Iowa State researchers Robyn Cooper and Warren Blumenfeld (photo by Jaclyn Hansel)

by Larry Magid

A study by Iowa State University researchers Warren Blumenfeld and Robyn Cooper found about half of “lesbian, gay, bisexual, transgender (LGBT) and allied youths are regular victims of cyberbullying, which causes psychological and emotional distress to victims — producing thoughts of suicide in some who are repeatedly victimized.”

“Allied youth” refers to young people who are openly supportive of LGBT youth.

The survey of 444 junior high, high school and college students between the ages of 11 and 22 (including 350 self-identified non-heterosexual subjects) found that 54% of LGBT youth had been victims of cyberbullying within the past 30 days. 45% of the respondents “reported feeling depressed as a result of being cyberbullied,” according to the study’s authors. 38% felt embarrassed, and 28% felt anxious about attending school. The authors reported that “more than a quarter (26%) had suicidal thoughts.”

As study co-author Warren Blumenfeld pointed out in an interview for a CNET podcast, to be considered bullying “it has to be repeated, it has to exist between people of different power relationships, with someone with more social power, physical strength over someone who’s considered to be less powerful.” It also has to occur over time with “numerous occasions for even it to be considered bullying.”

Youth leadership

Blumenfeld said “one of the biggest things that the participants are talking about is that this is a youth leadership issue.” Young people “want to see more training developed so that the peer leaders in the schools can be the ones who can act as positive role models to interrupt this kind of behavior in the schools and within the communities and to show in terms of ‘norms theory’ that this is not acceptable and this is not proper behavior and for the youths themselves to take more responsibility.”

He added that there are “are a lot of actors in the drama of bullying … the perpetrators, those who erk on the perpetrators and those who are the bystanders who know what’s going on and do nothing. There also are those who are the “potential allies, those who for one reason or another don’t feel comfortable yet to interrupt the behavior.” He added that ‘there are the actual allies who interrupt the abuse and there are the targets of the abuse.”

He said “we really need to find better ways to empower the bystander to be an ally.”

On a personal note, Blumenfeld was a childhood friend of mine. We were both bullied in school for, among other things, our last names. Kids called him “Warren Blubberfeld” and me “Larry Faggot.” Ironically, he was the one who was gay and I was the one who was overweight.

The Internet Corporation for Assigned Names and Numbers (ICANN) board at its meeting Friday will consider a proposal from ICM Registry for adult sites to use the .xxx top-level domain instead of or in addition to .com.

This is hardly the first time ICANN has dealt with this issue. It rejected similar proposals in 2000, again in 2006 and most recently in 2007.

In an telephone interview Wednesday night from Nairobi (scroll down for podcast), ICM President Stuart Lawley said he successfully appealed the 2007 decision, paving the way for ICANN to reconsider the proposal on its merits.

The proposal has been a hot button for years, uniting some conservatives and some free-speech advocates in opposition to it. The conservative Family Research Council, for example, opposed the idea in a 2005 press release, arguing that “pornographers will be given even more opportunities to flood our homes, libraries, and society with pornography through the .xxx domain.”

But the American Civil Liberties Union also had concerns. In 2004, ACLU’s Barry Steinhardt told CNET’s Declan McCullagh that “there are nations all over the world that will undoubtedly try to force Web sites into the .xxx (top-level domain) or to block Web sites in it that they somehow view as offensive.” Steinhardt worried that “it will become a worldwide red-light district for the Internet, into which speakers who have free-expression rights and should be able to reach a mass audience will be forced.” (Steinhardt has since retired from the ACLU and is now at the Stanford Center for Internet and Society.)

As an Internet safety advocate, my concern about .xxx is that it could give parents a false sense of security. True, it would be very easy to configure browsers or filters to automatically block sites designated as .xxx, but since this is a voluntary program, there would be nothing to stop adult site operators from also using .com. It would be like setting up a red-light district in a community while also allowing adult entertainment establishments to operate in residential shopping centers.

In our interview, Lawley responded to this concern: “It’s not a great secret and everyone is aware that there is a lot of adult content on the Internet and…it was never my job or the job of .xxx to try to eradicate that.” He expressed hope that “it would become the domain of choice for adult providers because of the benefits it would provide…The idea that this would be a universal panacea and cure-all for the issue adult content on the Web was never the intent.”

Lawley called .xxx “an attempt at credible self-regulation by engaging with other impacted stake holders.” He said that adult sites that use .xxx would be subject to “best business practices” that prohibition of child pornography and malicious software. It would also be “mandatory for .xxx sites to label their sites with machine readable tags. He called it a “win win win situation” for the adult entertainment providers, consumers of adult entertainment, and parents who wished to keep their kids away from adult content.

While I respect Lawley’s sincerely, I’m still not convinced the .xxx is in the best interest of child protection or free speech. As Lawley admits, this isn’t a panacea and, unfortunately, there are no other silver bullets when it comes to keeping kids from wandering into inappropriate online areas. Parents do have the option of installing content filters which are a lot better than they were when the idea for .xxx domains was first introduced, but even those are far from fool-proof. Until someone comes up with a better solution, my recommendation is that parents be with young children while they are online, check-in frequently with preteens and work with children of all ages–especially teenagers–to fine-tune that filter that runs between their ears.

