Reader Comments (rss)

(Flattened / Threaded)

1.  

   Why even try?

   

   Brendan, Jun 22nd, 2006 @ 5:49pm

   
   

   Sometime last year I contacted a local school that hosted a system that contained a vulnerability for SQL injection. This was pretty major seeing as the system contained records for staff records. I contacted them to tell them about the problem and they responded with insults and claims that it in fact was not a vulnerability.
   They still haven't fixed the issue to this day, I guess its just a matter of time untill someone else finds this with less than honorable intentions in mind.
   Point being, why even try to help? Too much trouble involved when it obivously will be more than likley met with negative reactions.

   [ reply to this | link to this | view in thread ]

2.  

   keralafood

   

   [email protected], Jun 22nd, 2006 @ 6:32pm

   
   

   leafnakki

   [ reply to this | link to this | view in thread ]

3.  

   Your Best Teacher is....

   

   Anonymous Bum, Jun 22nd, 2006 @ 6:42pm

   
   

   supposed to be you last mistake not a bunch of lazy fools with tenure.

   [ reply to this | link to this | view in thread ]

4.  

   

   Anonymous Coward, Jun 22nd, 2006 @ 6:42pm

   
   

   YOu gO gettem!

   [ reply to this | link to this | view in thread ]

5.  

   Serves them right

   

   |333173|3|_||3, Jun 22nd, 2006 @ 6:50pm

   
   

   when someone hacks in and starts trashing htie network.

   [ reply to this | link to this | view in thread ]

6.  

   Re: Why even try?

   

   Rick, Jun 22nd, 2006 @ 7:27pm

   
   

   Send the exploited data and the method for retrieving it to the local newspaper, or really make a stink and go for some international media. The embarrasement alone should force some action...
   
   They were already warned.

   [ reply to this | link to this | view in thread ]

7.  

   Re: Re: Why even try?

   

   Ronde, Jun 22nd, 2006 @ 7:44pm

   
   

   They deserve everything that they get.

   [ reply to this | link to this | view in thread ]

8.  

   No Good Deed Shall Go Unpunished

   

   Griz, Jun 22nd, 2006 @ 10:04pm

   
   

   As an IT consultant, I make it a point to never make even the most cursory of security checks unless I'm paid and indemnified in writing, period. If I suspect or discover a vulnerability outside a clearly defined contractual relationship, just call me Sgt. Schultz, because I saw naaaaathing!
   
   If I'm feeling exceptionally charitable, I'll refer 'em to ISO 17799 or a similar "best standards" document... But I usually don't broach the issue of security at all. It seems the typical client thinks that hackers are beings out of the Lovecraftian Cthulhu Mythos, wreaking havoc upon those that merely invoke their names.
   
   In short, DNAWC (Do Not Associate With Catastrophe)

   [ reply to this | link to this | view in thread ]

9.  

   

   Anonymous Coward, Jun 22nd, 2006 @ 10:19pm

   
   

   I like what #8 said and its true. What the heck is wrong with our world?!?! Its like getting sued because you gave cpr to a drowning person and you break a rib or something. Or the criminal sueing you for your dog biting them after they broke into your house... Somewhere a few years back we really got off track.

   [ reply to this | link to this | view in thread ]

10.  

    Re: No Good Deed Shall Go Unpunished

    

    AnarCh0s, Jun 22nd, 2006 @ 10:31pm

    
    

    Why not refer them to Microsoft as an id10t??

    [ reply to this | link to this | view in thread ]

11.  

    HA

    

    SortaLikeJake, Jun 23rd, 2006 @ 2:15am

    
    

    That OU story was pretty hilarious. It's awesome that the guy is now laughing at his university's collective stupidity.
    
    I learned my lesson in h.s., getting into teachers' accounts and changing random grades (not mine), then showing administrators how easy it was to do it. All while sitting in an area next to the moronic net manager. Too bad the dean didn't appreciate my helpfulness. Suspension!
    I had half a mind to give everyone A's after that...

    [ reply to this | link to this | view in thread ]

12.  

    Typical

    

    We Told You So, Jun 23rd, 2006 @ 2:23am

    
    

    It'll just take some time before things heat up for these IT nimrods in the Hallowed Halls. After enough "victims" pile up, we can all write our letters to them, with copies to their sources of revenue, asking them like Dr. Phil says during the commercials..."What the fuck were you thinkin'???

    [ reply to this | link to this | view in thread ]

13.  

    They're going to get hit where it hurts

    

    eb, Jun 23rd, 2006 @ 9:38am

    
    

    I read somewhere (maybe ZDNet?) that alumni were sending really nasty messages to the effect of "you *&%#@** you're never going to see any money from me again" in response to a breach where data on contributors was lost at one school. That's going to get them where it hurts most.

    [ reply to this | link to this | view in thread ]

Add Your Comment