Students Hack School-Issued iPads Within One Week

Hugh Pickens DOT Com writes "Los Angeles Unified School District started issuing iPads to its students this school year, as part of a $30 million deal with Apple. Now Sam Sanders reports at NPR that less than a week after getting their iPads, high school students have found a way to bypass software blocks on the devices that limit what websites the students can use. The students are getting around software that lets school district officials know where the iPads are, what the students are doing with them at all times and lets the district block certain sites, such as social media favorites like Facebook. 'They were bound to fail,' says Renee Hobbs, who's been a skeptic of the iPad program from the start. 'There is a huge history in American education of being attracted to the new, shiny, hugely promising bauble and then watching the idea fizzle because teachers weren't properly trained to use it and it just ended up in the closet.' The rollout of the iPads might have to be delayed as officials reassess access policies. Right now, the program is still in Phase 1, with fewer than 15,000 iPads distributed. 'I'm guessing this is just a sample of what will likely occur on other campuses once this hits Twitter, YouTube or other social media sites explaining to our students how to breach or compromise the security of these devices,' says Steven Zipperman. 'I want to prevent a "runaway train" scenario when we may have the ability to put a hold on the roll-out.' The incident has prompted questions about overall preparations for the $1-billion tablet initiative."

I'm a tech coordinator for an Ohio district

[CreepingDeath]

Basically I could have told them this was going to happen because of how iOS is designed. We have about 200 and they don't leave our buildings (most of them are in classroom sets/charging carts) and I'd say at least 5-10 a week have to be factory reset because the kids remove the profile and lock the devices.

How is it this easy? Well since iOS (Android has this same issue and more, sadly), unlike say, ChromeOS, isn't designed to be managed from an enterprise level. So everything we do with policies can simply be removed by the user. No password required.

We tried the carrot and stick approach, the main profile contains the WiFi password, which they don't know, so when they remove it the devices drop off the network and are basically useless. This probably stops most of the folks from messing with them too much but we still have a few that just want to watch the world burn.

However if you GIVE them to the kids, and let them take em home where they can use their own personal WiFi (even worse if they know the password for the school owned wifi) then the carrot is gone. There is little-no incentive for them to leave the iPad's locked down.

This is why we've stopped buying iPads and started buying ChromeBooks. I hope Apple (and Google's Android group, too) takes note, were far from the only district going this direction.