can see all browser use, but additionally gives itself admin permissions to the computer, the google policy by itself would have given them the use history, the extension gives them far greater control over the infected host system.
http://law.justia.com/codes/tennessee/2010/title-39/chapter-13/part-6/39-13-601 - state law on wiretapping
http://imgur.com/a/mXDIf - Northeast elementary school computer use policy.
http://imgur.com/gallery/UitVu - screenshot of how the google administrator policy was used to install a required extension. Top line of policy also blocks notification window that any of the required extensions are being installed. http://cdn.imperosoftware.com/knowledgebase/edupro/manuals/rollout-guide.pdf - manual page 22 of the required extension shows proof of wiretapping of all computers with Imperio extension installed, which is automatically installed on home computers if a child logs in. Says clearly captures all browser use, also allows administrator control of computer.
"6 Browser Extensions The Impero web browser extensions enable you to filter and log Internet activity from Internet Explorer, Google Chrome, Mozilla Firefox, Safari and Opera browsers." - in some instances it's doing more than that, it gives administrator permissions depending on browser used to log in some give more or less permissions. Also makes a difference which operating system. Windows based systems give FAR more control to the extension, the others appear to possibly be sandboxed to their own user account in Mac or Linux.
It also gives crazy access to things like your power subsystem and ability to automatically turn on your computer if wake on lan is enabled: "The Power Management tool allows you to save money by powering off computers in different rooms across your organisation on a schedule, or even automatically power off computers that have been idle for a specified amount of time. "
Patch management: it can install software: "The Impero 'Patch Management' system ensures that computers across your network are all up-to-date and running the latest patches. It scans remote computers to identify which patches are missing, and will then download and apply the patches as per a predefined schedule. Providing your computers support Wake-On-LAN, Impero Patch Management can wake up computers, apply patches and then power off the computers during the night or any other convenient times."
So by installing Imperio, and then using patch management, you can install anything you want into the host system. This is by name a viral attack vector known as a rootkit. "root·kit ˈro͞otˌkit/ nounCOMPUTING a set of software tools that enable an unauthorized user to gain control of a computer system without being detected."
TN Annotated 39-14-602 "(b) Whoever intentionally and without authorization, directly or indirectly: (1) Accesses any computer, computer system, or computer network commits a Class C misdemeanor. " "( 5) Makes or causes to be made an unauthorized copy, in any form, including, but not limited to, any printed or electronic form of computer data, computer programs, or computer software residing in, communicated by, or produced by a computer or computer network commits an offense punishable as provided in § 39-14-105."
They're doing that right now to anyone at home. Funny part is they have it linked in their own document 4406 below as legal reference. http://images.pcmac.org/Uploads/TennesseeSBA/TennesseeSBA/Departments/DocumentsCategories/Documents/4406_87.pdf - Putnam Co School board policy document. Never states that home PC monitoring will take place. Says you can totally opt out the computer policy by contacting the director of schools. Northeast told me that was impossible yesterday as well.
You can see clearly in state law, it's illegal to bug home computers, the school use policy does not state it is going to happen at any point and parents are not notified, nor do they sign permission to allow software installation on their home computers via the chrome administrator account permissions, which turn off all notifications it is being installed, and allow it to control your microphone, camera, power settings and more. All that info is in the impero manual above.
In theory it would also allow them to do the same to every educator, but they force them to sign a document authorizing it.
I'm going to attempt to talk to the superintendent of schools about this, doesn't appear legal. Waiting on a response from him now.
244 comments
n/a passenger_pidgin 2017-05-09
this needs to go to r/all
n/a Gaslightin 2017-05-09
You can't post to r/all
n/a 500my 2017-05-09
wait a sec
n/a Dogetor_Doge 2017-05-09
What does that one computer company have as motto ?
"INTEL(-ligence agency) INSIDE" wasn't it.
Or was it "Government inside" ?
n/a We_are_all_satoshi 2017-05-09
Your Butthole, Inside
n/a Smiley_Iris 2017-05-09
What secrets does it hold?
n/a wlee1987 2017-05-09
Its the brown cave where the terrorists hang out
n/a quantumcipher 2017-05-09
You mean the brown eye of providence? What doesn't it hold, is the question.
n/a megalodon90 2017-05-09
All we know is... it hungers.
n/a TimeBandit88 2017-05-09
Odin's Eye
n/a 4ktvs 2017-05-09
I agree this school needs some time in the spotlight so there crime gets a lot more exposure.
n/a lethalmanhole 2017-05-09
I thought I was reading r/privacy for a minute.
n/a LauritzT 2017-05-09
That's not how /r/all works...
n/a turby14 2017-05-09
If the superintendent doesn't respond, go to your local news station or newspaper. You could also try ArsTechnica, they would probably be interested in this. Finally, I'd find a lawyer especially if any of your systems have been infected.
n/a ryoushure 2017-05-09
I second this. Take it to the local news orgs. Let the school publicly explain publicly why they are tracking everything their students do online outside of school.
n/a omnicidial 2017-05-09
Getting there taking a minute to prep it all.. Had to read 40 page manuals, and dig thru stuff, a lot of it was gathered by redditors in other threads when I was simply suspicious it was doing something screwy, they were able to gather the info faster than I could have.
n/a Seinfeldologist 2017-05-09
Check out the CFAA (Computer Fraud and Abuse Act) as well. It's incredibly broad and, I believe, it could be applied if any student logged onto their email from another state.
n/a ocelost 2017-05-09
Yes, and don't water it down by describing it as "tracking". If they installed rootkits, this is more like what governments call cyberwarfare, and is probably a criminal act.
n/a pubies 2017-05-09
Techdirt loves shit like this.
n/a JeffersonsSpirit 2017-05-09
I would add the EFF to that list, the ACLU, and possibly the FSF (free software foundation). All of them would take a massive interest in this, even if it is somehow justified to be legal.
The intent of this crap is clear. It would be bad enough in virtually any situation, but that is related to a school is just completely foul. Kids are totally helpless against sophisticated adult exploitation- they need adults to protect them from these threats, to educate them of these threats, and they need a voice that says this shit is wrong.
n/a quantumcipher 2017-05-09
Agreed. OP should contact them directly, as well as any local and online media outlets of relevance, and post their findings in other subreddits to increase awareness to the issue.
n/a TheWiredWorld 2017-05-09
He needs to go to the newspaper regardless.
n/a TheMuffnMan 2017-05-09
Except OP doesn't actually understand what's going on and went full conspiritard. Chrome ADMX/ADML templates are used to manage it in the school (or business) setting and are applied by AD Group Policy to domain computers.
IE policies don't apply to Chrome, Firefox, or Safari so you need the other templates in place.
If his screen shot is from a home computer, my actual guess is the kid signed into Chrome at school and at home with their school account. Chrome can roam your installed extensions from one PC to another, just like bookmarks. The school isn't pushing a plugin on a home PC and they certainly are not getting privilege escalation on a home PC through a Chrome extension.
Just have the kid sign out of their school account in Chrome and poof, the extensions are gone. If it's a school provided PC I'm not sure why OP is even concerned. They very liked agreed to monitoring of activity when they accepted the PC. For all we know it could auto connect to the school's VPN so the traffic is going over their web filters anyway.
I'd need to dig into his other claims and see what each of the extensions does but OP is going straight to the deep end without reason.
n/a lugenfabrik 2017-05-09
Incorrect.
n/a gamesoverlosers 2017-05-09
Hate to break it to you, but plenty of districts have the resources to issue laptops to students, of all ages. Happens across North America, likely around the world.
All of your understanding of technology seems to be quite outdated.
n/a TheMuffnMan 2017-05-09
You are so far off it's funny. Stick to /r/conspiracy and out of technology subreddits.
I do design and implementation of what I've described for a living. Many, many school systems provide students with computers and have for a while.
You also clearly don't have a grasp of how these systems work and calling my suggestion "idiotic" proves that point. I seriously, 100% promise you that you have no understanding of what you're talking about and clearly do not understand the content in my post.
If a user logs into PC1 and signs into the Google Chrome browser this will automatically download their associated plugins, bookmarks, etc. This is called "roaming". It's been done for years. On systems in a domain a school may implement Microsoft Roaming Profiles or any one of the other technologies to roam settings and such (RES Software, AppSense, etc). This is separate from Google's account.
Layered on top of those basic items would be Active Directory Group Policy Objects (GPOs) which is where security, lockdowns, auto-config, printers, drive mappings, etc can be managed. Google Chrome has ADMX/ADML templates enabling administrators to manage the browser. That includes extensions, settings, etc.
When a user logs off of PC1 and onto PC2, the settings in their profile are saved to a central store/share and then copied to PC2 during the logon process. Again, separate from that you have the GPOs and Google Chrome stuff.
If the student logs into the web browser (probably should be blocked and managed with the roaming profiles actually) and then goes home and signs into the browser as well Google, not the school could download and install settings because that's why you sign into the browser. It roams the settings. It has absolutely nothing to do with the school or their system/settings at all.