Listen now: Download today’s podcast

by Larry Magid

Internet filters have been around since the early days of the Web and they can play an important role in preventing young children from accessing inappropriate content. But they’re not a replacement for parental involvements — and they’re not for everyone.

Before installing and configuring a filter, parents need to decide if their child needs to have software controlling how they can use the Internet and, if so, how the filter should be configured.

I don’t recommend routine use of filters for teens, especially high-schoolers. For one thing, there are lots of ways for them to get around filters, including accessing the Web from their cell phones, game consoles or other people’s PCs. And since teens are on a fast path to becoming young adults, it’s better to help them develop the filter that runs between their ears. You can’t protect them forever, so help them learn self-control. Of course, there are always exceptions, and some teens do need extra supervision.

Filters can be a convenient way to keep young children from stumbling onto material that might gross them out or disturb them. Young children generally seek out a limited number of sites, but it’s certainly possible for them to stumble onto inappropriate ones.

Seemingly innocent search terms can sometimes bring up inappropriate sites. But rather than install filters on your computer, you might consider configuring the search engine your child uses.

Google, for example, offers a “search settings” option in the upper-right corner of its main page. Click on that and select either “strict filtering” or “moderate filtering” (the default). Strict filtering, which I recommend for young children, filters both explicit text and images. Just below the setting is an option to lock safe search so kids can’t easily turn it off for that browser. Be aware, however, that the lock is browser-specific.

Microsoft’s Bing.com also has a preferences section in the upper-right corner with similar controls. Yahoo allows you to configure its filters if you’re signed in with a Yahoo account.

My safety Web site, SafeKids.com, has a search page that’s locked into Google’s strict safe search. But no safe search option is foolproof. You still need to keep an eye on young kids when they’re online.

Microsoft Windows 7 doesn’t comes with a Web filtering feature, but it has controls that let parents limit when and how long their kids use the computer and to specify which programs kids can run. To use this, you need to create a Windows account for your child, and Microsoft recommends you password-protect your own account so only you can configure your child’s account.

The “time limits” option puts up a grid that lets you drag your mouse over certain hours of specific days that you wish to block. You can also turn on “allow and block specific programs,” which blocks all programs until you approve them. Another option allows you to block or allow games.

Although it’s not built into Windows 7, Microsoft has a free Web filter that works with Windows XP, Vista and Windows 7. Microsoft’s Family Safety program doesn’t give you a lot of granular control over the types of sites your kids can use but it does let you choose between “strict” (which blocks all but child-friendly sites and sites you’ve allowed), “basic” (which blocks adult content) and “custom” (which lets you turn on or off a few categories, including social networking and Web mail.)

Symantec offers a more robust free program called OnlineFamily.Norton, which works with both Macs and PCs. This software gives you a great deal more control over the types of sites you kids can visit and allows you to create a separate profile for each child with recommended settings based on age.

If you already have a security suite, check to see if it includes filtering. TrendMicro Internet Security Pro, for example, includes a highly configurable Web filter. Also check with your Internet service provider to see if it offers a free Web filter.

Filters and other tools are not a substitute for parenting. Regardless of your child’s age and whether or not you use a filter, you should still check in with your kids regularly about how they use the Internet, their cell phones, game consoles and other technology.

When it comes to such issues as time online or obsessive use of the Internet or texting, remember that how you act is often more powerful than what you say. Kids learn by watching and if they see you constantly on the phone or online, they might wind up emulating your behavior.

Resources:
Parental Control & Online Child Protection: An excellent and very thorough review of parental control tools by Adam Thierer, president of the Progress & Freedom Foundation

ConnectSafely.org:  News, tips and commentary on all aspects of Internet safety, especially as it applies to the interactive “social” web.  (Disclosure, the author of this article is co-director of ConnectSafely)

GetNetWise.org: Excellent resources on Internet safety

This article is adapted from one that originally appeared in the San Jose Mercury News

A recent survey from the Pew Internet & American Life Project found that 73 percent of online teens use social-networking sites. Updating their Facebook or MySpace page has become a regular activity for teens as is using these services to catch up on what their peers are doing. But, for the most part, teens are using social networking while they are away from school. Many schools actually ban access to services like Facebook and Twitter and often configure filtering programs to block students from accessing them.

While I can understand why it might not be educationally relevant for schools to allow students to polish their online profiles while in school, I worry that schools are disallowing the very technology that kids are using for their informal communications and learning. As my ConnectSafely.org co-director Anne Collier blogged on NetFamilyNews, “Gutenberg’s press, was pretty controversial back in the day (15th c.) and probably didn’t make it into ’school’ for a while.”

Today, of course, books are a staple in school but, as any trip to a bookstore will illustrate, not all books are appropriate for classrooms. Should educators ban books because some books are “bad?” Of course not. Educators select appropriate books for use in class and incorporate them into the educational process.

