The net user in me thanks him for making the net a safer place.

The system admin in me thinks he didn't have any business poking around without permission.

The small voice of the hacker in me admires his skill (but his wiles more!) and his passion but thinks he's too into the glory of the discoveries -he needs to be more lowkey, cool. At least he did lose his laptop bag. Smart move, some of my respect is restored.

But I can't help but wonder, did someone finally come down on the FBI and demand some high profile arrests to show for all the budget they get to fight cybercrime?

The charges seems extremely inflated to make him a larger kill, and a bigger notch in some cybersleuth's keyboard. The time the NYT's techs spent on this has to be nothing compared to the they time they spend applying MS patches. Its all in a day's work to me.

Bleh. Cold day in hell before I buy another NYT. Loved the /. comments about bypassing their signup.

When are the creators of web applications and software applications ever going to be expected to take some responsibility for their careless creations? When are company owners and project managers that say "do it anyway, we need those social security numbers conveniently posted" ever going to be held responsible for those decisions and put on a stand to explain their actions?

Just last night I had a budding web designer ask me if it was bad security to submit a credit card number via a php script he found on the web.

My question: Are you using https - at least?

A: "I don't think so. What's that?"

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/6934/22181#22181