When I see headlines like this, I find more and more value in FERPA (family education rights privacy act), but I also realize that FERPA alone cannot help us. Now while there is not enough information about this particular situation (next paragraph) to draw any kind of strong conclusion, it does seem like this student did the university a huge favor (and the university got very embarrassed by the favor). My question is, how many more flaws are out there like this one and who is paying attention?
“Montreal College Expels Student Who Found Security Flaw in Campus Data” , (http://chronicle.com/blogs/ticker/jp/montreal-college-expels-student-who-discovered-security-flaw-affecting-campus-data?cid=wc&utm_source=wc&utm_medium=en) “Pupil expelled from Montreal college after finding ‘sloppy coding’ that compromised security of 250,000 students personal data” (http://news.nationalpost.com/2013/01/20/youth-expelled-from-montreal-college-after-finding-sloppy-coding-that-compromised-security-of-250000-students-personal-data/).
In this day and age of necessary cyber security, I hope a lesson can be learned from this slip, and that people are free to come forward to reveal these flaws without fear of retaliation of some kind.
Institutions, please take notice because I have found, from my own experiences that it is little things like this that can set off a firestorm in an institution, and quickly turn into a big thing.
Dr Flavius A B Akerele III