The same should be true of social networking. While I’m not convinced that school filters should prevent kids from accessing sites like Facebook and MySpace from school computers during breaks, I can understand why educators would mostly avoid them for classroom use. Of course, there are pages on these sites with educational value, so it makes sense more sense for teachers to be granular by allowing access to appropriate social-networking pages rather than banning them entirely.

Social networking designed for schools
But it also makes sense to think about ways to incorporate specialized social networking tools in class. The Flat Classroom Project is one example where educators have built social-networking sites (mostly using Ning) specifically for use in class and home assignments. Not only does this allow for educationally relevant communication for students in the classroom, but for them to interact with students in far away classrooms both in the U.S. and abroad so students around the world can reach and learn from each other.

Fortunately, the idea of school-based social networking is starting to take hold. It has caught the attention of Mary McCaffrey, CEO of SchoolCenter. School Center, which bills itself as a “Web solutions company in the education market,” is in the process of developing social-networking tools marketed specially to schools. These tools will encourage students to interact with each other, using many of the same techniques they do when away from school but focused on their educational mission.

I spoke with McCaffrey not only about what her company plans to offer but about what many schools are currently missing.

Listen now:

This post originally appeared on CNET News.com

by Larry Magid
This article first appeared in the Summer 2009 issue of Threshold magazine

There was a time when to misbehave in school you had to be in school. These days technology makes it possible for youth to reach through both space and time to harass or bully classmates, regardless of physical location. For example, a group of kids could each be sitting in their own homes on a Saturday night, using their computers to contribute to a website or MySpace or Facebook social-networking page that demeans, harasses, defames, or impersonates a fellow student. The activity is taking place off campus, outside of school hours, and no school equipment is being used. Yet come Monday, that online activity could have a very real impact on campus. Not only might fellow students have seen it prior to arriving at school, they might also access that page at school on school computers or their own mobile phones. It could have a negative impact on the victim(s) or even cause a disruption school-wide.

Bullying is not new. It’s probably been going on in one form or another since humans started inhabiting the planet. What is new is that it’s now possible for kids to use the Internet, their cell phones, social-networking sites, and even game consoles to harm, impersonate, or embarrass others. And because the data is digital, it can be forwarded, archived, and searched pretty much forever.

It is also possible to express oneself in ways that are lewd and offensive and even to appear in or distribute nude or sexually suggestive photos via computer or cell phone that can be viewed from both off and on school grounds. We now have a term for that—sexting—and it too is becoming an issue for educators.

Is it at school, at home, or both?

When we explore the example of kids posting malicious content online on their own time, it’s happening outside the reach of school officials. But is it really outside their jurisdiction? Even though the behavior may be taking place away from school, it could be having an impact on campus. Even though students are creating the webpage away from school, others may be reading it as school.

So what are school officials to do? Should they ignore the behavior, discipline the students involved, or look for an alternative way to deal with the problem? The answer isn’t obvious.

The problem is that technology has complicated a reasonably clear set of policy directions set down by the United States Supreme Court in two landmark cases. In the 1968 case Tinker et al. v. Des Moines, the Supreme Court grappled with a situation in which a group of students was suspended from school for wearing black armbands to protest the Vietnam War. The students took the district to court, and the case eventually reached the Supreme Court, which ruled in their favor.

Speaking for the court, Justice William Brennan wrote, “The record does not demonstrate any facts which might reasonably have led school authorities to forecast substantial disruption of or material interference with school activities, and no disturbances or disorders on the school premises in fact occurred.” He added, “They neither interrupted school activities nor sought to intrude in the school affairs or the lives of others. They caused discussion outside of the classrooms, but no interference with work and no disorder. In the circumstances, our Constitution does not permit officials of the State to deny their form of expression.”

Score one for the right of kids to express themselves on campus.

In 1983, in Bethel School District v. Fraser, the Supreme Court did place some limits on student speech. In that case, Matthew Fraser was suspended for using sexual innuendos in a student government nomination speech of a fellow student.

Fraser was suspended for disruptive activity and, after a series of legal decisions and reversals, the Supreme Court finally ruled that it was appropriate for the school to take action. The court found a big difference between the political protest of the Tinker self-expression and the lewdness of Fraser’s speech. Chief Justice Warren Burger wrote, “Democratic society must, of course, include tolerance of divergent political and religious views, even when the views expressed may be unpopular. But these ‘fundamental values’ must also take into account consideration of the sensibilities of others.” He added, “The undoubted freedom to advocate unpopular and controversial views in schools and classrooms must be balanced against the society’s countervailing interest in teaching students the boundaries of socially appropriate behavior. Even the most heated political discourse in a democratic society requires consideration for the personal sensibilities of the other participants and audiences.”

To simplify these two rulings, it could be said that schools must not punish political expression as long as it doesn’t lead to disruption, but they can impose sanctions against certain types of lewd speech that go beyond the “boundaries of socially appropriate behavior.” Based on that ruling, it would seem pretty obvious that schools have the right—some would say responsibility—to intervene in cases of harassment or cyberbullying. But the case law refers to activities that took place on campus. These landmark cases were decided long before students started using cell phones and Internet browsers that could reach across time and space.

