funsec mailing list archives
Re: Youth expelled from Montreal college after finding "sloppy coding" that compromised security of 250, 000 students personal data
From: Jim Murray <jim () digitaldaemons co uk>
Date: Tue, 22 Jan 2013 11:05:39 +0000
Bad example to set for others - these companies really need to think before they reach for the lawyer.
Next time some student discovers a flaw in a piece of software what's he more likely to do now...
A : Report it and get threatened/kicked out of college/arrested or B : Sell the exploit on the underground anonymously and make some cash.Corporate behavior like this is damaging both to the corporation and to society, the sooner that lesson is learned the better for everyone.
Jim. On 21/01/2013 3:26 PM, Rich Kulawiec wrote:
(h/t to Nadim Kobeissi) Youth expelled from Montreal college after finding "sloppy coding" that compromised security of 250,000 students personal data http://news.nationalpost.com/2013/01/20/youth-expelled-from-montreal-college-after-finding-sloppy-coding-that-compromised-security-of-250000-students-personal-data/ Same old story, complete with the customary vacuous denial-by-assertion: "We acted immediately to fix the problem, and were able to do so before anyone could use it to access private information." Riiiiiiight, so you weren't good enough to avoid creating the vulnerability in the first place, yet you are somehow omniscient enough to know that nobody, that's right, NOBODY, exploited the hole before you fixed it. ---rsk _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Youth expelled from Montreal college after finding "sloppy coding" that compromised security of 250, 000 students personal data Rich Kulawiec (Jan 21)
- Re: Youth expelled from Montreal college after finding "sloppy coding" that compromised security of 250, 000 students personal data Jeffrey Walton (Jan 21)
- Re: Youth expelled from Montreal college after finding "sloppy coding" that compromised security of 250, 000 students personal data Jeffrey Walton (Jan 21)
- Re: Youth expelled from Montreal college after finding "sloppy coding" that compromised security of 250, 000 students personal data Rich Kulawiec (Jan 24)
- Antigua Gov launching legal pirate site? Blanchard, Michael (InfoSec) (Jan 25)
- Re: Antigua Gov launching legal pirate site? Jeffrey Walton (Jan 25)
- Re: Antigua Gov launching legal pirate site? Dan White (Jan 25)
- Re: Antigua Gov launching legal pirate site? Jeffrey Walton (Jan 25)
- Re: Antigua Gov launching legal pirate site? Stephanie Daugherty (Jan 25)
- Re: Antigua Gov launching legal pirate site? Dan White (Jan 25)
- Re: Youth expelled from Montreal college after finding "sloppy coding" that compromised security of 250, 000 students personal data Rich Kulawiec (Jan 24)
- Re: Youth expelled from Montreal college after finding "sloppy coding" that compromised security of 250, 000 students personal data Rich Kulawiec (Jan 22)
- Re: Youth expelled from Montreal college after finding "sloppy coding" that compromised security of 250, 000 students personal data Valdis . Kletnieks (Jan 22)
- Re: Youth expelled from Montreal college after finding "sloppy coding" that compromised security of 250, 000 students personal data Rich Kulawiec (Jan 23)