http://www.cantonrep.com/index.php?Category=9&ID=231245
By Melissa Griffy
Repository staff writer
July 6, 2005
JACKSON TWP. - Always log out.
That's one of the first things you learn when you use a computer.
But one day last spring, Jackson High student David Paola stumbled
across an exception to the "always log out" rule - a teacher failed to
exit the school's grading system.
"Pinnacle (the grading program) was open and completely accessible to
anybody who would have moved the mouse as we had," wrote Paola in his
narrative statement released by Jackson police as part of the
department's investigation.
Paola and his friend and classmate Adam Gross were enrolled in an
evening course at Jackson High in preparation for college entrance
exams when they made the discovery.
When their senior year began in August, Paola said he found that
teachers' user names, and sometimes their passwords, were located on
students' schedules.
Paola began accessing the Pinnacle program two times a week,
"sometimes less, rarely more frequently," he wrote.
As honor students who were respected by their peers and teachers,
neither Paola nor Gross aroused suspicion.
Gross said they watched a teacher type in his user name and password,
and figured it out by trial and error. The duo saved the information
on a computer drive about the size of a car key. That way they could
access the information anywhere.
But Paola said he only changed grades while in Jackson High's library
in the mornings, and sometimes during study halls. There, he was able
to access local administrator accounts and even the school's e-mail
server. The students said they found staff information, including
Social Security numbers, was accessible along with security cameras
and the school's sprinkler system.
Paola admitted to changing grades for himself and three other
students, including Nathan Johnson.
Johnson told police Paola asked him to insert a disk into one of his
teacher's computers. Johnson said he was aware that the software would
extract the codes necessary for Paola to change his grades in that
particular class.
When a fellow student turned the seniors in, their scheme came to a
halt - so did their hopes for honors diplomas.
The students were barred from the Jackson Local graduation ceremony in
May.
They were found guilty of unauthorized use of property, a first-degree
misdemeanor.
Paola, Gross and Johnson will serve their house arrest and community
service, but school officials said the district will live with the
ramifications for quite some time.
_________________________________________
Attend the Black Hat Briefings and
Training, Las Vegas July 23-28 -
2,000+ international security experts,
10 tracks, no vendor pitches.
www.blackhat.com
