Security pro pleads guilty to USC breach

Security pro pleads guilty to USC breach
Robert Lemos, SecurityFocus 2006-09-06

Security professional Eric McCarty plead guilty in United States District Court in Los Angeles on Tuesday, admitting that he intentionally exploited a flaw in the online student application Web site of the University of Southern California, federal prosecutors said.

Expand all | Post comment

Security pro pleads guilty to USC breach 2006-09-07
John Delance (1 replies)

Re: Security pro pleads guilty to USC breach 2006-09-07
Robert Lemos

Filling in the data leaks... 2006-09-07
mroonie

Security pro pleads guilty to USC breach 2006-09-07
ChrisG (1 replies)

I'll agree with Mr. Maiffret that while what McCarty did was not the right thing to do, punishing people who let people know about a vulnerability after they exploited the vulnerability will only succeed in people not telling anyone about that vulnerability (or at least not the organization or vendor)

its pretty sad when not reporting something gets you in less trouble than reporting a problem...

good job catching that "evil hacker" who reported the problem himself, sheeesh.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/11411/34066#34066

Re: Security pro pleads guilty to USC breach 2006-09-24
Sort of Anonymous (1 replies)

Re: Re: Security pro pleads guilty to USC breach 2006-12-28
Anonymous

Security pro pleads guilty to USC breach 2006-09-08
levin (1 replies)

Re: Security pro pleads guilty to USC breach 2006-09-11
Anonymous

Not much of a Security pro afterall 2006-09-13
Anonoymous

Security pro pleads guilty to USC breach 2006-09-15
Smoked1

Security pro pleads guilty to USC breach 2006-09-18
Anonymous

Security pro pleads guilty to USC breach 2006-12-02
Anonymous

Security pro pleads guilty to USC breach 2006-12-28
TatongaSD