Tech:Mex
Mex is a School Management System (SMS) created by MoNoRi-Chan as an Extension from his previous software xPense and a few thousand lines of code that separate his life as a man from his life as an unfeeling ghost.
Features:
- Finance system
- Invoice Tracking & Templating System
- Payment handling
- Deposit Tracking System
- Attendance Checking
- Classroom Grouping
The software is technically a "School Pumbling Works" as it means to reduce labor costs on paperwork handling.
Lore
The Lore of Mex: A Cautionary Tale and a Drive for Excellence
At the teacher's office of [Name Redacted] School, a famous school in his hometown NeoCNX. A young student stumbled upon a secret that would shape their understanding of software and security forever. A young student who brings a laptop to school, full of determination and willing to test his Cain skills, have just obtained school's teacher software. While he was harmlessly tinkering with the school's management application, they discovered a glaring flaw: database login credentials were embedded directly in the client-side code, a treasure trove for any malicious actor with basic packet sniffing skills.
Puzzled and concerned, the student dug deeper. They realized users had unrestricted access to the entire database, potentially including the power to create and drop tables – a potential disaster waiting to happen. The final shock came when the 'SA' database user, the one with ultimate power, shared the same weak password as standard account.
Author's Comment: This is a horrifyingly common scenario, even in professional environments. Convenience often trumps security, leading to vulnerabilities ripe for exploitation.
Haunted by these flaws, the student made a bold decision. Anonymously, they tipped off the school's IT team, detailing the dangers lurking within their system along with leaked passwords he discovered. Then, without causing any damage or seeking recognition, the student graduated and carried the lesson forward.
Years later, this student had become MoNoRi-Chan, the visionary developer behind the Mex School Management System. The failures of [Name Redacted] School fueled a burning desire to create something better. Mex was forged with the following principles:
- Security by Design: Database access occurs exclusively through a tightly controlled Web Application/API layer. Credentials remain hidden on the server-side, inaccessible to prying eyes.
- Principle of Least Privilege: Roles are meticulously designed, and users receive only the permissions absolutely necessary for their tasks, significantly minimizing potential risks.
- Strong Authentication and Encryption: User passwords are never stored in plain text. Sensitive data is encrypted at rest and in transit.
- Compliance to Thailand's Data Protection Laws: Access to the application are logged for up to 90 days as required by law.
Author's Comment: While no system is foolproof, building with security as a foundation dramatically reduces the chance of damaging attacks and protects student data. The lore of Mex isn't simply about fixing past mistakes; it's a testament to the power of learning and improvement. MoNoRi-Chan's journey serves as a reminder: the vulnerabilities we encounter can become catalysts for building a more secure and responsible digital world.