Let’s put this in a modern context. As I said at the start, kids don’t have to be in school to impact what happens in school. Let’s say a group of students decide to create a webpage stating that “Susie is a slut.” Susie might have grounds for a civil lawsuit based on defamation (though she may have difficulty finding a lawyer willing to take such a case), but the students’ statement is clearly not a violation of any criminal law. But what happens if, on the next day at school, other kids start laughing at Susie or making lewd or mean comments? Suddenly the students’ off-campus behavior is having an impact at school and could even jeopardize Susie’s ability to obtain an education.

In that case, says Nancy Willard, executive director of the Center for Safe and Responsible Internet Use, the school may have grounds to intervene. “When it’s outside of school, officials only have the authority to respond if the impact of that speech is going to come to school and will substantially disrupt school or interfere with the rights of other students at school,” she says. “But they don’t have the authority to respond to every- thing else or seek to impose moral values or respond to speech contrary to the school’s mission.”

Willard, who is not a practicing attorney but does have a law degree, believes that schools can and should intervene if the off-campus actions cause “a hostile environment for a student that is preventing that student from receiving an education.” And she adds, “If [the action] applies to a protected class—racial, sexual, or disability—there is a probability that officials have an obligation to respond.”

Scott Laurence, an administrator with the Palo Alto (Calif.) Unified School District, agrees with Willard. He states, “We have the right to intervene if [the activity] has spilled into the educational system and has a direct impact on the educational learning environment. Jurisdiction is always hard, but when you see it has a direct impact I believe that is when we have the right and responsibility to intervene.” Laurence says it is similar t an off-campus fight on a Saturday night that spills over a school. We don’t need to go back to the fight, he says, but we have the responsibility to make sure it’s a good environment on Monday morning.

Jennifer MacLennan, a school-law attorney with Arizona law firm Gust Rosenfeld, says, “The test for being able to discipline the person who set up the site is whether there is a nexus or connection from the off-campus activity or comment to activities occurring on the school campus.” For example, if other kid are discussing the webpage while at school and treating the victim differently, then MacLennan says there is enough of connection that you can discipline the students who create site. Like others, she points out that administrators may get into a battle of competing rights. “The district could be sued for disciplining a child or failing to discipline a child,” she says.

A Dissenting view

American Civil Liberties Union staff attorney Aden Fine challenges the right of schools officials to take any actions for behavior, however offensive, that occurs off campus. “When students are not in school, it’s for parents to decide what students can and can’t say. It is not for the schools to be involved.” Fine says speech on the Internet is protected like all other speech. Even if there is an impact at school, he believes that does not justify suppressing or punishing speech. If a disruption at campus occurs, officials should punish the students who are being disruptive, not students whose speech may or may not have inspired that disruption.

If school officials are to act against a student accused of off- campus online harassment, then districts should gather information about where and when it occurred. “Is it related to a larger pattern of bullying and harassment that’s taking place on and off campus?” asks Sara Levitan Kaatz, school-law attorney with the California law firm of Lozano Smith. She says that courts want to see substantial disruption—not that a kid pulled out a printout of a MySpace page in class and caused a distraction. Rather, districts need to document how many kids are talking about it, if they are accessing it on campus, and if and how it is disrupting the educational experience at school for the victim.

Kaatz says there is a balancing act between free speech and the district’s commitment to keeping a safe environment. “I don’t know a single administrator who wants to violate a student’s free-speech right, but I do know a lot of administrators who wake up every morning wanting to make sure this is a safe school environment for everybody there,” she states.

In 2005, the U.S. District Court of the Western District of Pennsylvania heard the case Latour v. Riverside Beaver School District, in which 14-year-old Anthony Lautour and his parents sued the school for expelling him for writing rap music in his home and publishing it online. The child, who never wrote music at school or brought his songs in, posted a song that contained violent language as part of a rap battle with another musician. The school worried that the songs contained terrorist threats and harassment. Speaking on National Public Radio, Latour’s attorney Kim Watterson said, “You can’t punish based upon words alone… [You need to determine] whether the speaker means to communicate an expression of an intent to do serious bodily harm.” In a preliminary injunction, the court ruled in favor of the student, who was reinstated at school. The settlement included a $90,000 payment and the district’s agreeing to amend its policy regarding circumstances as to when it can exclude students from school based on speech.

In Weedsport Central School District v. Wisniewski, however, the court ruled in favor of the district after an eighth-grader sent messages to friends from home that contained an icon depicting a pistol firing at a man’s head with the words “Kill Mr. VanderMolen,” the student’s English teacher. The Second Circuit District court judge concluded that the icon was not protected speech because it constituted a true threat.

Tom Hutton, senior staff attorney for the National School Board Association, sees it both ways, acknowledging that there is a good deal of uncertainty. Hutton observes that technology changes much faster than law and policy; because some of these issues “play out in schools before they do in the rest of society, school officials need to make decisions before they have clear guidance from the law.”

