Did Google hack a middle school?
For Google, a dispute over student information found online via Google has turned into a legal fight. On Friday, North Carolina Superior Court judge Richard D. Boner (yes, that's his name) issued a temporary injunction ordering the search engine to remove information about the Catawba County Schools Board of Education. The dispute began last week when the Hickory Daily Record reported that a student's parent had found the names and Social Security numbers of 619 middle-school students in a Google search. The school claimed that Google had broken through the password protection on the school's website to access the page; a Google spokesman said that was impossible.
Techdirt feels that the school should get its own injunction against stupidity. "It certainly sounds like the school district left the information open, and doesn't want to admit it," observes Techdirt, and the injunction seems pointless, given that a lawsuit is "bound to fail." SearchEngineWatch doesn't buy the school's story, either: "Someone at the school must have left an opening for Google."
What do you think? Did the school system do enough to protect its students' personal data? Leave a comment below.
The school's webmaster should be fired (or at least receive detention) for not only incompetence, but also for clearly false accusations. Even using the most basic authentication mechanism, Google's spidering engine would have been powerless to surpass it. Let's hope the school's administrators are fiercely reprimanded for placing their students' personal information in jeopardy.
Sounds like someone at the school left something open. They should wake up and improve their security.
I'd have to agree with the thought that the school district is to blame, obviously they left the data unprotected. Even if their web server was vulnerable, they shouldn't have had private or sensitive information on it in the first place. It seems the school and district need to do some learning of their own or hire someone that actually knows what they are doing.
It has nothing to do with Google. They were just stupid enough to leave the data open - the Google scooped it up like it was any other web based data.
I have 2 questions....First, how is it possible for a search engine to 'hack' a web site and second, who in their right mind came up with a first and middle name for the Judge in this case!?
It is definitely stupidity on the school's part. It makes them look even worse to try and pin the blame on Google rather than admit the mistake and then take the proper steps to correct it. Instead of blaming someone else, they need to revisit their security policies and make sure that the people they hire don�t make the same mistake again.
Did the middle school kids configure that network or something??
Sounds like a load of stupid running that IT dept...
It's pretty clear to me. That this is even getting media attention is ludicrous, and only because Google's name is tied to it. If Google's algorithm's picked it up, it obviously was on an unsecure section of the website. I agree with someone above that the webmaster should be fired for his negligence. But he does get kudos for snowing an entire school board and a court into believing it may have been Google's fault.
Another case of people that do not understand computing claiming that "it's not their fault". I am sure they used a simple password protection scheme (htpass) without any form of encryption/SSL. Of course a search engine robot is going to recursively search pages so encrypt the data in a secure data base (not in a HTML doc). What a bunch of idiots. Hope banks do not hire anyone from that school.
Whoever set up the schools site should be fired.
This is just another case of someone playing the blame game. And as usual IT runs downhill. When the President, Vice President, and Congress do it other people will follow suit. At the root is incompetence and people's inability to realize they can learn from their mistakes. What happened to humility? Unfortunately, these people are "teaching" impressionable children. Ironically, these children probably knew more than the school administrators that a search engine does not "hack" into computers. Even I knew better than that. Remember: Question everything! (End of rant).
What ever the case. Before you put the content open for public don't you have responsibility of inspecting it....
Hey the secondary and below level schools of today have no real experienced computer person to know what is safe and what is not safe when information is released on the internet. So schools need a safety net, which will not allow all information to be released to others.
Simple questions. What would a large dominant top of the line tech company gain by hacking into a little school gain? Any pro hackers can get into these schools if they really wanted to, but since they don't why would google want to?.......Google's got better fish to snap at.
Question: If I leave my front door open and a thief walks in and steals my computer, does the fact that my door was open negate the fact that he entered my house without my permission? Google crawls onto things maybe it should not?
What I want to know is why is that info sitting on a webserver at all. That type of info belongs on the intranet, not the internet.
And I thought our school district was total crap.
Hah he probably had a plain text database set up and the html file that read it was password protected, but not the database itself.... so google unknowingly "found" the database. Thats greatness.. Another prime example of retarded admins.
CNNMoney.com Comment Policy: CNNMoney.com encourages you to add a comment to this discussion. You may not post any unlawful, threatening, libelous, defamatory, obscene, pornographic or other material that would violate the law. Please note that CNNMoney.com makes reasonable efforts to review all comments prior to posting and CNNMoney.com may edit comments for clarity or to keep out questionable or off-topic material. All comments should be relevant to the post and remain respectful of other authors and commenters. By submitting your comment, you hereby give CNNMoney.com the right, but not the obligation, to post, air, edit, exhibit, telecast, cablecast, webcast, re-use, publish, reproduce, use, license, print, distribute or otherwise use your comment(s) and accompanying personal identifying information via all forms of media now known or hereafter devised, worldwide, in perpetuity. CNNMoney.com Privacy Statement.