Seriously, it's obvious you do not know what you're talking about.
n/a Poopin4Fun 2017-05-09
TheMuffnMan def knows his stuff. Actually had to explain this policy to a parent at the previous school I worked at. It's so hard to explain technology to people with zero education on the topic. It'd be like throwing me in a chemistry lab and expecting no explosions to take place. Once you get into large active directory group policies...it's no longer something everyone understands.
n/a lugenfabrik 2017-05-09
Thanks for the self-conscious, self-defensive, unpersuasive, fraudulent reply, fraud.
n/a TheMuffnMan 2017-05-09
I could literally max out four reddit replies explaining how it works but something tells me you would still be unconvinced. You do not know the technology and it is apparent. Feel free to go through my post history and read the technical solutions I given on multiple sections (sysadmin, Citrix, VMware, Windows, etc) for evidence I know what I'm talking about.
You're not going to do that either because you'd rather believe this is a giant conspiracy of the school to gather data from home computers.
n/a lugenfabrik 2017-05-09
Could you stop with the obnoxious verbose replies? I'm really uninterested in your nonsense.
n/a Poopin4Fun 2017-05-09
I've worked for 4 school districts in the past 12 years. all issued laptops to EVERY student...comment on things you know about...
n/a lugenfabrik 2017-05-09
Good for you, you somehow worked at the only schools districts that have the funding to give every student a laptop.
In a parallel universe of course.
n/a LongWalk86 2017-05-09
No, 1 to 1 device programs are very common especially in the higher grades. A Chromebook can be bought for well under $200.
n/a SirGuileSir 2017-05-09
I don't think so.
"Getting there taking a minute to prep it all.. Had to read 40 page manuals, and dig thru stuff, find the laws, a lot of it was gathered by redditors in other threads when I was simply suspicious it was doing something screwy, they were able to gather the info faster than I could have."
"I'm going to attempt to talk to the superintendent of schools about this, doesn't appear legal."
OP is just looking into the matter in an informed manner. YOU are the one attempting to SJW your way into this, escalating the conversation to him being unreasoning in the matter, and going all overboard in his efforts.
You want to "dig into his other claims?" Fine. But you've already shown an amount of confirmation bias, and he appears to be making efforts towards proper due diligence of full situational discovery without your venial, extraneous, and acerbic involvement.
n/a TheMuffnMan 2017-05-09
A non-technical person making technical claims and posting on /r/conspiracy convinced a school system is hacking into his personal computer via a Google Chrome plugin and is a rootkit in effort to install, manage, and uninstall whatever software on his machine.
Those are his claims/concerns. They are all ridiculous.
n/a SirGuileSir 2017-05-09
Biased. Sad.
n/a hurr_durr_SO_META 2017-05-09
In /r/legaladvice posts or comments encouraging others to contact the media or to post on social media get removed. Sometimes, though, it appears to be one of the best options.
This case appears to be one of them.
n/a omnicidial 2017-05-09
I got a response from him now, at first he offered to have a meeting at his office where he was going to bring an expert from a university, I was required to come alone, then he was going to be allowed to record audio and I was not going to be allowed to record.
I told him that was a waste of my time, I could publish the information I have without him, the only reason I was offering to meet with him was to discuss solutions and I wasn't coming without being allowed to bring the same number of experts as him.
He then responded by having an attorney send me a letter saying to contact them instead. I'll publish it all soon, including his emails and mine to him, and what he had the lawyers respond with.
n/a MoeOverload 2017-05-09
If the superintendent doesn't do anything, take all this info to a good lawyer and ask him if you have a legal(or lawsuit) case against the school. If you do, go from there. Remember, never take any legal advise from anyone here on reddit, claiming to be a lawyer or not. Always ask your lawyer first.
n/a omnicidial 2017-05-09
There is a high likelihood he never responds. I didn't know it, turns out he used to own a computer business and is likely the guy who implemented this. I bet I never even get acknowledgement that I opted my kids out.
n/a SexualExpression 2017-05-09
I've heard of so many schools surveilling students along these lines. There's no reason a school should take such an active interest in a child's off-campus internet activity. It's creepy and fucked up. The people running these schools are pathological control freaks and they need to lose their positions.
n/a excaliber90887 2017-05-09
You've gotta remember, these are being installed on the computers, not on the user accounts of such computers. They are literally spying on the entire family.
n/a omnicidial 2017-05-09
What it's doing is running an extension in chrome that gives them that backdoor, then they have ability to patch literally anything in windows, linux/mac looks like not so much.
They can turn the cameras/mics on too possibly. Some probability this is confirmation bias, but some kids are now saying to my kids they saw their webcams turning on randomly. One of those I can verify 3 girls saw a webcam kick on while using a mac, but the light turned on, and they covered it with a bandaid, that one my kid told me, she's an awful liar I'm 99% sure she's not making it up.
Can't verify the cause, hearsay as fuck, all 3 unreliable 10 year old witnesses sounds like the damn salem witch hunt, still makes me uncomfortable.
n/a Herxheim 2017-05-09
that little tidbit ought to make the superintendent shit a brick.
n/a AtlasDM 2017-05-09
The general public generally doesn't care about computer privacy, but if word gets out someone at the school hacked a computer webcam to spy on little girls... that will make headlines.
n/a payl0ad 2017-05-09
It wasn't hacked. The school enforces a policy that gives their contractor admin permissions on all PCs the students use Chrome on. There's no hacking involved.
The legal problems they can get from stuff like this is mindboggling. And they do break the law doing this, as they were never authorized to access non-school computers.
n/a AtlasDM 2017-05-09
I understand that, but the details of how it's done don't matter to the public though, and they certainly don't matter to the media.
n/a perfect_pickles 2017-05-09
its been done by other schools, caused ructions too.
n/a TheMuffnMan 2017-05-09
Lol, no they can't.
The school is not gaining any elevated permissions on your system through a Chrome extensions. Christ.
n/a gamesoverlosers 2017-05-09
While I agree.
https://chrome.google.com/webstore/detail/impero-education-pro/gblkchompccdlgleecnffhlefbhejhhb?hl=en
It still does enough to piss me off, and others I'm sure. No one should be taking active screenshots of my browsing, let alone a school IT department. Reviews are populated with students clearly stupid enough to log into chrome browser with their school provided google powered email account, thus OP has some valid beef. If the school system has an Impero server hosted with external access, there's no reason this extension wouldn't work in the wild just the same as it would on their owned devices on their internal network.
n/a TheMuffnMan 2017-05-09
The OP should be upset that his child, who doesn't grasp the roaming concept, is signing into the browser with the same account. This is nothing to do with the school or their settings.
And again, this software in no way is going to give any NTFS/security permissions and certainly isn't going to elevate them on a home computer.
The installation of software is likely verbiage related to its ability to install/manage plugins/extensions within Chrome.
n/a gamesoverlosers 2017-05-09
Like I said, I agree with your position. It's not going beyond the browser from what I've read about the extension and people are conflating a browser and an OS in their head and don't understand the difference between the two on a computer. Just like they don't understand the difference between logging into their email, and the chrome browser itself.
The school should still issue a statement stating the implications of external use.
n/a TheMuffnMan 2017-05-09
I'm actually surprised they don't block signing into the browser itself. Most companies I install Chrome for we'll disable sync:
https://support.google.com/chrome/a/answer/6309115?hl=en
Then you roam their settings within the profile management, whatever product that may be.
n/a gamesoverlosers 2017-05-09
Again, I can only agree with your position. It's likely shortsighted action on the IT departments end, but if it is known and understood internally they should adjust group policies accordingly and alert parents and students alike of the change and why. Transparency is going to be pretty key if OP cleans up his position and addresses the real concerns with the school board.
n/a threwahway 2017-05-09
You're so dumb. The chrome extension doesn't give them a backdoor into your computer. Google would NEVER allow that. It allows the school to control CHROME and only if you log in via browser, dolt.
n/a TheMuffnMan 2017-05-09
Chrome extensions are per-user basis...
If they all use the same account and the child has logged into the Chrome browser then that's a different story.
n/a mastermind04 2017-05-09
this type of stuff is why I am paranoid, and only use the chrome browser to do school stuff, and Firefox for general purpose then a secret not technically installed browser for anything questionable. Then a Linux hidden distro that would be hard to find, as the hard drive is completely hidden and unmountable in windows. I don’t think the university I go to would ever do this but It is better to be a paranoid and safe then finding out someone is spying on you.
n/a keflexxx 2017-05-09
Look into qubes
n/a 5dreality 2017-05-09
Thanks for posting this, never heard of it and checking it out
n/a JeffersonsSpirit 2017-05-09
Qubes is a solid piece of kit.
A Linux distro with KVM machines to separate tasks would work as well, but Qubes is built for it.