Hutton notes that states are passing cyberbullying laws asking schools to tackle the problem, while at the same time schools are being accused of overreaching and acting like Internet police. “No matter what you do, a lot people are going to be unhappy,” says Hutton. “You can’t win that debate.” Hutton recommends that school officials become familiar with their state’s cyberbullying laws. Several states are considering cyberbullying laws and at least 13 states have already passed one, including Arkansas, California, Delaware, Idaho, Iowa, Michigan, Minnesota, Nebraska, New Jersey, Oklahoma, Oregon, South Carolina, and Washington.

The specifics of the laws vary by state. Some simply require school boards to have a policy while others are more detailed. California law AB 86 went into effect in January 2009, giving schools the authority to suspend or expel students for bullying via the Internet, in text messages, or via other electronic means. The bill covers activities on school grounds, while going to or coming from school, during lunch period whether on or off campus, and during or while going to or coming from a school- sponsored activity.

Steps schools can take

Hutton, along with every other expert interviewed for this article, argues that disciplinary action shouldn’t be a first response. “If you are confronted with the situation, you need to think of the full range of options you have,” he says. “It may be that in the final analysis some discipline is warranted, but you should ask yourself if there’s a way to solve the problem that doesn’t bring up these legal issues.”

Short of unleashing disciplinary action, there are a wide range of actions available to staff, including confronting the child, bringing in the parents, or even contacting the social- networking sites involved to see if they have any remedies. Hutton says educators also can make sure kids know that actions have consequences. Make sure they are aware that college admission counselors and employers know how to search for names, and victims have rights and can sue the students. In addition, students also can be expelled from social- networking sites for violation of terms of service, which universally prohibit bullying, harassment, and impersonation along with nudity and other inappropriate content.

Molly McCloskey, director of constituent services for the Association for Supervision and Curriculum Development, feels that conversations with students often can go a lot further than confrontations and disciplinary actions. “I come at this from a school-counselor lens,” she says. “Once kids are in school, the adults in school are responsible for the health, safety, and support of each child in that building. Whether it happens off campus or on, it impacts the building and the ability of each child to be successful. So the school needs to respond from a climate lens rather than a punitive lens.”

Regardless of whether the school has jurisdiction to officially intervene in something that happened off campus, it has—in McCloskey’s opinion—the responsibility and moral authority to educate and try to prevent bullying before it becomes an issue. “The school is responsible for what happens inside the building, but the most powerful way that schools and communities can deal with this situation is to be aligned way before it happens,” she states.  Coordination with other agencies is the key to success. “If the value of school, social-service agencies, Boys and Girls Clubs, and other groups are all in harmony, then this sort of situation is less likely to happen,” asserts McCloskey.

Camille Townsend, an attorney and Palo Alto, Calif., school board member, advises parents and educators to start with a non- disciplinary approach: “If your kid is being bullied, you look for help wherever you can find  it. If the student is being a bully, certainly their parents don’t want that to happen either. Rarely do you get a parent that doesn’t want that to stop.” Getting both sets of parents involved can often stop the problem.  “The school can operate with a pretty gentle glove to get things to the point where they need to be,” she says.

This article first appeared in the Summer 2009 issue of  Threshold, a now-defunct magazine published by Cable in the Classroom.

The Webcam spy case in the Lower Merion School District near Philadelphia has raised concern as to whether others with Webcams are vulnerable to remote spying. The school district admitted to activating the Webcams 42 times during a 14-month period, claiming that it did so only to track lost or stolen laptops.

But for anyone with a Webcam (and Webcams are now built in to many laptops and desktops), the question is whether you are vulnerable to having your Webcam remotely turned on. The answer is yes, though the newest version of the software used by the district to monitor its computers can no longer be used to activate Webcams or even track stolen computers.

According to Harriton High School student Phil Hayes, officials at the Lower Merion School District used a program called LANRev to manage and track the Macintosh laptops issued to students. The product was published by Pole Position Software, which was acquired last year by Vancouver, B.C.-based Absolute Software. An Absolute Software spokesman verified that it is also his understanding that the school used LANRev software.

The Philadelphia Inquirer reported that Mike Perbix, a network technician from the district, had recorded a Webcast where he talked about his use of LANRev. In a YouTube video attributed to Perbix, he says, “I’ve actually had some laptops we thought were stolen which actually were still in a classroom because they were misplaced, and by the time we found out that they were back I had to turn the tracking off and I had a good 20 snapshots of the teacher and the students using the machines in the classroom.”

In one portion of the Webcast (not in the YouTube video), Perbix says, “You can go into curtain mode, so if you’re controlling someone’s machine and you don’t want them to see what you’re doing you just click on the curtain mode icon…you can take a snapshot of the screen by clicking on the little camera icon.” Scroll down to the end of this post to listen to a 28-second audio excerpt from the Webcast, in which Perbix talks about “curtain mode.”

The blog Stryde Hax has more detail about Perbix’s reported activities.

End users can no longer track machines
Absolute has changed the name of the program to Absolute Manager and will be marketing it for remote management of PCs, Macs, and iPhones, but the product will no longer be used for theft or loss recovery. For those functions, Absolute offers Computrace for enterprise customers (including schools) and LoJack for Laptops for consumers.

