An enthusiast recently “jailbroke” a laptop used by prison inmates for educational courses, ultimately resulting in sensitive passwords being posted online. This has now spurred prison officials to confiscate 1,200 laptops from incarcerated students.
When we reported on the infamous “prison laptop” (or Securebook 5) in February, it was covering Twitter user @zephry_wenting busting open the device by painstakingly replacing the BIOS without removing power to the board and then replacing the default OS by soldering a USB hub onto the laptop. Following the installation of Ubuntu MATE and FreeDoomone would assume that was the sunsetted end of our pleasant laptop prison break escapade.
Unfortunately, it seems to have collapsed into a series of events, including prisoners having their directly acquired Securebook 5s taken away, around 1,200 units to be exact. According to a piece by Open Campus Media, this happened because Hackaday’s coverage included the default password for the OS. The Twitter posts and YouTube videos cited are both now deleted or made private.
Original poster Wenting has already gone on record, saying, “If I knew beforehand, I wouldn’t post the original thread.” Unfortunately, the government’s move to mass-confiscate prisoners’ laptops (often locking down the prisoners to do so) still came despite Justice Tech head Jeremy Schwartz’s assurance that the work of outside hackers could not be duplicated inside prison walls.
The timing of this move is regrettable because these aren’t purely leisure devices by any measure. The laptops were taken immediately before the Winter Quarter Finals of community college classes, which is a pretty pivotal deadline to have your most efficient writing and research consumption tool taken from you. These laptops could run outside of a dock. Still, they could reportedly only upload or download information while connected to one, meaning a lot of existing classwork may already be permanently lost.
Say what you like about the prison-industrial complex. Still, it’s at least a little unreasonable to jeopardize the education of people attempting to better themselves in a highly controlled environment. We hope the students have their laptops returned or replaced with their original files intact soon. There was no evidence before this pre-emptive move that anyone inside prison walls was aware of the exploit, could even be made aware of it, or would even be capable of utilizing it to any meaningful extent.
Realistically, those who can secure their tools for adding a USB hub to a laptop that doesn’t have it inside prison walls can almost certainly secure a regular PC or phone in the same scenario. People already operating within the boundaries shouldn’t be punished for doing so.
