Moral Dilema

[qwertyman66]

I am currently in the sixth form of a secondary school in England. The school has recnetly installed a wireless network on top of it's existing one. I know they know about basic network security with a wireless network because most of the access point require WEP to use. However, about a fortnight ago several of them in the sixth form block appear to have reset to factory settings. This means they use default SSID (3COM) and require no WEP. I know that they work as people in the block can connect to the network via them. Unfortunatly, it also allows people to use unauthorised laptops on the network as well. They haven't worked out how to do much yet, but just looking at the network settings suggests they have the same levels of general access (i.e. same DHCP server, DNS, default gateway etc. but no access to user accounts though) as the authorised laptops. This has not yet been reported to the network admin staff.
Here is the tricky part. The admin staff are NOT the most friendly staff in school. I am worried that if I report it in person that I will be accused of "hacking" the network and get suspended. I don't need that on future University applications. I am also worried that they will succeed in getting the laptops banned. They seem to dislike them already and this could give them that excuse to ban them.
What should I do here? I want the hole closed, but I also want to avoid any trouble. Any advice you can give would be very welcome.

[JewishIntent]

Send a letter. Simple and non traceable as long as you put it in a mail box and not your personal one. Just make sure to type it on a typwritter or on a commonly used pc that doesn't require you to log on to use like at a public library. No way to trace who wrote the letter, at least none the school would be willing to use, and you will be free of all suspision.

another way you could go about it: if you know of anyone that is illegaly using this no wunsecure network you could still bring it to IT's attention in person, but make sure you have specific examples of people who are abusing the access points. This way you can still bring it to light that this needs to be fixed, and they will be way more apt to go after the person/people you supply to them instead of assuming yo uwere involved yourself. This second option is a little moral in my opinon, b ut there is still nothing wrong with it. The only reason i say i feel its less moral is because i strongly believe that even if i know someone is doing something wrong, as long as it doesn't affect me, anyone i care about, or anything i care about i leave them to it. Granted they are breaking rules and should be punished technically but eh.

[foxyloxley]

the last time this came up it was in America
and Tiger Shark offered to 'mediate'

so that the OP was insulated from the scene, and it was done that way [I believe]

if you wish to PM me details of :
problem
address
name and mail addy of person to contact

and let us all come up with a covering letter
I'll send it via my own account

I live in the NW
I hope you live anywhere else

and we could let em know that way

but they need to know
unauthorised PC's on a system will kill it quicker than almost anythong else

[Cider]

qwerty send them anon letter explaining the situation, also I think you must provide a solution to there problem or most likely they will throw the laptops out. Just a thought.

[DjM]

Send the Admin's an anonymous email. (google send anonymous email) This way you deal with your Moral Dilema and notify them at the same time. After that, it's up to them to plug the hole.

Here are a couple I found through google:

http://www.1netcentral.com/anonymous-email.html

http://www.mytrashmail.com/anonymous_email.aspx

Cheers:

[foxyloxley]

as an idea

It has been brought to our attention that there is a serious security issue with your system
I have been asked to forward details to you, as the person who believes they have found the issue is worried that there might be repercussions, as in they might be suspected of 'hacking' said system.

the issues are as follows
..............................................

a suggested fix is as follows
...............................................

regards
foxyloxley

[qwertyman66]

Thanks for all the quick advice. I have decided to send them an email giving them locations of where the offending access points are. Hopefully they will respond to that. If they don't then I think I'm going to mention it to one of my more friendly teachers (Head of ICT). Hopefully that will fix the issue.
Thanks for the offer foxyloxley, but I don't think I'm going to take it up. If they get too grumpy, then hopefully the fact that I have reported it to a member of staff in person will suggest that I have nothing to hide regarding the issue. Fingers crossed.

[foxyloxley]

don't forget that this thread is proof, of sorts, of intent, and it's got a time stamp too

bookmark it ..............

[Synja]

You're reporting that other people have been doing it.

I don't see this as being an issue. It's only when YOU are the only one who knows about it that suspicions are cast as to why you would know such a thing.

[Galdron]

Originally posted here by Synja
You're reporting that other people have been doing it.

I don't see this as being an issue. It's only when YOU are the only one who knows about it that suspicions are cast as to why you would know such a thing.

Well it might be interpreted as the criminal who calls the police regarding a crime (he or she) actually commited to divert suspicion.

I would go the anon. route. Plus you don't want your peers thinking of you as "The Rat".

my $0.02