| But the school IT admin didn't know. (Makes sense, students probably trigger the antivirus on a daily basis so even if the antivirus software did have reporting functionality the IT admin probably wasn't making use of it.) So when nothing happened for a while, I continued my investigation. I learned that by splitting a file so that you have a file with the first byte of the original file in it, a file with the first two bytes, a file with the first three bytes in it and so on, and then looking at which file in the sequence was the first to be discovered by the antivirus, you could learn what part of the file the antivirus was fingerprinting (nowadays antivirus is more sophisiticated and applies more than just fingerprinting but at the time at least the one they were using at school was operating in this fashion), and you could edit nearby values with a hexeditor hoping that the byte you changed would alter the fingerprint without breaking the program. If you were lucky a text string was part of the fingerprint and could be altered without consequence to the function of the program. So with a version of FakeGina.dll that I had modified in the fashion just mentioned, I installed it on a few of the school computers. A handful of computers in one of the computer labs and a couple of classroom computers. Because I had installed the keylogger on a couple of classroom computers and because teachers were using those computers, I ended up with the passwords of not other student accounts but also some teacher accounts. I was about ready to tell the school about what I had found but not until I first bragged to some of my friends, a couple of which asked if they could have the admin password so that they could install some games on the school computers. Sure, why not. Just don't tell anyone about it, I said. Basic op-sec failure. If I didn't want others aside from my friends to know, I shouldn't have told my friends either. One of the people I bragged to told one of his friends and that friend told the principal about it. One of my friends heard that that other guy had told the principal about it because that other guy told other people that he'd told the principal. My friend sent me a message on facebook to warn me about it but I wasn't logged onto facebook so I was sitting at the computer lab blissfully unaware of what was going on. Even if I'd known it wouldn't have mattered. Once they know it's too late. So one of the school staff marches into the computer lab with a stern look on her face, says "come with me". I paniced and looked around, considered jumping out of the window as we were only about half of a story above street level but decided that since none of the windows were open there was no point in trying that. She escorts me out of the computer lab and I ask "what's going on", trying to sound normal but my voice was shivering. She didn't answer, just kept walking alongside of me guiding me towards the principals office. I knew that the principal was a nice person so I hoped that I would be able to explain what my initial motivation had been and that I was sorry that I had gotten carried away. The principal was a nice person but he was also concerned about what I'd done and the impact of it, and the fact that I had logged teacher passwords meant that I could in theory have altered report cards, and that that amounts to falsification of official documents or somesuch and so on. In the end I was expelled from school for three days and the school reported me to the police. At this point I had recently turned 18 years old so the school told me that they could not inform my parents of this without my consent, and neither would the police be able to, so I told them that I did not want them to inform my parents of it. A couple of weeks later the school told me to go to a local police office for questioning, which I did. The police officer that questioned me was a likeable person. Not friendly but not hostile either. Simply serious and factual. In the end, I was given a fine of about $600 and the incident was recorded on my criminal record, which up until then had been clean. My father found out about it when a letter arrived in our mailbox, sealed and addressed to me but with the name of the governmental entity that collects fines on it. When I got home he was sitting at the table with the letter. He was visibly upset. He had not opened the letter because he couldn't but instead he told me to open it in front of him. I said I didn't want to but he said that I had to so I did. The letter did not say what it was about, just the amount of money I had to pay and when I had to pay. So instead I had to tell him everything and I did and he was upset with me for a very long time. Since then I have regained his trust. At first I was upset that someone "ratted me out", as I saw it. Esecially since not only was he a friend of a friend, but he was also a person I had had classes with and while we were never friends perhaps, we did have some sort of bond through our shared passion for programming. Over time, I have come to realize that his alerting the principal about what was going on was the best thing that could have happened. I was headed down a path that could have landed me in a much worse position. Thanks to him, it stopped there. I am a different person now. My fasination with computers remains but I have learned to adhere to the policies and the laws that apply to systems, as well as being respectful of the privacy of others in a manner that I clearly wasn't when I thought it was ok to keylog the account credentials of my fellow students. (Thankfully though I never was tempted to read other peoples e-mail, personal files etc., and most of the other students in my school were impressed with, not mad at, what I'd done once it became known.) Some of my recklessness and disregard may have been due to lack of maturity, some of it due to lack of experience (where up until then anything I did with a computer always was undoable with a red little floppy disk, since up until then only myself was affected by my actions on the computer). Still, as I said, I think that if it hadn't stopped when it did, I might have ended up a very different person. |