Unlike LANRev, Absolute’s current theft recovery products can’t be activated by end users, according to Vice President for Global Marketing Stephen Midgley. I interviewed Midgley by phone from his office in Vancouver.

Both the Computrace and LoJack products can be used to turn on a Webcam and photograph the user in the event of a theft investigation. But unlike the old LANRev, only Absolute engineers can track devices and activate recovery features. Company policy, according to Midgley, prohibits them for doing that until a police report is filed. “For us to begin a theft recovery process, we need a case file from the police,” he said.

Two of the recovery methods are GPS and Internet Protocol location tracking. Absolute tracks the location of devices every 24 hours, but once a device is reported stolen it increases to once every 15 minutes, according to Midgley. “That allows us to pinpoint the location of the device…we then provide the details over to the local law enforcement, who then go in and recover the device.” Midgely said the recovery team is made up of former law enforcement officers and that the company has relationships with well more than 1,000 law enforcement agencies across North America.

Midgley said the company doesn’t typically use Webcam photography, even if it’s available. “The photography doesn’t always take a picture of the criminal, and it’s not always permissible in a court of law,” he said. Often, the person who is photographed using the laptop is not the person who stole it. By the time it’s been reported, the laptop has been sold, and the person using it isn’t the same person who stole it, “so taking a photograph of them really proves no value. In that case, it’s not a photograph of the criminal. It doesn’t really help find out the location of the device,” he said.

Other ways to control Webcams
There are, however, other ways to remotely turn on a laptop’s Webcam. For one thing, there are many legitimate programs on the market that are used to control “nanny cams,” or Webcams used at vacation homes and other remote locations. If someone has physical access to a computer, it would be possible to install this software and turn it on remotely.

There are also programs such as GoToMyPC that are designed specifically to allow users to remotely control a machine via the Internet. Once connected, the person has complete remote control over the host computer, including the Webcam, microphone, and other features.

This picture was taken via GoToMyPC from a remote computer.

(Credit: Larry Magid/CNET)

To be certain that GoToMyPC can be used for this purpose, I downloaded a copy to a laptop and accessed it from my desktop PC via the Internet and then used my desktop PC to activate the camera on the laptop. To be fair, GoToMyPC puts up a notice on the remotely controlled machine indicating that there is a session in progress, but that notice can be immediately taken down from the remote computer.

You need physical access to a computer to install GoToMyPC, but it’s not uncommon for stalking victims to sometimes be in the same location as the stalker.

Malware can turn on Webcam
There are also Trojan horses and other malware programs that can be used to take remote control of a computer. According to Mike Geide, senior security researcher at cloud security company Zscaler, “there are several exploit kits out there that include rootkit functionality that allow (people) to interact with the operating system however they want, and that includes turning on specific services or running applications in the background that would include applications to report Webcams, record audio, or turn on a built-in internal microphone.”

Geide recently blogged about a Chinese government Web site that had been hacked to post malware to utilize an Internet Explorer 6 vulnerability to plant Backdoor:W32/Hupigon which, according to F-Secure, is “a remote-administration utility which bypasses normal security mechanisms to secretly control a program, computer, or network,” and “allows for recording with the user’s Webcam.”

TrendMicro education director David Perry stressed the importance of being aware of vulnerabilities. “It would do a public service, if we could make the public more aware that when you hook something like a Webcam up to your system that making it secure is your responsibility,” Perry said. “By default, it’s insecure.”

In October 2008, TGDaily reported on a “game” that could “mislead people into clicking on a link that can then remotely control the user’s Webcam and microphone.” This YouTube video shows a proof of concept of a simple game that could cause a user to turn on the remote camera for an attacker.

While security software can protect you against much of the malware, it can’t necessarily protect you against the misuse of legitimate programs designed to remotely enable a Webcam or remotely operate a PC. For that, the user has to be aware of what is running on the machine. While a sophisticated PC or Mac user may be savvy enough to determine if there are remote-control programs running on their systems, there are plenty of people who wouldn’t have a clue.

I spoke with a student at Harriton who said some students are employing a very low-tech solution to block their Webcams: they’re pasting black tape over the lens. Now all they need to do is figure out how to disable the microphone.

Click below to listen to a 28-second portion of Mike Perbix’s Webcast, where he talks about “curtain mode.” Audio taken from a longer Webcast downloaded from MacEnterprise.org.

Listen now: Download today’s podcast

This post originally appeared at CNET News.com

Students at Herriton High School in Lower Merion School District near Philadelphia are given Apple MacBook laptops to use both at school and at home. Like all MacBooks, the ones issued to the students have a Webcam. And, in addition to the students’ ability to use the Webcam to take pictures or video, the school district can also use it to take photographs of whomever is using the computer.

In a civil complaint (PDF) filed in federal court, a student at the school, Blake Robbins, said he received a notice from an assistant principal informing him that “the school district was of the belief that minor plaintiff was engaged in improper behavior in his home, and cited as evidence a photograph from the Webcam.”

