From the article:
However it's usually not your company, and it's not your place to prove that there is a flaw in a system. It's especially true that it's not your place to prove things without having been given permission to do so. Proving a point on your own is something children do, not professionals.
I totally disagree as written above especially when it comes to private information such a Social Security Numbers. It MUST
be proven if it exists and action must be taken. I consider it to be one of those unwritten laws that is the responsibility of every IT worker.
I DO, however, totally disagree with the manner in which David Helkowski did his proof. There's no way in hell that I'd prove a security violation by violating someone's privacy by posting their hacked SSN on something like Reddit. A private email to that person should have sufficed. If no action was taken to fix the security problem, then there are proper channels to certain agencies to correctly and properly report such a problem.
So, with mixed emotion, I applaud David Helkowski for all of his actions EXCEPT for posting private information on a very public website. I say "mixed emotion" because, on the other hand, he's getting what he deserved for being too freakin' lazy to do things the right way.
is pronounced ree-bar and is a Modenism for R
First step towards the paradigm shift of writing Set Based code: Stop thinking about what you want to do to a row... think, instead, of what you want to do to a column.
Although they tell us that they want it real bad, our primary goal is to ensure that we dont actually give it to them that way.
Although change is inevitable, change for the better is not.
Just because you can do something in PowerShell, doesnt mean you should. Helpful Links:
How to post code problemsHow to post performance problemsForum FAQs