Hi. My school just started issuing devices last year, and they have this Lightspeed spyware on them. Last year I was able to remove it by booting into Linux from a flash drive and moving the files to a separate drive and then back at the end of the year. This year I have heard from sources that they have ways of detecting someone booting from Linux so I am hesitant to do that option. My only other idea is to buy an old laptop off eBay that looks like it and install Linux on it. I could probably get one for about 50€. Does anyone have any cheaper ideas?
Oh also talking to IT isn’t an option.
If you think you’ve hidden from surveillance software, you’ve just been tolerated. You don’t need some advanced VM detection/Linux file system scanning software to recognise that the kid in the back sitting on his laptop hasn’t had the software check in for two years.
As for the privacy violations, read up on your local privacy law. File a complaint with your local data protection agency or similar institution if you think your rights are being violated. Google and Microsoft cloud environments are completely legal in many EU countries, so they’ll have to use some pretty weird software to violate your legal rights. I believe France and maybe Belgium have put restrictions on certain cloud software for schools, but others have made deals with cloud companies to make their education products comply, so you would probably not have your rights violated in those countries.
The courts will balance your right to privacy against the school’s obligation to educate you and keep you safe. In some American states, for example, schools are on the hook if kids look up porn in laptops given to them by schools (even in their home WiFi).
I doubt they’ll be able to detect you booting into Linux (at best they’ll detect your Linux boot drive), but they can easily push an update to disable your ability to do so through secure boot keys, if they wanted to. It’s their computer, so they can lock it down as much as they want, and they’ll take physical possession of the device if need be.
Unless you’ve paid for the laptop with your own money (and without a significant subsidy from your school), that laptop isn’t yours. If you manage to beat the system, you’ve probably violated the terms of the loan and they could just have you hand in your laptop after which you or your parents will have to buy a new one that follows their specifications. Look at it this way: if you lend someone your phone to make a phone call and they start removing apps and installing custom ROMs, you’d probably be annoyed too.
Do yourself a favour and get yourself a computer of your own if you want to mess with Linux. Not having to worry about evading detection mechanisms will give you much better flexibility in terms of setup, configuration, and reinstalls. I’m not sure if €50 is enough for a usable laptop, but you can always try. It’s not as if school computers are known for their performance.
Alternatively, you could experiment with something like a Raspberry Pi. They’re back in stock in many places and plenty fast to mess with Linux.
Your only viable alternative for the school laptop would be to talk to IT and get them to ignore your trickery, but it sounds like you’ve already pissed them off at some point.
Edir: based ik your earlier post you seem to have quite a powerful desktop computer. You can turn any laptop thst runs Windows or Linux into a thin client that can connect to your desktop at home. You may even be able to use the standard Windows RDP client on your school laptop without the admins noticing anything. Thst approach would require you to have your computer on at all times and to have decent internet available from wherever you connect, but it would save you a lot on hardware cost for your portable machine.
Does it have built in storage? If not, could you just buy a second hand SSD, swap it and use that one and put back the original SSD when you return it?
I believe I experimented with that before. Like I said I don’t want to risk much with this device. Their network is actually solid (it was set up by kids in the networking class not just it) and they would detect it. It did just occur to me that I could remove the Wi-Fi card then remove the files with Linux so that it couldn’t phone home, but I don’t know if it would log the files missing. Do you think that would work?
It would really depend on the device. It would be possible to phone home, even analyze which files might be missing and report that. Whether that’s how it works or not would depend on the device.
They didn’t notice it missing last year, but they have made changes. It used to not auto install its extension on librewolf but now it does.
What’s the consequences for getting caught? Even if they do detect you messing with their install image, what are they going to do about it besides tell you to put it back? Unless they’re going to make you go for psych visits over software removal, it seems to me you may as well just try it and find out.
Grow up and get your own fucking computer. Don’t be an asshole and fuck with someone’s else’s machine. Do whatever is required to be done on the school machine then put it away and use your own for whatever supersecret spy shit or whatever you need to hide from"The Man". I don’t fuck with my company issued machine. I do my work then use my own machine to surf porn, torrent, or what the fuck. I don’t mess around with the machine that someone’s else paid for. Because I’m not an asshole. Don’t be an asshole.
I have my own computer. I use it for exclusively personal things and use my school issued computer exclusively schoolwork. They legally require me to give up my privacy and I disagree with this based on principle alone. Enjoy your porn though.
Is there an IT policy at your school? I suggest perusing it for 2 reasons:
- Understanding the consequences of tampering/tinkering with the spyware.
- Understanding how much authority the IT department really has, and whether or not what they’re doing with the spyware constitutes overreach.
#2 in particular is for your own knowledge/benefit. Since you’re not an employee, but a student, you may have some inherent rights under this policy, which the IT department may be violating.
Their policy (at least the last time I checked) was all vague rules with whatever punishment they see fit. That is why I just wanna get something identical that is mine. I won’t get on the network but I can use a mobile hotspot and be fine. What rights are you referring to specifically?
I’m guessing this is a school and not a university? At a university students have more clout/rights, at least on paper.
In any case, getting your own machine is the way to go. You can run whatever you want on it. You could still (cautiously) use the school network, as long as you use a VPN; basically treat the school network as a “hostile” environment. That’s assuming VPN use is not against the school rules. :)
I can’t use the network there, I haven’t looked at how they configured it but if I do bring my own device I want to keep it off their network completely because they would realize quickly. I have decent cell service though and can do a mobile hotspot.
You sound like a really decent, well oriented, and kind bloke with a talent for teaching people stuff and giving well-rounded answers. Well done you.
I would say just do it and play dumb if they bring anything up. Or look at some really weird shit and let them spy.
I did the “look up weird shit” option last year and ended up having a nice chat with 10 different psychologists about it. I’m not doing that again but I like where your head’s at.
What the hell did you look up?
I can’t say too much. I want to not disclose info they might recognize.
deleted by creator
Is running Linux from a USB drive an option! You don’t have to install anything on the machine itself, and you could run the pen drive os on any machine…
Install Linux on a USB stick or live CD. Boot into that OS and do exactly what you did last time.
-
Unless they have gone into the firmware to prevent booting from anything but the HDD, this will will work and they can’t detect it.
-
Once you make the changes and boot back into Windows they won’t know either. While the OS is offline their spyware does nothing. Once you boot back into Windows, it can’t run and can’t “call home”.
As someone else said, they will know eventually that something is broken on your computer, that is, no data from your machine and it becomes a stale object. But they may not automatically believe it was intentionally disabled. You’d be surprised how low compliance numbers need to be in order to be satisfactory, and no security or monitoring solution is flaw-free. They may just blame the software. Many low-level IT admins are prone to this assumption in order to avoid spending a lot of time diagnosing the problem.
Source: am a computer systems engineer
-