Zhang, an electrical engineer in Boston, decided to post about trying to unlock his Justice Tech Solutions Securebook 5 on the social platform X. The thread went viral — also catching the attention of Washington corrections officials, who have used the device for college programming since 2020.
Of particular concern was an article about Zhang’s thread published on a hacker website that shared the default password for the underlying software that starts the laptop’s operating system, presenting what the Department of Corrections considered a security concern.
The department then announced Thursday, five days after Zhang’s viral post, that it would collect all secure laptops from incarcerated students statewide “to provide an immediate system update.” By Saturday, corrections staff had collected around 1,200 laptops, spokesperson Chris Wright said in an email.
Wright confirmed no one incarcerated in Washington prisons had attempted to unlock their devices but said the decision was “made out of an abundance of caution.” It wasn’t immediately clear whether other states whose corrections departments use Securebook 5 laptops have also pulled the devices.
Archived at https://ghostarchive.org/archive/LS3co
e; updated the title due to popular demand
Not victimizing all of the student inmates because the prison invested in a poorly designed system that could potentially be exploited when none of the students have attempted that exploit or were likely even aware of it
that’s not an alternative. i agree that’d be preferable, but given where the situation stands, what’s the concrete action to take to remedy the situation?
The devices should be returned to inmates immediately, prison administrators should then slap themselves in the face one time for implementing them poorly to begin with, slap themselves in the face several times for overreacting to a viral story without having any reason to believe there was an active or imminent problem with any of their inmates, and deliver a tooth-loosening punch to their own faces for thinking they could punish these inmates by taking away their education to cover their screw up.
After that, hire a real IT person who knows what they’re doing by paying them decently allowing remote work and not drug testing, and then listen to them.
i don’t think you understand how IT works… there will always be vulnerabilities… even the NSA probably has vulnerabilities… when found, these vulnerabilities need to be patched. i’m sure they’ll get their devices back; they just need to implement a fix
none of this is perfect, but shit happens and all we can aim to do is minimise the damage when it does happen