It is however a MASSIVE ram whore... you pretty much need 8GB for decent performance, and 16GB is recommended. 32GB is the RAM you need not to worry at all about ram. But thats life when everything is running under a VM. You can get away with less RAM if you are very careful about what you run, you use minimal templateVMs, do one task at a time, etc.
n/a LOLZebra 2017-05-09
As someone with 32gigs of ram this is giving me a hard on and will have to go try it out.
n/a Donkey__Elephant 2017-05-09
This is all indoctrination to teach kids at a young age to get used to having your every move tracked and recorded. This way when you grow up and the government is doing the same thing it won't be anything new. Welcome to the nanny state.
n/a Gaslightin 2017-05-09
Report them to the FBI?
n/a LloydBentsen 2017-05-09
Now is probably not a good time for them.
n/a Gaslightin 2017-05-09
2 s00n
n/a Gaslightin 2017-05-09
Hopefully the new director won't come with Loretta Lynch balls deep in their taint.
n/a OrdinaryPanda 2017-05-09
They'd probably just update the school's spying tech.
n/a alwayslurkeduntilnow 2017-05-09
Hi OP. How is the impero software getting onto the student home computers? I have read your post a few times and I must be missing something, are students forced to download something to access school work which includes the impero tracking?
I am Head of Computer Science at a high school in the UK and we use Impero a lot in the classroom, not just for managing access but for distributing and receiving work. I have always found it an impressive and handy classroom tool. We do not use it at home.
I can tell you from the admin side impero stores a huge amount of data on its users, screenshots, video, browser history, program usage and more.
n/a omnicidial 2017-05-09
When they log into their school issued email account, it installs administrator privileges that block the screens which ask your permission to install extensions by google administrator policy, then it installs that extension in the background without ever showing the popup notification/warning anything is being installed.
From that point they can patch all the software in the machine on windows, capture all browser history, see all installed/running software etc, use wake on lan to start the system, or power it off, or change power management settings.
n/a alwayslurkeduntilnow 2017-05-09
Wow, just wow. Should my administration ever suggest this I will be strongly advising against it. What a can of worms it opens! Not just the spying on kids but others in the house.
n/a threwahway 2017-05-09
He's wrong about the abilities of this software.
n/a meneldal2 2017-05-09
How does it do that? A decent web browser should always ask for confirmation when a change like this is done. So is this a Google Chrome bug/feature?
n/a omnicidial 2017-05-09
Look at the linked manual. In the case of chrome you apparently can disable the warning by the administrator policy in the image I linked but it shows it either asks permission to install or does install in opera, Firefox chrome, edge, ie, safari.
In chrome the permission request screen for everything, insecure site, extensions, etc is disabled by that setting at the top saying something about insecure browsing.
n/a meneldal2 2017-05-09
But how is this even allowed? That's like the entry point for any malware. Plus you should always have to confirm the administrator policy.
Also how does this shit goes through the UAC barrier?
n/a omnicidial 2017-05-09
Its a bad call in terms of design, but you normally would treat the administrator as a trusted party, just in this case, he's not.
n/a ItsNotHectic 2017-05-09
/r/badsysadmins
n/a omnicidial 2017-05-09
Appears to piggyback the browsers ability to write/modify in windows to do things, in linux/mac im not sure it can access anything the browser can't normally touch in it's normal folders and user account, but it's somewhat possible with group permissions it could do some dumb shit, but it has that setting disabling the warning in the admin setting too in chrome.
Without sitting at the damn panel for it, I can't prove how much it can do on what version, it might be limited in some ways depending on version of OS and otherwise, there isn't a way I can prove or disprove that though.
n/a meneldal2 2017-05-09
If you didn't start Chrome with administrator, no matter how compromised is your Chrome (we'll assume 100% under the control of the malware), it shouldn't be enough to install software on the computer or turn it off. If it could, that means there's a big hole in Windows there as well.
Can you connect to the website with a VM or a throw away PC to check how it got inside Windows?
n/a omnicidial 2017-05-09
It's unnecessary it shows how in the deployment guide/google admin page.. it installs as a required extension when they log in, the manual tells how it got installed. Page 22 is the deployment guide that explains how it happened in the manual for the software.
n/a meneldal2 2017-05-09
So when you log in the first time, you still get a prompt asking you to accept that Chrome thing. What I don't get is how it gets out of chrome. The rollout guide says this only installs the addin. So while it sucks, it only fucks up your browser.
n/a tacostep 2017-05-09
chrome installs spyware fam lol
https://www.theguardian.com/technology/2015/jun/23/google-eavesdropping-tool-installed-computers-without-permission
n/a elgraf 2017-05-09
The client systems would need to be joined to a domain to receive the client software via Group Policy (or other managed software deployment means - SCCM / CASE / etc).
This only affects school-owned computers joined to their domain or otherwise enrolled in their fleet management solutions.
n/a meneldal2 2017-05-09
So in practice it isn't that bad, they just know what you do with one browser. The smart thing to do is to get a portable chromium or the like and use it for their shit and nothing else.
n/a elgraf 2017-05-09
Unless you were to install the management client on your home computer, then enrol your computer into the school's management system (which would involve granting the school's system administrator remote access to your computer by setting up either a local administrator account for this purpose or joining your computer to the schools 'domain') then they don't know anything.
This sort of thing only works on what would be called 'managed' computers. i.e. they are the property of the school and have special software installed so that the systems administrators can control them (i.e. deploy software, configure settings, install patches, etc).
n/a smackson 2017-05-09
Sorry to be all up in your words, but I'm really having a hard time understanding what you mean in either sentence here actually...
"In the case of chrome you apparently can disable" ... meaning the nefarious website can disable it??
That would be a giant effing security hole in Chrome, no?
n/a cree340 2017-05-09
It technically does, but not specifically for the impero chrome extension. Since the account is a Google Suite Education account, managed by the school, the school set a policy to automatically install the extension as shown by the screenshot. However, when you use a G Suite account and log onto chrome on a new device, it will warn you about linking chrome data to the managed account and in the dialog box will states that you are giving the administrator control over your Google Chrome Profile, including the apps installed in the browser, browser history, bookmarks, etc. You then have to click "Link Data" to logon to chrome with the school email account. After you do so, the school can remotely install extensions and apply policies on chrome without permission.
n/a elgraf 2017-05-09
Not without the client software being installed first it doesn't. This sort of system is intended for use on school-owned computers (which should be covered by a privacy policy spelling out what privacy can be expected) where the network administrator has the ability to deploy software to the fleet over the LAN. See the rollout guide in the manual you posted if you want specific details of how the client is rolled out. Unless your home computer is owned by the school, then there is simply no way they can deploy the client to it.
No client software, no control. This does NOT affect home computer use by simply 'logging into email' but would only affect computers owned by the school that have the client pre-installed.
n/a gamesoverlosers 2017-05-09
It CAN be set up to preinstall if the user logs into -chrome-, not just their email. If chrome prompts them, and they know they have a google powered school provided email, they'll likely use that. Logging into the browser is what's causing the automatic installation. I have plenty of my own extensions that follow me across machines similarly.
OP has some legitimate concern here, children should be being told not to use this shit at home, or at least not to log into chrome with it.
n/a threwahway 2017-05-09
Op does not have a legit concern. Nothing was installed to windows, just the chrome extension which does not give access to the computer or OS. If chrome did that, nobody would use it. There is literally nothing in the screenshots, even the links, to suggest that software other than the chrome extension is installed. Further, sign in to chrome is unnecessary and the installed policy can be removed by logging out.
n/a gamesoverlosers 2017-05-09
You should look at the extension itself in the chrome store. It explicitly claims it will filter web traffic, can screenshot the browsers active tabs and so on. Not at at the OS level, but browser level. That's still not ok. Of course sign in is unnecessary, but again, look at the chrome store entry for the browser extension. Most comments in the review portion are by people who think logging in with their school credentials IS necessary and they whine about the effects of such. You and I may understand the difference between a browser and OS, but these end users clearly do not, and it's likely students who use these credentials to log in at home won't either. The school, if aware of the setup of their school provided google accounts consists of what OP is claiming even if only within chrome browser itself, absolutely should alert parents and students to these risks.
If my school could screenshot my active tabs at home cause I was too stupid not to log in at home and subsequently have chrome download and transfer extensions and their settings, I'd have a large problem with that, even if it was my own ignorance as the root of the problem.
n/a threwahway 2017-05-09
THANK YOU!!! These posters are going ape shit over NOTHING!
n/a lytes 2017-05-09
Since you are in the know with this app.
Idk if I missed it, but are these School owned PCs that they let students use throughout the school year, or are this privately owned PCs?
If a privately owned PC would access the the schools email would the extension be installed without the user knowing?
n/a Jackson_Cook 2017-05-09
Sounds like it installs on ANY pc accessing school email
n/a TheMuffnMan 2017-05-09
No, it's Google roaming the user's extensions, bookmarks, etc if they've signed into Chrome.
However OP hasn't provided a fully detailed bit of what's on Chrome and such, just the policies section and clearly is not a tech person.
