Student Expelled After Finding School's Online Security Flaw

CybersecurityNo good deed, huh. A student from Dawson College in Montreal has been expelled for his involvement in the uncovering of a potentially horrible flaw in his school's online directories. Sounds dumb, right? Even worse: Everyone more or less agrees he meant no harm. Here's what happened: Ahmed Al-Khabaz, a Computer Science student at Dawson, and a friend were working on a mobile app to allow students mobile access to their school data. In the process, they uncovered a pretty serious vulnerability ("sloppy coding") that would have put student information at risk. What kind of information? According to Al-Khabaz, "social insurance number, home address and phone number, class schedule, basically all the information the college has on a student." Read the full story at Gizmodo.