Hi. My school just started issuing devices last year, and they have this Lightspeed spyware on them. Last year I was able to remove it by booting into Linux from a flash drive and moving the files to a separate drive and then back at the end of the year. This year I have heard from sources that they have ways of detecting someone booting from Linux so I am hesitant to do that option. My only other idea is to buy an old laptop off eBay that looks like it and install Linux on it. I could probably get one for about 50€. Does anyone have any cheaper ideas?
Actually I can install things on it and only installed a better browser and office suite. I would simply prefer not to be spied on at school, and I don’t think that that is unreasonable.
It’s a laptop owned by your school, so they can install spyware if they want to. More importantly the school likely has policies against removing or otherwise tampering with it. You would be wise to find out what they will do if you violate this policy. It could be anything from a slap on the wrist to expulsion.
Any decent IT department will eventually figure out if you disable it. They’ll know fairly quickly if it stops “phoning in” if the spyware is any good.
I work for a school and I provision these types of devices. You do not want to modify or change anything about them, as it probably breaks your acceptable use policy. If they allow you to bring your own device, then do that. But do not change the device they give you in any manner. Just don’t use school property for things you want to be private. It works the exact same way with anything owned by any organization you may work for in the future. They own the device, they set the terms. And your excuse of 'it does not break policy' or 'it is not against the law' is ridiculous, as policy is intentionally broad for this reason, and the law requires you to not interrupt normal classroom activities. If the school lets you, bring your own device. Otherwise, tough luck, seems like you won't be able to play your games.
i would like to add on to this, do not bring your own device, just simply keep school/work and personal stuff entirely separate. simple as that.
all work and schools that allow you to use a personal device that I'm aware of will require you to have whatever software for surveillance that they have on provisioned devices, you'll likely end up messing up and leaking something private, and it just takes up storage space.
it's the organization's device, they can put whatever nonsense they want on it, just be sure that you only ever use accounts from them on the device. never a personal account of any kind.
trivialising a student's desire for privacy as being about playing videogames is a lot more ridiculous than anything the OP said.
maybe rethink your uncritical support for surveillance, and either organise with your coworkers to make your school's policies more respectful of its students, or find a less unethical job.
We are, by law, required to keep this information. However, unlike many other schools, we have a byod policy that allows students to use their own device to essentially bypass this 'surveillance'.
Don't tamper with hardware that somebody else owns. If you get caught, you could be fined a lot more than 50€ and expelled. School administrators often like to "make an example" of kids that they think are "hackers" even if you're just booting Linux from USB. They don't understand the difference between that and real hacking, so don't risk it.
You can only achieve true privacy on hardware that you own. A cheap laptop to boot Linux isn't a bad idea.
Absolutely yes, if you buy hackable and repairable hardware you can do whatever you want with it. Especially if you install software on it that is FOSS.
Know your school handbook and acceptable use policy inside and out. Same with any other published guidelines they provide. My bet is that their AUP says something about not circumventing their security and monitoring tools. Booting into a live OS would certainly fall into that category. But knowing what the rules actually say is probably the first thing you should do since you don't own the hardware or network. From there, you can decide how far you really want to go and if there are any defenses or loopholes in the rules.
Getting your own hardware is probably your best option in this case if you can do so.
They can't detect if you boot into Linux; but they can detect the presence of external storage devices and scan their contents. It is best if you do not plug in your LiveUSBs or disks while the system is [ONLINE] (Meaning while the device is booted into any default operating system)
Chances are if your hardware has not changed; the capabilities have also not changed. I do however have a few tips for you:
DO NOT MODIFY THE DEFAULT OS OR SPYWARE! It sounds like they are now monitoring the files for the software and will now notice if you have disabled it; as your machine will probably be sending heartbeats to a centralized server. You must accept this spyware when operating the machine as intended to interface with your school environment; but you can limit yourself to submitting schoolwork only on it
Boot into a Live(CD/USB/Media) environment of Linux with Persistence. Google it. They can't detect this without BIOS tampering.
Do Not plug your Live Media into the system when booted into it's default mode. Your drives are probably being scanned.
Keep a separate media storage device for storing your documents and such.
You can boot into your Linux key to work on school things and browse the web privately. Remember though that you are [OFFLINE] and may be unable to access the school network and will be required to save your work on a different piece of media, shut back down and boot into the default OS again to submit your work.