It's not if they're just accessing school email. It's the user signing into the browser.
n/a threwahway 2017-05-09
It only installs a chrome extension and only if you log in to the chrome browser itself with your account. The browser extension can't do anything outside of chrome and again, you don't have to sign in to the browser.
n/a KJ6BWB 2017-05-09
It sounds like the student logs into Chrome at school, where the extension is installed. Then, when the student logs into Chrome elsewhere, the extension comes along for the ride.
n/a alwayslurkeduntilnow 2017-05-09
The implications to this are immense.
n/a OkeydokeyCyborg95 2017-05-09
Exactly how it works when you sign into Chrome on multiple computers, of syncs the settings, extensions, etc. This is no different.
n/a DoctorMiracles 2017-05-09
This sound big. Reminds me of that scandal about a private school spying underage students via the compromised webcams on their school-provided laptops.
Document everything, check the small print on any internal regulations students have accepted to comply and be prepared to suffer some backlash. Hopefully internal authorities will address this issue but be prepared to go to media if they want to keep this under wraps.
n/a omnicidial 2017-05-09
I got all those papers, no permission to survail was given at hope, even went so far to scan thru CIPA and scan it for instances of the word "home" 0 total in it.
I can't find a state or federal law that gives them permission, the only court cases I know of that concern search at school found the school could mostly search at school saying they had the rights of the parents if suspicious, but not bug their parents owned family home computers when they're not there.
n/a TheWiredWorld 2017-05-09
Wven if there was a law that "gave them permission", the next step would be to get that repealed/not obey it.
n/a perfect_pickles 2017-05-09
because they would be fury if one attempted to be passed.
n/a do-svidanya 2017-05-09
https://en.wikipedia.org/wiki/Robbins_v._Lower_Merion_School_District is the case referenced, if anyone is interested in seeing its exact details. It's quite similar to what you're reporting now.
n/a h1ppie 2017-05-09
I doubt anything an elementary school kids signs regarding school rules can over ride state law. minors can't legally enter into a contract and even if they could, that still doesn't mean the school can break the law. for instance, I can't legally sign myself into slavery, even as an adult.
n/a icaaso 2017-05-09
https://en.wikipedia.org/wiki/Robbins_v._Lower_Merion_School_District
n/a mastigia 2017-05-09
When I saw the title I was sure this was going to be a gross exaggeration, even though I am familiar with your original post. But nope, looks like you did a solid investigation and are exactly right. This is just an abuse of power and the trust relationship between the school and its students and parents. I hope something is done, this is just totally fucked up.
Have you found any evidence that they have used those admin privileges to install anything else interesting?
n/a omnicidial 2017-05-09
No, just that they have the ability to do it according to the manual, and that they were auto-installing the extension.
Past that I have nothing but hearsay that during a sleepover when my daughter was with 2 other girls using a computer the webcam was suspiciously kicking on at random and their moms confirmation that they asked her and covered it with a bandaid, and some other suspicious changes that IDK if windows logs anywhere who the hell did it, but power settings were being changed on 2 computers and I kept fixing them back and they kept reverting to something else.
n/a payl0ad 2017-05-09
If you have admin permissions and know what you're doing, nothing is exactly the thing the computers owners are expected to find.
Meaning, if OP finds something installed by them, it is simple proof that they are either not malicious or massively imcompetent.
n/a ridestraight 2017-05-09
Keep us updated! This is probably going on all over the Nation!
n/a PrincessOfDrugTacos 2017-05-09
You should contact a lawyer and sue them.
n/a omnicidial 2017-05-09
Hard to cover up too much hard copy data already.
n/a PrincessOfDrugTacos 2017-05-09
I'm just saying better to get it all to a lawyer first. The more they can hide the better for them if it gets to court.
n/a omnicidial 2017-05-09
Oh sure I don't disagree either I shot it all to my lawyer before I went to talk to the school yesterday. I keep her aware if I'm going to go talk to anyone official, or if I find anything crazy looking I just shoot it over to her for documentation.
I'm a stand-up comic, and I do a fucking ton of true observational stuff mixed with fake and I'm divorced. I have to ask dumb questions a lot about if something is/could get me in trouble. We have to have really dumb talks a lot where she probably thinks I'm a moron for asking anyway.
n/a rte00 2017-05-09
You want to contact a lawyer before they start shredding documents, deleting emails and having lawyers coach people on what to say.
n/a rte00 2017-05-09
Make sure your dealings with them are mostly in writing. As Tennessee is a one party consent state, I suggest you covertly audio record any in person conversations with the school .
n/a omnicidial 2017-05-09
I didn't record the other day on purpose but it's because I felt like it would have been really unfair to like the librarian at the school with limited IT knowledge to even expect her to understand what I was saying, read the evidence, or believe me. I was just trying to get a copy of the use policy and ask how to opt out, and when she asked why and I explained she immediately said she thought I was threating a lawsuit.. I was like.. nope.. I'm asking for the information because I'm not sure why this program is doing this but I don't think I agreed to it, and I wanna get the info documented. They didn't get it.
n/a rte00 2017-05-09
Look, they've done enough illegal things that you might be able to sue them and win enough money to put your kid through college.
n/a martini-meow 2017-05-09
If her tendency is to jump to worry of lawsuit, then she knows that the IT people know its wrong. She might not grok particulars, but someone has coached her that your type of curiosity is dangerous to status quo that ahe enjoys.
Contact EFF & ACLU, one or the other is likely to have pro bono help to offer.
n/a omnicidial 2017-05-09
Yeah sent over to the EFF now seems most up their alley.
n/a martini-meow 2017-05-09
Dude! I was just thinkin aboit your sitch. Hope all is well.
n/a CurseOfTheRedRiver 2017-05-09
Dude, nobody wants to enter legal battle, but this is often the ONLY way things get done and out in the open.
You're on bureaucratic turf now and you need to fight the bureaucratic way, unfortunately. And that means lawyers. Start mobilizing.
n/a Ilsaluna 2017-05-09
Holy crap! This is so much worse than I'd anticipated from your first post.
Give some thought to speaking with your attorney before going to the media; the last thing you need is some local news dick
distortingeditingdistorting an interview with you for any reason.Keep us updated, please.
n/a mastermind04 2017-05-09
I was already a little worried before reading this always wondering if schools would ever do stuff like this. Anyway if it is possible can you make a guide on how to find, and uninstall this type of spyware, I would like to know more of what to look for, I would search threw all the plug-ins installed but the home desktop has like 45 plugins from my brother installing them, and mine has non, but mine would not as likely be infected, and rarely is used.
n/a omnicidial 2017-05-09
I am going to sound a bit paranoid but I don't trust windows machines to be highly secure ever, I trust Linux to be moreso, and Firefox over chrome because it has less likelihood of any vector of attack, but I use them all myself also, I'm not like some paranoid nutbag trying to use templeos to avoid detection.
I was just alarmed by this when I saw it because it looked suspicious and I didn't know why it was there. I saw suspicious because they got unlucky. It's unusual in Linux for something like Netflix to work one day, then stop the next when you didn't update and no one else has sudo permission, and they blocked Netflix, and my kid was asking me why I blocked it because she assumed I did it.
n/a CertifiedWombRaider 2017-05-09
Lawyer up and go straight to the local news. I hope this shit blows up.
n/a dtdroid 2017-05-09
Hit the lawyer
Delete the gym
Hire Facebook
n/a mastermind04 2017-05-09
Only reason I use Windows Is for video games and because for some reason the software I use for my accounting classes works horribly on Firefox, and can't sign in on Linux chrome. My little brother has his school email that he has to use for his school work. I know the school system, and this seems like something they would do. They monitor people's Facebook and Twitter if it isn't fully private.
n/a omnicidial 2017-05-09
Yeah same for me. I have windows specifically to run a few games on 1 system, Linux on my others.
If the kids didn't play fucking Roblox and threw a fit already I'd put Linux on their boxes so I could manage it easier.
n/a iStrokemyself 2017-05-09
Is it possible to use the Wine program within linux to play Roblox,? I rarely use linux and when i do its only Ubuntu
n/a omnicidial 2017-05-09
Probably. I never tried tbh.
