, SecurityFocus 2006-04-26
Security researchers and legal experts have voiced concern this week over the prosecution of an information-technology professional for computer intrusion after he allegedly breached a university's online application system while researching a flaw without the school's permission.
Expand all |
Post comment
Breach case could curtail Web flaw finders
2006-04-26
Anonymous (7 replies)
Anonymous (7 replies)
If it was anyone else, I would sympathize
2006-07-21
Anonymous (1 replies)
Anonymous (1 replies)
Let's see, we wouldn't want to blame the web programmer for writing insecure code. Or the USC Information Security Team for allowing the code to be put into production on an Internet-facing web server. Seems to me that a bunch of incompetent IT people are trying to shift blame off of themselves.
Since USC has shifted the blame so efficiently, I'm sure that the same sloppy code is likely being deployed on other parts of their network. However, since we know how they treat an honest person who wants to cooperate with them, next time it won't be an honest person who is looking for the flaw(s). USC students beware! Your personal data is likely at risk and the only people looking for it are going to misuse it when they find it.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/articles/11389/33750#33750