The district said in a statement that the “security feature was installed to help locate a laptop in the event it was reported lost, missing or stolen so that the laptop could be returned to the student.” The district further explained that “upon a report of a suspected lost, stolen or missing laptop, the feature was activated by the district’s security and technology departments. The tracking-security feature was limited to taking a still image of the operator and the operator’s screen.” The district claims it has “not used the tracking feature or Webcam for any other purpose or in any other manner whatsoever.”

Subsequently, district Superintendent of Schools Christopher W. McGinley sent a letter to parents saying that the security tracking feature is being disabled and that there will be “a thorough review of the existing policies for student laptop use” and a “review of security procedures to help safeguard the protection of privacy, including a review of the instances in which the security software was activated.”

In the mean time, the Associated Press is reporting that the FBI is investigating the district and “will explore whether Lower Merion School District officials broke any federal wiretap or computer-intrusion laws,” according to an unnamed official who spoke to the AP.

In an interview with CBS Evening News, plaintiff Blake Robbins said he was unaware that the camera could be activated at his house. “I thought that there was no way that they could do that at my home,” Robbins said, adding that the assistant principal “thought I was selling drugs, which is completely false.”

On the CBS Early Show, Harriton High sophomore Savannah Williams said she keeps the laptop in her bedroom and says that its on while she is “getting changed, doing my homework, taking a shower, everything.” She said she takes it into the bathroom with her to listen to music while showering. “I was shocked,” she added. She said “everyone is talking about it at school…everyone was really worried about ‘what are they watching me doing.’”

At least one student at Harriton isn’t particularly worried about the administration spying on students. In a podcast interview, 16-year-old junior Jon Brodo said “I don’t think anyone knows the true story…the problem is in this case is that there are so many rumors going around.” He said that he is somewhat concerned, but “I do trust that the school district knows its bounds.” Brodo said that most students, however ,”it’s been pretty hectic. It’s the conversation of everybody. I’ve seen the kid (plaintiff Blake Robbins) in the hallways. The atmosphere is definitely pro the kid and antischool district.”

On its Web site, Lower Merion School District says that it was one of the first districts in the country to issue laptops to all high-school students. And that is an extremely laudable effort on the part of the district to bring learning into the 21st century. It’s also commendable that the school put some thought into a recovery system to help locate lost and stolen laptops but it’s quite unfortunate that they used a system that enables administrators to take photographs of students using the machines away from school.

Of course, no judge has yet ruled on the plaintiff’s claim and the school has denied that it has used the cameras for anything other than helping recover missing machines. But even if that turns to be the case, the mere fact that staff members had the ability to turn on the camera remotely is problematic. While it’s fair to assume that the school could monitor what students do with district owned equipment (just as employers can with equipment used by employees even when they’re away from the office), I can understand why students and their parents would be shocked to learn that officials could remotely turn on the camera.

Listen to interview with student Jon Brodo

This article first appeared on CNET News.com

by Larry Magid

It’s an unbelievable story.  A suburban Philadelphia school district is being sued in federal court for allegedly using webcams to spy on students and their families at home.  On its website, the Lower Merion School District says that it was “one of the first school systems in the United States to provide laptop computers to all high school students.”

The parents of student Blake J. Robbins are suing the district, the school board and the school superintendent  for invasion of privacy for “indiscriminate use of ability to remotely activate the webcams incorporated into each laptop issued to students by the School District,” according to the complaint* (PDF).

The laptops were issued to students through the use of state and federal grants as part of a “21st century learning environment” for the students.   The laptops are Apple Macintosh’s equipped with webcams. Students, according to a statement on the district’s website “are free to utilize this feature for educational purposes.”

On Thursday, the district issued a statement acknowledging that “the laptops do contain a security feature intended to track lost, stolen and missing laptops, but that “this feature has been deactivated effective today.”

The statement claims that because “laptops are a frequent target for theft in schools and off school property,” the “security feature was installed to help locate a laptop in the event it was reported lost, missing or stolen so that the laptop could be returned to the student.”

Indeed the feature can be used remotely to take a picture of the person using the laptop.  The district further said that ” The tracking-security feature was limited to taking a still image of the operator and the operator’s screen” but that the feature ” has only been used for the limited purpose of locating a lost, stolen or missing laptop. The District has not used the tracking feature or web cam for any other purpose or in any other manner whatsoever.”

According to a blog post on BoingBoing, “the issue came to light when the Robbins’s child was disciplined for “improper behavior in his home” and the Vice Principal used a photo taken by the webcam as evidence.”

The plaintiffs allege that the school district’s actions were in violation of 18 U.S. Code 2701, “Unlawful Access to Stored Communications.”

The Associated Press reported that the Robbins family “suspect the cameras captured students and family members as they undressed and in other embarrassing situations.”

A good thing gone bad?