I have an idea to do it more secure but be easier for me to update by putting linux on their machines, then sticking a windows box in the network they can share to stream windows games via steam that won't run natively, but they'll be annoying about roblox more than anything.
n/a elgraf 2017-05-09
In this sort of scenario (i.e. computer is managed by the organisation that owns it and has management software installed) the OS is irrelevant. Linux in such a situation would be exactly as 'secure' as Windows in that it will obey what the system administrator tells it to do.
n/a threwahway 2017-05-09
Theyre NOT doing anything like this unless they own the computer. OP has blown this out of the water. Don't believe me? Cross post to one of the many computer admin subreddits.
n/a CaptainApollyon 2017-05-09
public school or charter?
n/a omnicidial 2017-05-09
Public.
n/a damn_this_is_hard 2017-05-09
Fantastic research OP. I would advise talking to a lawyer incase the the school sees you as a threat instead of someone asking to apply help.
n/a omnicidial 2017-05-09
Lots of it was redditors helping I just organized it better this post so it can be understood what it's actually doing.
n/a damn_this_is_hard 2017-05-09
that's fucking teamwork!
n/a omnicidial 2017-05-09
Lol my favorite karaoke tune. Fuck her gently is like my goto.
n/a damn_this_is_hard 2017-05-09
Glad we're on the same page KG
n/a rte00 2017-05-09
I suggest you contact a lawyer. This is a egregious violation of privacy. This sounds like they most likely are violating COPA, among other privacy and computer laws. I'm sure you could find one willing to take the case pro bono.
n/a seetadat 2017-05-09
Heck yes! I would also contact an anti virus company. They can do an analysis and make it public. They love press.
n/a PM-Me-And-Ill-Sing4U 2017-05-09
This is actually a really good idea.
n/a some_eod_guy 2017-05-09
Having gone to school in Tennessee, this sort of stuff doesn't even surprise me. Just about all the administrative body for my high school was corrupt and did anything they pleased. Don't let them get away with this crap.
n/a JunkyardSam 2017-05-09
Outstanding detective work. This is the kind of thread I come to r/conspiracy for.
I intuitively don't like to share computers with my family members -- and this reinforces my gut feeling it's a bad idea.
n/a gatekeepr 2017-05-09
OP, consider x-posting to /r/privacy and /r/netsec. I'm not certain if their mods will allow your post in it's current form over there so you could message the mods if they would allow your post.
n/a threwahway 2017-05-09
Please post it there so they can laugh you back to your conspiracy forum.
n/a tardis1 2017-05-09
I'm going to get downvoted to hell for this but here goes... Just because the extension can do what you have reported doesn't mean that anyone is using it for that purpose. It could easily be that the extension provides multiple functions and only some are being used on home machines.
n/a omnicidial 2017-05-09
State law doesn't require that it is used for the intended purpose or used in any nefarious way. Connecting to the system and collecting the information is illegal, Mis C, and becomes Felony D depending on how malicious.
There is no "installing software that works as a rootkit via google chrome administrator settings without notification or asking permission" exemption to wiretapping in that linked law, I read thru several laws looking for anything that exempted them somehow but I'm not a legal scholar or law library or w/e.
n/a threwahway 2017-05-09
Not only are you correct, but this moron neglects to mention that he doesn't have the imperi client installed. It's only a browser policy that is only there because he logged into chrome itself. The chrome extension only allows access to chrome and the policy can be removed by logging out of the edu account.
If he had just logged into Gmail, no policy would have been applied.
n/a moco94 2017-05-09
There's a video of some guy lecturing about common core and how the schools are using their issues Tablets/laptops to, for lack of a better word, spy on the kids.. he said it's no secret that they use the cameras to scan students faces and they collect and sell all the data that passes through those particular machines, he also said that some schools will have the Tablets lock out the parents if they recognize their faces and they aren't allowed to check their kids stuff. If I find the link I'll post it but for warning it's around 3 hours long, if you have the time it's well worth watching though.
n/a BadDogInTheDoghouse 2017-05-09
Uuuuhhh because schools have one IT guy managing thousands of tablets and networks...try manual update, patch or reboot on 2000 icky sticky school tablets....it takes a while for one or two techs...now lets say that needs to be done every other week. The schools aint hiring an army of techs to do that
n/a omnicidial 2017-05-09
Did you know you can do the same thing but also block it from installing THAT extension to any location outside the schools own local IP address using most any deployment software that patches things?
You don't have to patch my house, or affect my home power settings via a rootkit to patch the schools "in network" machines.
n/a BadDogInTheDoghouse 2017-05-09
Im just repeating the common complaints I hearfor years from my IT buddy for the school districts... severely understaffed, while the non technical administration managment makes all the IT decisions that make no sense to the IT department....so the networks and patches are always willynilly FUBAR and abnormal.
n/a omnicidial 2017-05-09
In this case the super of schools used to own a computer company and do network admin, he knew exactly what it did. I've done some research into the school board now.
n/a BadDogInTheDoghouse 2017-05-09
Im just repeating the common complaints I hearfor years from my IT buddy for the school districts... severely understaffed, while the non technical administration managment makes all the IT decisions that make no sense to the IT department....so the networks and patches are always willynilly FUBAR and abnormal.
n/a BadDogInTheDoghouse 2017-05-09
Im just repeating the common complaints I hearfor years from my IT buddy for the school districts... severely understaffed, while the non technical administration managment makes all the IT decisions that make no sense to the IT department....so the networks and patches are always willynilly FUBAR and abnormal.
n/a martini-meow 2017-05-09
A yup! You repeated it 3 times, alrighty!
n/a AltReich2020 2017-05-09
Something like this happened 7 years ago:
http://www.computerworld.com/article/2521075/windows-pcs/pennsylvania-schools-spying-on-students-using-laptop-webcams--claims-lawsuit.html
And has probably happened quite a bit since.
n/a LooshFarmEscapee 2017-05-09
Saw your first post when things were murky. Your perseverance is admirable.
n/a omnicidial 2017-05-09
I don't discourage easy.. lol. Lots of people tried to argue it was wrong but never had persuasive logic.
n/a Djb1 2017-05-09
I am a Google admin for a school district. If a student signs into chrome browser (not email) it will download the user policies that we apply for Chromebooks. She should not need to login to the browser to access email.
n/a citricacidx 2017-05-09
This. There's a difference between checking your email and signing into Chrome.
n/a omnicidial 2017-05-09
It doesn't matter if they intended to wiretap or not. The fact they're doing it is still a crime, it only changes the severity.
n/a zeropoint357 2017-05-09
Lol, holy fuck.
n/a Djb1 2017-05-09
OK I want to clear some possible misconceptions up. When your daughter logs into chrome browser it creates a profile within that chrome browser for her. It then applies whatever policies are in place for the school. I assume they use Chromebooks. So they use this policy to install apps to content filter and have classroom management. Whatever is installed will only affect her profile in chrome (you can switch its the box in the upper right corner with your daughters name in the picture you posted). You are technically using a school resource when she is signed into her google account. If you don't like it then don't have her sign into the chrome browser. She can still go to gmail and drive without signing into the browser.
n/a omnicidial 2017-05-09
Not chromebooks.
My personal windows desktops in 2 cases, a linux laptop in the other.
The children were given instruction by the school to log in in that manner when they log in at all times by a teacher, so while I do understand that there are other login methods, this is exactly what they were taught to do.
If the school did it completely on accident, it doesn't make it legal, it only changes the severity from Mis C to Felony D based on malice, it doesn't provide a loophole where the accidental passive wiretapping of my home becomes "this intrusion is fine" in the law posted above.
It says specifically that the act of doing it passively or installing software at all is a Mis C crime.
n/a LDLover 2017-05-09
This is incredibly alarming. What is the purpose that a school would have for having access to a private home network? So simply logging into an email on any computer is now a method to surveil? I feel like this is going to be increasingly common with policy hidden in the details to eventually get in on the monetization of data.
n/a Sjwpoet 2017-05-09
Great work man, they need to be sued.
n/a WarlordBeagle 2017-05-09
Do not talk to them. Sue them.
n/a MK_Ultrah 2017-05-09
r/netsec
n/a BeatnikMessiah 2017-05-09
Well done!
n/a TheMadBonger 2017-05-09
This could be how you get set for life. Talk to some real high class lawyers about bringing a 4th amendment violation lawsuit against the county.
n/a dr_rosenberg 2017-05-09
News and lawyers. I'm glad to see the return to old conspiracy sub. We need to be aware of the lack of privacy we're getting nowadays.
n/a LeBlight 2017-05-09
Holy shit. You need to take this to the press asap. These fuckers think they can get away with it and pretty fucking ballsy of them to do so.
n/a do-svidanya 2017-05-09
If you're interesting in contacting the relevant Tennessee government agencies about this, I would recommend contacting, as follows, these offices:
TN Atty. Gen. - (615) 741-3491
TN State Board of Education - (615) 741-2966
I wish you the best of luck in this matter, OP. This is creepy as all hell, and IMHO, there is NO legitimate reason whatsoever for the school to be invading this far in to anyone's privacy.
PS: you might also try to make a thread on /r/legaladvice , they do have some rather legally knowledgeable people there who might be able to better point you in the right directions.
n/a themadhat1 2017-05-09
send this to the local news paper editor or better yet call them. Putnam county i believe has a bit of history violating rights of just about everyone. see if you cant find an independent circulation...arts music weekly....something like that. im sure someone would like to hear this.
n/a thesarl 2017-05-09
There is only one reason to do this, and it's nefarious.
No excuse is acceptable.
n/a citricacidx 2017-05-09
I almost hesitate to chime in on this, but I am an IT Guy at a high school. We have software on all of our on campus computers that allow us to take control, install stuff remotely, deploy GPO, wake on LAN, etc. These are all very common things when you have a whole network of computers to maintain. Imagine walking around campus turning on/off every computer and installing updates or configuring settings manually 1 by 1 by 1... So, inherently the ability to do these things isn't malicious.
