Skip to main content
CNN EditionTechnology
The Web     
Powered by
powered by Yahoo!

Student hacks school, erases class files

By Jeordan Legon

Story Tools

start quoteNetwork security sucks, and there's not much the school administration can do. Somebody who knows how will break in.end quote
-- Bruce Schneier, security expert

(CNN) -- Highlighting the vulnerability of most computer networks, a 17-year-old student taking a networking course was arrested for hacking into his school's computers and erasing folders belonging to the junior class, New York State Police said Tuesday.

Although grades, disciplinary records and other secure information were not accessed, police said Clint W. Triou, a junior at Marion High School near Rochester, deleted the password-protected folders where his classmates stored class projects.

Triou was charged with one felony count of computer trespass and a misdemeanor count of computer tampering. He is scheduled to face charges in Marion Town Court June 18.

"We found a number of hacking software that had been loaded onto the computer," said George Worthington, director of computer services at the 700-student Marion school district. "He had used that to gain access to the administrative computer."

Helped teachers

Worthington said Triou is a quiet student who on occasion had asked him for computer help.

"He's asked questions in the past and helped teachers to develop Web pages," Worthington said. "He seemed to be pretty helpful."

A computer firm that helps the school resolve technical issues was called Friday when a teacher reported some students couldn't find their network folders, Worthington said.

The firm traced the hacking to a computer in a classroom where a networking course is taught, Worthington said.

State police seized the Compaq PC allegedly used for hacking. The machine contained keylogging software that can be downloaded from the Internet and allows hackers to record keystrokes and capture passwords, Worthington said.

The hacker was not able to access the school's grades and disciplinary data because that information is protected by two sets of passwords, police said.

As a precaution, however, the school district will now mandate that all network users change their passwords every 90 days, and the administrative password will be changed every month.

To guard against hacking software, school network users also will choose passwords that contain a combination of letters, numbers and at least one special character such as a punctuation mark.

Networks at risk

Bruce Schneier, from the computer security firm Counterpane, said the school is still not protected against keylogging attacks that record keystrokes.

He said the alleged breach of the school's security illustrates the ease with which networks can be hacked.

"Almost all networks are extremely vulnerable," said Schneier, whose upcoming book, "Beyond Fear," examines the security trade-offs computer users make.

"Network security sucks, and there's not much the school administration can do. Somebody who knows how will break in."

Schneier said he disagrees with the felony charge facing Triou, who was charged as an adult.

"The kid did the equivalent of spray-painting the school," he said. "It shouldn't be a felony to be young and stupid. That seems grossly unfair."

Story Tools
Subscribe to Time for $1.99 cover
Top Stories
Burgers, lattes and CD burners
Top Stories
CNN/Money: Security alert issued for 40 million credit cards

International Edition
CNN TV CNN International Headline News Transcripts Advertise With Us About Us
   The Web     
Powered by
© 2005 Cable News Network LP, LLLP.
A Time Warner Company. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines. Contact us.
external link
All external sites will open in a new browser. does not endorse external sites.
 Premium content icon Denotes premium content.
Add RSS headlines.