“Now I know your face, I will  find you… I will get you.”

This threatening message confronted a Grady student after his Mac laptop’s webcam turned on without his command. During the peak of a wave of hostile computer takeovers that began around Labor Day, students exploited the sharing capabilities of Mac computers on the school network to remotely control other Mac computers.

The first incident, which appeared in an Atlanta Police Department offense report, took place on August 28 in social studies teacher Mary Carter Vanatta’s classroom. Mouse pointers moved without anyone touching the laptop, and “big booty” websites appeared on screen.

“Someone was taking over students’ computers and doing things that were fairly benign but very annoying,” said Carrie MacBrien, Communications and Journalism Pathway Leader when speaking of initial incidents.

Six days later, on September 3, more serious reports provoked the confiscation of the MacBook laptop carts.

“The computers stopped letting us type, the mouse started moving by itself,” said sophomore Bryan Young. “It went to Youtube, and searched up horse pornography. Then the pornography started playing.”

Young was in mathematics teacher Jermaine Ross’ 3B class when the explicit video began playing, and then quickly spread to approximately half of the class’ computers.

“Some people felt violated, while others thought it was funny,” sophomore Starr Ferguson said.

Ross immediately took action, shutting down the MacBooks before notifying the administration. Administrators then contacted the Atlanta Police Department, who assigned Resource Officer M. Williams to the investigation. Principal Timothy Guiney said that the APD and Grady staff worked together to gather information about the wrongdoings.

The police report describing the offense only notes three classrooms as being “hacked,” however additional teachers were affected, including graphical design teacher Patricia Kendall.

“Ironically, the incident happened on the day that my class was creating computer lab safety videos,” Kendall said.

Kendall’s incident was distinct because it involved Mac desktop computers, rather than the MacBook laptops described in the police report’s accounts. Thaddeus Roberts, Grady News Now advisor, and David Winter, Southerner advisor, both allegedly experienced similar issues with Mac desktops in their classrooms.

A concurrent investigation by the APS information technology department revealed that the “hacking” was not as complex as it may have appeared.

“[The information technology department] was trying to get to the root of the issue and [they] determined that it was likely just the sharing capabilities as opposed to any real hacking,” MacBrien said.

Despite the simplicity of the exploitation, the IT department confiscated the Mac laptops so that they could be reimaged, and stripped of their sharing functions.

The vulnerability in the Mac sharing systems existed due to the wide knowledge of Grady’s administrative password.

“Teachers have been writing it up on the board without any consideration that when you say it’s an admin password, it’s a high level security threat,” Kendall said.

One of the students involved in the exploitation explained that entering an administrative password allowed complete access to the target computer.

“It was pretty simple,”the student said. “And I don’t even know that much about computers.”

The IT department worked in conjunction with Guiney, deciding to reset the administrative password to prevent any further “hacking.” The new password will only be made available to two high-level staff members. Media specialist Victor Montero predicts that taking the right steps can avoid inconveniences.

“If you from the outset set the configuration to what people need for day to day business, they wouldn’t need the password,” Montero said. “I think what happens is it’s just so locked down right now that people end up needing the administrative password all of the time.”

Teachers only hope the increased security will not come at the cost of efficiency.

“[Entering the administrative password is] not something that you need to be waiting on for someone to come up and do because these things have to happen immediately because we have deadlines,” said Roberts. “It’s unfortunate that this is the way things are going to be.”