All of our students bring their own devices and we do not install anything on their personal devices, but there are school computers in the library, classroom, cafeteria, computer labs, etc. I'm not familiar with this particular extension, but the only thing I can imagine is they have this set as a user policy through Google Admin to set these permissions on any computer that user signs into with the intention of them using a library computer, a classroom computer, a computer lab computer, etc. I hope that's the case and they didn't realize it would also apply to their home systems. But I can't speak for their intentions.
n/a omnicidial 2017-05-09
It's illegal as hell under federal and state wiretapping in my state idk about yours tho.
n/a citricacidx 2017-05-09
I'm not denying that. I'm just saying the IT person may not have realized it was extended to every computer they sign into chrome with, even off campus ones. There are some school in our area that don't have staffed IT, they have a 3rd party company or they have the IT guy for their district who is in charge of multiple schools and different policies and setups.
I'm trying to play devils advocate on this hoping it's just negligence, but nothing on this day and age surprises me.
n/a omnicidial 2017-05-09
The brand new super of schools (I had met the prior one) owned a computer store. He also has admin knowledge of linux systems from tn tech from school, and when asked point blank the people who knew him to the question "do you think there is any chance he'd try to watch K-4 graders on their webcams for fun for himself" the answer was "yes."
Sorta sick to my stomach I gave him a warning and didn't contact the FBI first thing now.
n/a silentcrab 2017-05-09
I think you definitely want to take investigation to professionals, disconnect your computer from any chance of updates, its evidence.
n/a threwahway 2017-05-09
I have a similar reply. These people are freaking out over nothing.
n/a keyopendoor 2017-05-09
If (and if it's a rootkit, I imagine they do) they have access to the folders on the computers that store pictures.... I can imagine this district being torn apart because of this. TN is conservative to the max. You know the board is gonna get fired.
n/a omnicidial 2017-05-09
I went and asked if they knew it was happening, the lady at the library acted as if she was aware it installed something, then I asked "how exactly did I grant the school permission" and she said "you didn't have to it's just technology."
n/a keyopendoor 2017-05-09
It's silly to think this is the only district doing this.
n/a omnicidial 2017-05-09
It's just that few people would notice the red flags.
n/a omnicidial 2017-05-09
They didn't make that software. Anyone who is implementing it... i'd wonder.
It's easy to check, if your kid has a school email account, have them log into chrome browser with it as a user account, then look chrome://policy page and look at that required extension install list.
If that same hash is on there, yes they can do the same thing.
n/a Khronikos 2017-05-09
Well holy shit.... Goes to erase dog and goat porn in hopes no one knows yet.
n/a omnicidial 2017-05-09
Fuck do I care if they see my wet t-shirt and bikini contest collections and like 90s hot body porn. I'm 36 I grew up watching the same half-assed softcore porn then I watch now.
I do jokes about it on stage, if they wanna know what porn I watched lately I'll give them a list so they can check it out.
n/a zeropoint357 2017-05-09
Oh, they know. They KNOW.
n/a Khronikos 2017-05-09
Well I didn't do it. I would never do anything like that anyway.
n/a DinglebellRock 2017-05-09
'cept that one time, but you didn't make eye contact so it didn't count anyway.
n/a some_random_kaluna 2017-05-09
Hey OP. Post this over to /r/netsec and they might be able to give you a workaround as well. This is bullshit.
n/a OkeydokeyCyborg95 2017-05-09
The workaround is to simply sign out of Chrome and possibly reset the Chrome profile. The "damage" does not extend beyond the Chrome profile.
n/a horrorsystem 2017-05-09
I respect your attitude because of the action that doing an apology for a information that you made turned to be false.
n/a kekbringsthelight 2017-05-09
Yeah. This is horrible news. My friend got called to our school and when she arrived they were about to institutionalize get daughter (13). Said she was "suicidal". Cops are there and had asked her to sign something before the mom arrived (she refused). School had read her email, literally a joke. No shit.
n/a rednaskal 2017-05-09
How can you tell from those screenshots, that impero software is installed? I can see blocked extensions (netflix, vpn, dosbox) and 2 mandatory extensions that are not impero (MyVocab and Compass Learning SSO).
n/a omnicidial 2017-05-09
gblkchompccdlgleecnffhlefbhejhhb;https://clients2.google.com/service/update2/crx that is imperio as it shows up in the required extensions.
Copy paste that in google to verify yourself, it'll come back with a lot of pages like this one: https://crx.dam.io/ext/gblkchompccdlgleecnffhlefbhejhhb.html -- it definitely is imperio.
It was confusing to figure out to me this was vetted by multiple people once before already in another thread to reach this conclusion.
n/a rednaskal 2017-05-09
But that does not show in required extensions.
These two are there: "npfplmfmbflbcffpkpgmhpinemlimnnc;https://clients2.google.com/service/update2/crx" is MyVocab
jbaceiimclclngcpmamngngidchigmom;https://clients2.google.com/service/update2/crx" is Compass Learning SSO
Where do you see imperio?
n/a omnicidial 2017-05-09
Could be my little pony simulator, though, and still violate the wiretap law by letter: "Any passive or active intrusion into an unauthorized computer or network."
I didn't install those, no notifications, etc. Maybe the guy in other thread who linked that part messed up there, in the id of that extension it's where I got the data I see what you're saying now too. Those don't match now I'm confused why he thought that asking too to see. Might be different software without the same access, but they can still change it out at any time etc, same vulnerability is there etc.
Would be better if I'm wrong on that part.
n/a rednaskal 2017-05-09
talking about this: https://www.reddit.com/r/conspiracy/comments/65a3u1/my_daughters_us_public_elementary_school_installs/dg9ifo1/
I thinks he is just speculating. He probably didn't check the screenshot and says it's impero IF that string is there (asking you to check it).
n/a omnicidial 2017-05-09
Right I'm thinking I misunderstood what he meant in that post which led to believing it was THAT extension.
Problem still remains, they can still install any extension and did install 2 on that computer unauthorized, which still violates that law, but if it's not that extension, the one extensions manual isn't relevant.
n/a omnicidial 2017-05-09
TN Annotated 39-14-602 "(b) Whoever intentionally and without authorization, directly or indirectly: (1) Accesses any computer, computer system, or computer network commits a Class C misdemeanor.
It's in violation of that no matter what it installed. Past that it's not legal, everything else is a degree of severity.
It's mis c if the school policy installed a blacklist of Netflix without permission on my home pc, or any extension. Everything else is an argument of malice/severity.
n/a threwahway 2017-05-09
He's an idiot who's going to pay a few grand to his lawyer to find out he's water both his time and a nice chunk of his daughters college fund.
n/a threwahway 2017-05-09
you're an idiot who has no idea how IT or computer management works.
please save your "investigation". That account DOES NOT belong to you or your daughter. It belongs to the school and they can put whatever the fuck they want on it.
You are SO worried about privacy, you posted a browser picture with PERSONAL INFORMATION in it. Some privacy expert.
All the lawyers you talked to laughed out out of their office, which is presumably why you haven't already been told to shut the fuck up about it; there's literally nothing to see here.
You NEVER had to sign into chrome with your school account and when you did, you accepted the EULA that comes with using that account with chrome.
Why doesn't your "proof" show any sign of the Impero agent, it didn't bind your computer to any central auth system, it didn't apply any policy to anything other than CHROME, and you should feel like you just wasted a huge amount of time.
Congratulations. When you get the letter from the school's legal team informing you of all the same blunders i've pointed out i hope you post that but something tells me you wont.
n/a threwahway 2017-05-09
LOL is this the website that's "TOTALLY SPYING ON THE ENTIRE FAMILY OF IT'S STUDENTS!!!!" ???
http://northeastelementary.org/
n/a SaxonWitch 2017-05-09
Just get off your high horse. A child was arrested the other day for LIKING the picture of a gun on FB. He used his home computer in his room to do this. Yet someone, somewhere from his school grassed him up. Their argument was that it is against school regulations to be involved in any activity as described. Now, most people have wondered how a school would know, considering this boy was alone and on FB.
You laugh at things that have already come true. Schools can and have used their powers to infiltrate private computers against pupils, and it can only be because of their planting of these programs.
I really don't care that some people don't read the small print. How and why would they, if the school says that they are required to agree. You could read the small print and still have to consent if you want your kid to go to that school. OP even tried to opt out as suggested and wasn't allowed, despite it being apparently an option on the contract!
You probably think that because you 'know' a bit about IT, that you are the most switched on person but privacy is a right in a free country. OP has no privacy, other parents who let their child use their home computer to be used for school work also have no more privacy. All of their searches can be monitored and used against them. That's beyond utopian and it is wrong. Just like civil forfeiture is also wrong, despite it having been lawful, it is now being changed. Thanks to people complaining and doing something about it.