You may be unable to complete assignments in Linux [OFFLINE] that require you to respond to questions interactively [ONLINE] or otherwise require that you be interactively [ONLINE].
It depends what they use for monitoring. If they use Intel vPro then they can technically take over from any operating systems since it runs at the TPM/firmware level.
I'm assuming that unless told otherwise; they have no such capability in the BIOS. It IS probably a public school and IT department that isn't that clever/resourced.
Hate to break it to you, but jobs are doing this as well. I am a teacher, and we just got GoGuardian for students, but it has been watching / blocking things for teachers since I started a couple years ago. If you have a work-issued device, your work will most likely monitor it, and same goes with school-issued devices. I get that you want to hack it and do what you want, but that could get you fired some day.
Among other ways it might make you better off, a tendency to boot linux on school-issued devices could also very much help get you hired some day. Although perhaps not in the education system. Seeing a teacher discourage it is even more depressing than seeing a student fear he'll be punished for it. So long as you're not breaking any laws, it seems like a fine idea.
I don’t discourage it so much as I’m giving this person a warning. Also, do you know why they put up those systems? To protect their devices, and to block kids from things they legally should not be on. I’ve seen so many kids (and adults) download viruses, spyware, adware, etc on their computer just because they wanted a “cool” mouse pointer, wallpaper, or other feature. Not that I think op will do something stupid like this, but this is what they’re protecting their computers from.
I like this take. I got into a programming class after telling the teacher about a program I had previously gotten an in school suspension for writing. It recursively started itself and used a ton of resources. It was just goofy and the it dept. called it a virus.
When I was in high school I had my school laptop and my Linux laptop, if I needed to do work I would download the file on the school laptop and use a USB to move it to my Linux laptop to work on it. It was tedious but was the only way as we had latitude 2 in 1s that had a soldered in ssd. So I couldnt swap hdd, I ran zorinOS on a Lenovo t450 and it worked really well for school work
I got in trouble for getting into the schools network I'm 6th grade. They kept asking who in the group was involved in remotely shutting down computers and that they had logs and would find out anyway. I called their bluff and didn't get in as much trouble as the rest of us.
are you in europe/EU? (judging by currency symbol)
what about talking to the relevant GDPR authority?
there should be a clear route of complaint.
start by submitting a subject access request
" what infomation do you hold about me, or that you can link to me?"
"give me a copy"
" what procesing are you doing with it"
" have you shared it? with whom?"
so this process in iself should reveal all processing that they think youve consented to - gives you a basis to challenge.
Disregard whatever you've heard about installing Linux on the device, find the agreement given with it and see what it says. If no reference is made to doing your thing then returning it with the same setup, I'd say you're in the clear. I'd bet the agreement covers damage, lost and stolen aspects plus returning it good condition, yet if you reinstall the software like it was provided they'd have to be very explicit about not loading Linux. If they do, you could use linux on a USB without installation. This could get you off the spyware while not breaking the rules if they are in writing.
Basically this. I'd just buy a used disk, swap them out and install Linux. That or use a USB.
When it comes time to return it, put the old hard drive in it and return it. I can't think of a way for them to tell you did this aside from the lack of logs they keep from trying to track you.
If it truly does have a keylogger then that’s really bad as it means they have access to your passwords and any other sensitive data you might type. How certain are you that it includes a keylogger?
You don't NEED to give a shit. It's their hardware, they can do as they see fit with it. If you don't like it then don't use it. It really is that simple. You can be as indignant as you want, but the answers that many have already given you in this regard will still ring true.
Use it as is, or don't use it at all. Those are your options. Get over it.
And for fucks sake, stop giving everyone here a bunch of attitude just because you don't like how the real world is.
Bring your own device. Run it on your own wireless Internet connection (cellular). Never attach it to any private (read: school) resources aside from a power plug. Do not use corporate cloud (Amazon, Microsoft, Apple, etc). When you need to transfer assignments from personal computer to school computer, use your own cloud service like Nextcloud, or use GPG to encrypt the payload and send it to your school email address, which you can decrypt and send to your teacher. It will then be public and you should assume the teacher is techdumb and will put it on compromised systems like Apple, Microsoft, etc.