Security pro pleads guilty to USC breach

Security pro pleads guilty to USC breach
Robert Lemos, SecurityFocus 2006-09-06

Security professional Eric McCarty plead guilty in United States District Court in Los Angeles on Tuesday, admitting that he intentionally exploited a flaw in the online student application Web site of the University of Southern California, federal prosecutors said.

Security pro pleads guilty to USC breach 2006-09-07
ChrisG

I'll agree with Mr. Maiffret that while what McCarty did was not the right thing to do, punishing people who let people know about a vulnerability after they exploited the vulnerability will only succeed in people not telling anyone about that vulnerability (or at least not the organization or vendo...

[ more ]