I don't think OP would be laughed out of a lawyers office if the program was misused/ abused/ used for illegal privacy breaches. I am just glad that there are still enough 'old school' people left that will expose unfair techniques and we are not all wet blankets that think authorities could never do wrong.
Grow up man and see it for what it is.
n/a threwahway 2017-05-09
I don't just know a bit about IT, I roll that software for a living. Please educate yourself. If chrome could take over your computer nobody would use chrome.
n/a omnicidial 2017-05-09
https://crx.dam.io/ext/gblkchompccdlgleecnffhlefbhejhhb.html
"gblkchompccdlgleecnffhlefbhejhhb;https://clients2.google.com/service/update2/crx"
Google that string and see what it says, then look at the image that is linked above again I posted when I first saw it and posted it to imgur then here asking if anyone could help me figure out what the hell it was because it looked like spyware to me.
n/a omnicidial 2017-05-09
I posted this thread, it only got like 450-500 upvotes, 26 days ago, when I thought it was just capturing the browser history when I saw the blocks on netflix etc: https://www.reddit.com/r/conspiracy/comments/65a3u1/my_daughters_us_public_elementary_school_installs/ -- could have seen that in less time than this post took by sorting my submissions by top and seeing 26 days ago.
n/a threwahway 2017-05-09
And yet still no proof. Sad.
n/a zenmasterzen3 2017-05-09
This reminds me of a story where some lady tried blocking the power company from building something, and she wound up gangstalked. It's worth sleeping with doors bolted and telling ur kids to do the same. If you find you are being stalked or harassed, read this book:
http://thoughtlessness23.blogspot.com.au/
Maybe go to the local news about the story.
n/a stonecats 2017-05-09
since south carolina failed to block porn in 2016, maybe it's bible belt neighbor tennessee is attempting to use the school system to accomplish the same type of block.
n/a cree340 2017-05-09
From looking at the screenshots it seems that account logged into chrome is a "managed" G Suite for Education account which is issued by the school. The school was able to push the policy to automatically install the impero extension and setup a manual URL Blacklist using the G Suite chrome management features. I don't think the impero software/extension was ever intended to be implemented this way and is designed to be only installed on school owned computers. But since the school seems to be using Google's G Suite platform to push these settings, I think you may even be able to file a complaint to Google for the school's abuse of the G Suite platform to illegally spy on non-school devices without permission in addition to talking to the school and consulting a lawyer.
n/a FeelingOzoned 2017-05-09
Sue the dogshit out of them.
n/a machlaxx135 2017-05-09
How do I check to see if it's been installed on my computer?
n/a omnicidial 2017-05-09
https://crx.dam.io/ext/gblkchompccdlgleecnffhlefbhejhhb.html that extension will be in your chrome://policy page if you put that in the address bar.
It'll read as "gblkchompccdlgleecnffhlefbhejhhb;https://clients2.google.com/service/update2/crx"
n/a op-return 2017-05-09
Windows lol 😁
n/a sandvich 2017-05-09
as someone who does this for a living you need to chill son. you got a bark and it's loud, but you got the wrong coon in the wrong tree.
I would look into the softwares ability to access the camera remote, and what it does with the camera activation light if it has one.
you then need to install wireshark, and start looking for connections coming and going from the machine.
look at the traffic and determine what it's looking for.
most maleficence for real money will come out of the camera or listening device if you can prove they are accessing it.
there was a case about 2 years ago along these same lines, and the father worked in IT. he ended up owning the school system for something similar.
n/a omnicidial 2017-05-09
The extensions manual says it gives them ability to patch all software on a windows machine, turn it on and off at any time if wake on lan is enabled etc, go read it. It's at the top.
Proving they're using the capabilities they installed maliciously would only cause legally a difference in severity of charge, they're in full violation of TN 39-13-603 already.
n/a sandvich 2017-05-09
that's normal though, for a corporate owned device. most have security metrics they are trying to meet.
wake on lan is a setting in the bios that can be turned on or off, and requires it to be physically connected to a supported switch. odds are your home network is not supported, unless you have it in a DMZ, and they are using intel amt. which they aren't, cause no one is.
someone already told you what happened. someone is signing into chrome with a student account, thus it's loading the extensions.
you can simply block them from installing. even have chrome blacklist the extension ids if it's on a home machine.
in most of these situations, you have really short staffed IT depts who don't have time, or care, to spy on someone. however some creepy types do, and that's were the money is, and case if you can find it.
n/a omnicidial 2017-05-09
They own none of these devices, all my home devices.
They installed them to people's homes knowingly, it's very easy to disable something like that and only patch to your own whitelisted IP addresses so that you're not breaking the law.
n/a threwahway 2017-05-09
Thanks for your comment. These rabid dum dums getting bent out of shape over shit they know nothing about is annoying.
n/a kennethls 2017-05-09
You've cited a lot of tangential stuff except any of the actual proof.
Show us the computer. Show us the process names, upload some logs, some binaries, something to actually investigate. Not just anecdotes and assumptions.
n/a donkeypunshhh 2017-05-09
Very interested in how this turns out. Keep us updated OP.
n/a outbackdude 2017-05-09
Is the impereron patch management software the same as the browser extension? Or different program.
n/a scottie6561 2017-05-09
I agree with most of the comments. It is illegal to take control of any computer that is not the the school districts property. It is also illegal to have that restriction set on someone's account then when they log into their own, it restricts their computer. They do not have the right nor authority to have that control over your personal computers. I'd take this to the superintendent and have a discussion about this, if I were you. If he doesn't comply hire a lawyer and it should all be settled in a month.
n/a Ashlir 2017-05-09
Damn, if only the government would protect us from the government. /s
n/a madsonl 2017-05-09
I work for a school district which has the student google accounts under similar restrictions, the reason why this happened on your home computer was since your student signed into chrome with the school credentials not gmail with their school credentials. The school district goal isn't to get into your home computer it is so that when a student uses a school computer they can monitor it.
n/a threwahway 2017-05-09
Please update us when you get the lawyer Bill and they tell you that you were wrong.
n/a omnicidial 2017-05-09
Ok. They didn't. Already billed on retainer. Good call tho.
n/a threwahway 2017-05-09
Sure. Which law firm?
n/a TheMuffnMan 2017-05-09
The actual true test of what's happening or not would have been if you did a netstat, WireShark, or equivalent with a before/after of your child logging into Chrome. You could then check the public IP's that the computer is connecting to to see where traffic is being directed to. If there's an IP owned by the city/county or something to that effect then you'd know something was calling home to them.
In reality though, you've just got Google doing a profile sync from the school system that has mandated policies by AD GPO which is enforcing plugins to be installed. They should have disabled browser sync with those same policies to prevent what you're seeing. When the student logs into Chrome elsewhere it's syncing those settings that were mandated in the school.
There's no privilege escalation, there's no inventorying of your hard disk, etc. If I had to wager the company has a default set of things blocked (netflix) separate from the school.
Just have your kid's account signed out of Google Chrome for sync and you're on your merry way. If anything you should recommend they implement the 'disable sync' policy with Chrome. I linked to the specific setting in another post if you go through my history.
They don't care about your home browsing habits.
School IT administration typically is not the highest paid and it doesn't surprise me they would have overlooked the sync setting. That and AD GPO can be incredibly difficult to grasp, I've seen people with years of IT not understand basic GPO policies and how they impact one another.
No one is bugging your home computer.
n/a omnicidial 2017-05-09
TN Annotated 39-14-602 "(b) Whoever intentionally and without authorization, directly or indirectly: (1) Accesses any computer, computer system, or computer network commits a Class C misdemeanor.
It doesn't matter if they are in terms of legality. The fact that they installed something without permission is a crime.
n/a TheMuffnMan 2017-05-09
The school didn't install anything on your computer.
Your child logged into Google Chrome which was configured to synchronize settings across machines.
That's not the school, be mad at Google. Be upset with your kid for logging into Chrome. Your child gave Chrome permission to synchronize settings (plugins, etc)
n/a omnicidial 2017-05-09
They were taught at school to do that in that manner. Every 5 to 10 year old there.
It's the kids fault the school system trained them to do it then sent them out?
You work in education? This is how they dealt with a bullying problem next town over last year, football coaches let them go make joke announcements for homecoming court, adults gave them the office mic, let them do it all, then they only punished the kids, all their fault.
n/a TheMuffnMan 2017-05-09
Gotcha, part of it is going to be school IT salary doesn't attract the most qualified candidates so you can get sloppy policies. I got suspended my senior year for figuring out how to bypass some of the security on the machines in all the labs - didn't go over too well with the county.
My guess would be teachers or the IT guys had them set it up that way "because it works" rather than how it should work. That one setting I linked to and keep mentioning (disabling sync) should have been applied. I would absolutely go to them and print off that article and recommend they do it. Group Policy is a tough concept to master and as a result you really do get a lot of dumb luck (trial & error) and then they leave it in place. Definitely not best practice and definitely not production ready stuff.
