Breach case could curtail Web flaw finders

Breach case could curtail Web flaw finders
Robert Lemos, SecurityFocus 2006-04-26

Security researchers and legal experts have voiced concern this week over the prosecution of an information-technology professional for computer intrusion after he allegedly breached a university's online application system while researching a flaw without the school's permission.

Expand all | Post comment

In other words, shoot the messenger 2006-04-26
Anonymous (1 replies)

Re: In other words, shoot the messenger 2006-04-26
Anonymous (5 replies)

Re: Re: In other words, shoot the messenger 2006-04-27
Anonymous

Re: Re: In other words, shoot the messenger 2006-04-27
Anonymous (3 replies)

Re: Re: Re: In other words, shoot the messenger 2006-04-28
Anonymous

Re: Re: In other words, shoot the messenger 2006-04-28
Anonymous

Re: Re: In other words, shoot the messenger 2006-05-18
Spider Jerusalem

Re: Re: In other words, shoot the messenger 2007-06-18
Anonymous

Breach case could curtail Web flaw finders 2006-04-26
Anonymous (7 replies)

Re: Breach case could curtail Web flaw finders 2006-04-26
Anonymous (1 replies)

Re: Re: Breach case could curtail Web flaw finders 2006-04-27
Anonymous

Re: Breach case could curtail Web flaw finders 2006-04-26
Anonymous (2 replies)

Re: Re: Breach case could curtail Web flaw finders 2006-04-26
Anonymous

Re: Breach case could curtail Web flaw finders 2006-04-27
unikbyte

Re: Breach case could curtail Web flaw finders 2006-04-27
Anonymous

Re: Breach case could curtail Web flaw finders 2006-05-01
Anonymous

Re: Breach case could curtail Web flaw finders 2006-05-15
Anonymous

Breach case could curtail Web flaw finders 2006-04-26
Anonymous

FreeMcCarty.com 2006-04-26
Anonymous (2 replies)

Re: FreeMcCarty.com 2006-04-27
carl

Re: FreeMcCarty.com 2006-04-28
Bilz

Breach case could curtail Web flaw finders 2006-04-26
Anonymous

In other words don't steal data? 2006-04-27
Anonymous (1 replies)

Re: In other words don't steal data? 2006-04-27
Anonymous

Wow, way to twist a story around. He found the vulnerability, reported it to a neutral third party so they could contact the school and work to get it resolved.

As for notifying everyone, that CA law, tough cookies. Let me ask you, would it be better if a researcher reported the vuln and helped them fix it ( what happened ), or a hacker found the records, sold them on the black market and screwed a few hundred thousand people?.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/11389/33762#33762

Imagine a world... 2006-04-27
jvf (1 replies)

Re: Imagine a world... 2006-09-26
Dve

as expected... 2006-04-27
infamous41md (2 replies)

Re: as expected... 2006-04-27
BXLE

Re: as expected... 2006-04-28
Anonymous

appearance today 2006-04-29
mv

He Should be Prosecuted 2006-05-01
Anonymous (2 replies)

Re: He Should be Prosecuted 2006-05-01
Anonymous

Re: He Should be Prosecuted 2006-05-23
Anonymous

Breach case could curtail Web flaw finders 2006-05-11
Dr MindHacker

Breach case could curtail Web flaw finders 2006-05-11
Anonymous (1 replies)

Re: Breach case could curtail Web flaw finders 2006-05-15
Anonymous