Tuesday, October 28

Student Arrested After Warning Principal of Computer Vulnerablity

It is really sad when someone gets punished for doing the right thing. Unfortunately, that is what happen to a 15-year-old student in New York. After notifying his principal of a security vulnerability, he was slapped with an arrest warrant.

A student in a Saratoga County (New York) school alerted his principal to a computer security vulnerability that could expose the names, social security numbers and addresses of school employees. While the student tried to do it anonymously, he was eventually tracked down. Then the school slapped him in the face with a felony charge.

The student is now being charged with three felonies for his unauthorized use of the computer network. Here is a quote from a state trooper:
"The kid committed an intentional criminal act. He deceitfully used someone else’s name and password so he would not get caught and was looking to profit from his criminal act."

So, what will we lear from this? If you discover a security vulnerability, it's completely in your best interest to keep it to yourself, otherwise you'll be branded a criminal terrorist when you were merely trying to do a good deed.

No comments: