Sorry if repost.
http://news.nationalpost.com/2013/0...ed-security-of-250000-students-personal-data/
Clifs:
1. Student woking on mobile app for student records.
2. finds "sloppy code" that put 250k records at risk
3. reports it to school
4. Vendor says they will fix it ASAP
5. Student runs a vulnerability tester a few days later to see if flaw was fixed
6. Vendor threatens to have him arrested and prosecuted unless he signs an NDA
7. He signs the NDA
8. School expels him with no hearing, no appeal.
Sucks for him, hopefully another college takes him despite the expulsion on his record.
http://news.nationalpost.com/2013/0...ed-security-of-250000-students-personal-data/
Clifs:
1. Student woking on mobile app for student records.
2. finds "sloppy code" that put 250k records at risk
3. reports it to school
4. Vendor says they will fix it ASAP
5. Student runs a vulnerability tester a few days later to see if flaw was fixed
6. Vendor threatens to have him arrested and prosecuted unless he signs an NDA
7. He signs the NDA
8. School expels him with no hearing, no appeal.
Sucks for him, hopefully another college takes him despite the expulsion on his record.