(h/t to Nadim Kobeissi)
Youth expelled from Montreal college after finding "sloppy coding" that
compromised security of 250,000 students personal data
http://news.nationalpost.com/2013/01/20/youth-expelled-from-montreal-college-after-finding-sloppy-coding-that-compromised-security-of-250000-students-personal-data/
Same old story, complete with the customary vacuous denial-by-assertion:
"We acted immediately to fix the problem, and were able to do
so before anyone could use it to access private information."
Riiiiiiight, so you weren't good enough to avoid creating the vulnerability
in the first place, yet you are somehow omniscient enough to know that
nobody, that's right, NOBODY, exploited the hole before you fixed it.
---rsk
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