Software did get installed on your personal machine but it's the result of Google and not the school. The recommendation for WireShark and Netstat would be to determine if the plugin is actually phoning home for policy versus just a default layout.
I specialize in a product called Citrix (/r/Citrix) which is remote apps/desktops and deal a lot with education (mostly upper education) as well as healthcare, insurance, financial, lawfirms, etc. I've seen a lot of sneaky things that kids (and even adults!) do to circumvent security so we try to lock down stuff as best as we can.
Part of that is implementing the Google Chrome templates. Google and Firefox both can install into the user's personal directory (C:\Users\%username%\AppData) which doesn't require admin rights and is an absolute pain to prevent. There's a few other pieces of software that do the same - DropBox, Spotify, etc
n/a TheMuffnMan 2017-05-09
https://support.google.com/chrome/answer/165139?co=GENIE.Platform%3DDesktop&hl=en
School system is a shared device.
n/a TheMuffnMan 2017-05-09
Also, to be 100% clear.
Active Directory Group Policy mandating the installation of any software or any policies can only occur on domain-joined machines.
That means, if the school is mandating the home page, internet settings, extensions, plugins, security settings, etc those settings can only apply to computers on the school's domain. There's is absolutely no way possible for the school's AD GPO settings to apply to your personal computer. It's technically impossible.
That said, and to reiterate what I said earlier, Google Chrome and its account are separate from the school's policies.
If the school allows the students to create a Google account with their school email and they're permitted to sign into Chrome and the administrators have not disabled Google's sync then if the students signed into another computer (personal, work, school, etc) Google would install whatever associated plugins you had and sync your bookmarks.
That does not bypass any security restrictions on the computer. Hopefully you've given your child a 'standard' user account rather than an adminsitrator but even then you should have User Account Control enabled which would prohibit anything without user intervention.
Google Chrome plugins do not require any escalation of privilege to install. They're installed on a per-user basis in the user's C:\Users\%username%\AppData folder (I think it's in the Roaming subfolder).
Now, the plugin you're specifically concerned with may have a default set of settings (Incognito, etc) that it installs with. If you log your child out of Google Chrome those plugins, bookmarks, etc should all go away automatically.
The school should disable synchronization to prevent this from happening but it's not some hidden agenda. Everything you're seeing can be explained from a technical point of view and makes sense.
Your child consented to synchronizing settings when they logged into Chrome - that would include those plugins and settings. There's no crime committed here.
I did look up the minimum age for a Google account is 13, how old is your child?
n/a omnicidial 2017-05-09
7 8 and 10.
n/a TheMuffnMan 2017-05-09
Yeah, you can disable the synchronization in Google Chrome for extensions and keep their bookmarks and passwords.
Chrome Sync Settings
Pretty granular in what you can keep/ignore. On the home computer until they modify the disable sync I'd just disable the browser extensions from syncing.
Regarding their ages, it's possible the school is associated with Google for email, I know my college was, but I'd also double check your children didn't create an account on their own with a school provided email - which is something you can do.
If the school gave them a Google account see here I'm sure there's different policies on the ages and such.
n/a omnicidial 2017-05-09
School assigned Google account, correct. Probably different rules my assumption too, but they never even told us they were giving them an email.
I had them using a catch-all address that I forwarded thru myself so I had copies of their emails, this actually assigned them a different email they didn't tell me about and I didn't necessarily want my 6 year old at the time to have one. I found out about it pretty quick but I didn't appreciate them assigning them individual emails outside my ability to monitor as a parent either.
n/a threwahway 2017-05-09
I sent this thread to the school and superintendent with my comments.
For someone who is so concerned with privacy you sure did post a lot of identifying info.
n/a omnicidial 2017-05-09
Me too. I got a response from him today.
They're looking into the claims and seeing why their policy allows it etc. Semi-standard boilerplate.
Would have never been hard to id me to do all that, my name is posted all over this account.
n/a threwahway 2017-05-09
Oh good. Yea post all the stuff. I'm headed over to your towns subreddit and Facebook now to make you look real dumb :)
n/a omnicidial 2017-05-09
My names on the account dude, those people know me. It's posted in my facebook and I copy pasted the top post here in the email.
Post all you want. I can't be more clear about that all you'll do is publicize it for me.
n/a threwahway 2017-05-09
You're not going to get any publicity because nothing illegal is taking place.
n/a omnicidial 2017-05-09
Trying to make you understand how little I care about you threatening to out my identity. I'm going to record podcast audio about this, including the whole story, but I'm not out to smear this dude it looks to me like most likely answer is they did this not realizing it could be potentially illegal because of the home vs at school installing software aspect and the outcome I want is for them to "not do that anymore." That's it. I'm going to ask him to comment on it, and I'm not going to be like "fuck this guy" I don't know him but some shit looked shady to me, but fuck I know I'm stupid sometimes.
I posted it because I knew I'd get some assistance of weaponizing the autism research powers of reddit cause I couldn't do it fast enough.
I might be totally wrong about all sorts of aspects of this, I already have been more than once, then I say I was and go on. It might not have been imperio I saw earlier too I think I made a mistake there, they might just have installed compass learning and I got the plugin wrong. Even if I did installing software still is not legal, but I'm not like, go get pitchforks.
I just want them to know I see it, and I think it's potentially not legal and could you stop, and I contacted them myself threatening to out my privacy or doxx me or whatever isn't something I give a shit about. I saw it looked suspicious and reported it to them.
n/a -_Spook_- 2017-05-09
Your about as bright as a broken bulb.
It's one thing to give out your information freely at your own will. It's another for a 3rd party group to secretly steal said information.
How you can't understand that is absurd and I'm embarrassed for your lack of mentality.
n/a threwahway 2017-05-09
Ooooooo I know things you don't understand are scary!!!
n/a dankney 2017-05-09
Also remember that the school is an agent of the state. 4th amendment protections likely apply here as well.
n/a themajesticdik-dik 2017-05-09
Wendel and twindell should have this as one of the topics on next week's podcast
n/a omnicidial 2017-05-09
Quick update, spoke to sec of schools via email he offered to meet 7 days ago but wanted to record video and bring an "independent" expert from his old work, TN tech where I guess he didn't know I knew he worked.
Told him sure, but I'd like to record video. No response.
Emailed him again after 7 days asking for when he'd like to record.
n/a omnicidial 2017-05-09
I don't discourage easy.. lol. Lots of people tried to argue it was wrong but never had persuasive logic.
n/a omnicidial 2017-05-09
What it's doing is running an extension in chrome that gives them that backdoor, then they have ability to patch literally anything in windows, linux/mac looks like not so much.
They can turn the cameras/mics on too possibly. Some probability this is confirmation bias, but some kids are now saying to my kids they saw their webcams turning on randomly. One of those I can verify 3 girls saw a webcam kick on while using a mac, but the light turned on, and they covered it with a bandaid, that one my kid told me, she's an awful liar I'm 99% sure she's not making it up.
Can't verify the cause, hearsay as fuck, all 3 unreliable 10 year old witnesses sounds like the damn salem witch hunt, still makes me uncomfortable.
n/a meneldal2 2017-05-09
So in practice it isn't that bad, they just know what you do with one browser. The smart thing to do is to get a portable chromium or the like and use it for their shit and nothing else.
n/a TheMuffnMan 2017-05-09
Chrome extensions are per-user basis...
If they all use the same account and the child has logged into the Chrome browser then that's a different story.
n/a TheMuffnMan 2017-05-09
I'm actually surprised they don't block signing into the browser itself. Most companies I install Chrome for we'll disable sync:
https://support.google.com/chrome/a/answer/6309115?hl=en
Then you roam their settings within the profile management, whatever product that may be.
n/a omnicidial 2017-05-09
7 8 and 10.
n/a omnicidial 2017-05-09
Trying to make you understand how little I care about you threatening to out my identity. I'm going to record podcast audio about this, including the whole story, but I'm not out to smear this dude it looks to me like most likely answer is they did this not realizing it could be potentially illegal because of the home vs at school installing software aspect and the outcome I want is for them to "not do that anymore." That's it. I'm going to ask him to comment on it, and I'm not going to be like "fuck this guy" I don't know him but some shit looked shady to me, but fuck I know I'm stupid sometimes.
I posted it because I knew I'd get some assistance of weaponizing the autism research powers of reddit cause I couldn't do it fast enough.
I might be totally wrong about all sorts of aspects of this, I already have been more than once, then I say I was and go on. It might not have been imperio I saw earlier too I think I made a mistake there, they might just have installed compass learning and I got the plugin wrong. Even if I did installing software still is not legal, but I'm not like, go get pitchforks.
I just want them to know I see it, and I think it's potentially not legal and could you stop, and I contacted them myself threatening to out my privacy or doxx me or whatever isn't something I give a shit about. I saw it looked suspicious and reported it to them.
n/a lugenfabrik 2017-05-09
Good for you, you somehow worked at the only schools districts that have the funding to give every student a laptop.
In a parallel universe of course.