The irony here is that the school district was being very progressive in issuing laptops to students.  Not only do school-issued laptops help reduce the digital divide by providing computer access to all students, they can greatly enhance students’ educational experience by allowing teachers to more easily integrate the use of software and the Internet into class instruction.  I applaud Lower Merion School District for being so progressive as to issue machines to students but, of course,  these allegations — if true — are horrendous.   While it makes sense for school officials to be able to track stolen machines, it would be incredibly wrong for them to use the tracking technology to spy on students. Even if, as district officials claim, the technology is only used to help track down lost or stolen machines, the mere ability of officials to peer into a students’ homes is way behind acceptable.  It was smart of the district to agree to stop the practice and it would be even smarter of them to remove any software that makes it possible to activate a webcam remotely without the knowledge and permission of the machine’s user and his or her parents.

*This PDF of the complaint was downloaded from the blog America’s Right. Although it appears genuine and its contents are consistent with news stories about the suit, I can not verify with certainty that it’s an authentic copy of the complaint.

by Larry Magid

Make sure there are no kids in the room if you plan on trying out the Chatroulette video chat service. While I was able to have a couple of very nice conversations with fully clothed polite individuals, I saw some things I would rather have avoided as I tested this relatively new service.

When you first enter the site you’ll see two large black boxes and a blank area for text chat. As soon as you click “play,” you’ll see a stranger’s picture in the top box and–at least on my machine–a notice asking if you wish to allow the site to access your video camera. If you click “allow,” you’ll see your picture in the bottom box.

Larry chats with unidentified stranger (face blurred out to protect privacy)

(Credit: Larry Magid via Chatroulette)

And that’s where the fun–or nausea–starts. If you don’t strike up an immediate conversation with the first person you see, you can press Next to go to the next person–kind of like spinning a roulette wheel. In my case, mostly what I saw were the heads of young men and as soon as they saw me, they apparently clicked Next because they were gone in a second. I saw a couple of young women who also quickly dismissed me as a candidate for a video chat.

On a couple of occasions, I saw people who hung around long enough to start a conversation either through the Webcam microphone or by text chat. One was an advertising copy writer from Toulouse, France. The other was a college student from Sao Paulo, Brazil. In both cases they were doing the same thing I was–checking out the technology and grateful to have an intelligent discussion with someone equally curious about Chatroulette.

Images you might not want to see
Unfortunately, I also saw some things that I didn’t find particular appealing, including a few men who were touching themselves while the camera focused on their genitals. I didn’t hang around long enough to start up a conversation. There is only so far I’m willing to go in pursuit of a story.

The site, according to an article in The New York Times, is operated by a 17-year-old high school student in Moscow. “I created this project for fun. Initially, I had no business goals with it,” site creator Andrey Ternovskiy told Times writer Brad Stone in an e-mail interview.

There is nothing new about chat and, actually, nothing new about video chat. Back in the 1990s there was a service called CUCME (as in “see you see me”) that let you strike up a video chat with strangers. I remember trying it when I got my first PC video camera and encountering a topless female on one of my first forays. I got out of that immediately, not knowing her intentions or, for that matter, her age. Had she been under 18, I might have been inadvertently been breaking the law had I stayed for a chat.

Parents beware
Parents need to be aware that this service is out there and getting increasingly popular. Not only is it not appropriate for children to see some of the images I saw when testing the service, it’s clearly not appropriate for kids to be showing themselves–even if fully clothed–to strangers via a video chat.

There was a time when I advised parents to avoid letting their kids use a computer with a Webcam, but many computers, including most laptops, now have them built-in. If you are concerned, about your kids’ use of a Webcam, you might want to contact the PC maker to find out how to disable it. On a Windows machine, you can open up the device manager, click on Imaging devices, right click on the line for your integrated camera and select disable–do not select uninstall unless you want to completely remove the software that operates the camera.

If you have a parental control filtering program you can also block Chatroulette.com but, for most families, your first line of defense should be to talk with your kids.

Jeff Dess, an Atlanta-based prevention specialist with Cobb County Schools and author of Turn Up The Music: Prevention Strategies To Help Parents Through The Rap, Rock, Pop And Metal Years, has seen cases of elementary and middle school kids using Chatroulette and similar video chat rooms. He warns parents that sites like these are inappropriate for children because “you don’t know who you’re chatting with and there is no supervision.” Unlike most social-networking sites, there is no requirement to sign in and there are no profiles. You just go to the site and start your video chat.

Dess said that a conversation is more effective than a technological solution. “The message I share with parents is that it’s fine if their elementary or middle school kids use a supervised chat room with three or four of their friends, but I wouldn’t allow kids to go into unsupervised chat room to chat with people they don’t know.”

Dess recommends you have a discussion with your child even if you’re not aware if he or she has used a site like Chatroulette. You could start with an opening comment like “I’ve heard about kids going into video chat rooms to interact with people they don’t know. Have you heard about this? What do you think about it?” If the child says they have used or know of such a site, it might be a good time to talk about an appropriate code of conduct. If they’re oblivious to it, said Dess, “you can just drop the subject.” For the time being at least.

The site has a disclaimer saying it’s for users older than 16, but unlike most sites with age restrictions, it doesn’t ask users to enter a date of birth.

This article first appeared on CNET News.com