On June 22, 2026, the hardware hacking community was jolted by a teardown that peeled back the curtain on the technology inside U.S. correctional facilities. Repair YouTuber Hugh Jeffreys, known for his meticulous device reverse-engineering, published a video and accompanying documentation detailing how he obtained a sealed prison-issued tablet, bypassed its hardened Windows 10 kiosk environment, and uncovered a host of alarming hardware and software shortcomings.

The Tablet That Couldn’t Keep Secrets

Jeffreys acquired a tablet from an unnamed supplier through a third-party marketplace. These devices are typically leased to inmates for communication, education, and entertainment, all tightly controlled by kiosk software. The model in question, a ruggedized 8-inch tablet, bore no external branding other than a corrections agency asset tag.

Upon opening the sealed unit—which required defeating tamper-evident screws and a glue-sealed chassis—Jeffreys found an off-the-shelf mainboard powered by an Intel Atom x5-Z8350 processor. Launched in Q1’16, this quad-core Cherry Trail SoC runs at a base clock of 1.44 GHz with burst up to 1.92 GHz. Paired with a paltry 2 GB of DDR3L RAM and a 32 GB eMMC storage module, the hardware spec would have been considered entry-level even a decade ago.

Windows 10 Kiosk Mode: A Single Point of Failure

The tablet booted directly into a custom shell that replaced the standard Windows 10 desktop. This is typical of Windows 10 Kiosk Mode, which uses Assigned Access to lock a device to one or a few Universal Windows Platform (UWP) apps. In this case, the kiosk app gave inmates access to monitored email, a limited internet browser, and a media player.

But kiosk mode is only as strong as its configuration, and Microsoft’s own documentation warns that physical access negates many software restrictions. Jeffreys demonstrated this by interrupting the boot process and invoking the Windows Recovery Environment (WinRE). From there, he used a combination of the on-screen keyboard, the utilman.exe replacement trick, and a bootable USB drive to open a command prompt with SYSTEM privileges. Within minutes, the pristine Windows 10 build 1809 LTSC installation was laid bare.

Years of Missing Patches: A Security Nightmare

The most damning discovery came when Jeffreys checked Windows Update. The tablet was running Windows 10 Enterprise LTSC 2019, a long-term servicing channel release based on version 1809. The last installed cumulative update dated back to August 2023—three years before the teardown. Dozens of critical security patches, including those for remote code execution vulnerabilities like CVE-2024-38080 and PrintNightmare variants, were missing.

Even more troubling, the device had Windows Defender disabled and no third-party antivirus. The firewall was configured with a default rule set, and User Account Control (UAC) was set to never notify. In essence, the tablet was a sitting duck for any malware that managed to break out of the kiosk app—or any inmate who, like Jeffreys, simply followed well-known bypass techniques posted online.

Why This Matters: Inmate Data, Privacy, and Exploitation

While inmates’ digital activities are ostensibly monitored, a compromised tablet could be used to record audio, capture keystrokes, or exfiltrate personal data. The kiosk app itself stored locally cached messages and contact lists in an unencrypted SQLite database. With full system access, Jeffreys could have copied the entire AppData folder without leaving a trace.

The potential for abuse extends beyond the prison walls. A malicious actor inside the facility could use a jailbroken tablet as a pivot point to attack the local network, which often connects to administrative systems. And because the devices are reused between inmates without a fresh OS install—Jeffreys found remnants of previous user profiles—personal information from former occupants remained on the disk.

The Hardware Itself Is a Barrier to Modern Security

The Intel Atom Z8350 lacks hardware mitigations for Spectre and Meltdown class vulnerabilities, and its integrated GPU does not support Windows 11’s TPM 2.0 requirement. Microsoft ended mainstream support for Windows 10 version 1809 in May 2021, and extended support ends on January 9, 2029. That means even if the OEM wanted to update the devices, the underpowered chipset and 2 GB of RAM make a migration to Windows 11 impossible.

The use of eMMC storage, which degrades significantly over write cycles, also raises reliability concerns. Jeffreys noted that the system disk was already reporting SMART errors, and the tablet frequently froze when multiple apps were launched—a clear sign that the hardware was never designed for a secure, long-lifecycle deployment.

Right to Repair Meets Prison Tech

Hugh Jeffreys’ teardown has also reignited the right-to-repair debate, this time in the context of correctional technology. The tablet’s sealed chassis, proprietary charging port, and soldered components make field repairs impractical. When a device fails, it is typically swapped out at a markup, costing taxpayers or inmate families significant fees. Jeffreys’ bypass did not require any special tools—just a $10 USB drive and publicly available Windows PE images—underscoring that the physical tamper resistance was cosmetic at best.

Microsoft’s Kiosk Mode: Hardening or Just a Facade?

Windows 10 Kiosk Mode has long been marketed as a solution for public-facing and single-purpose devices. However, as this case illustrates, the feature is easily circumvented when an attacker has physical access. Microsoft’s own documentation recommends combining kiosk mode with BitLocker encryption, Secure Boot, and device guard policies. The prison tablet had none of these. Secure Boot was disabled, and the eMMC was not encrypted. This configuration would have failed even a basic Windows Security Baseline assessment.

Security researchers have repeatedly demonstrated that Assigned Access is not a sandbox; it merely restricts the user interface. Once the shell is bypassed, the entire OS is accessible. For devices where security is paramount—such as those used by incarcerated individuals, who may have a strong incentive to break out—relying on kiosk mode alone is negligent.

What Comes Next?

Hugh Jeffreys has reportedly notified the tablet manufacturer and the Federal Bureau of Prisons, but as of June 24, 2026, no public response had been issued. In the meantime, the video has amassed over 2 million views, sparking calls for a congressional review of inmate technology standards.

For Windows 10 users and administrators, the incident serves as a reminder that LTSC branches still need regular patching, and that physical access requires defense-in-depth measures. For Microsoft, it highlights the need to evolve kiosk mode into a more robust, containerized solution—perhaps by extending Windows Sandbox technology to kiosk scenarios.

It also raises uncomfortable questions about the digital divide within prisons. While providing inmates with tablets can reduce recidivism through education, devices that are insecure and poorly maintained expose a captive population to risks they cannot mitigate on their own. As Jeffreys put it in his video, “If you’re going to lock someone in a cell, the least you can do is lock their tablet properly.”