There is a fine line between responsibly disclosing something that could be potentially dangerous in the wrong hands and potentially getting in trouble for crossing a line. Last semester, my ex boyfriend Kyle found a fatal flaw with the ePortfolio program that Clemson didn't want us to know about: he figured out a way that one could hack into the system and completely ELIMINATE everyone's portfolios like they never existed. He sat on this information for about a week before finally emailing someone he trusted over at CCIT (he used to work there) and saying, essentially, don't shoot the messenger but I found a major bug and you should fix it before we all get screwed. This was a couple of weeks before he was set to graduate and he had major misgivings about telling anyone in case they somehow used this as a reason to expel him.
The ePortfolio is a major headache for most Clemson students, especially those who are about to graduate and either have failed it or haven't gotten their grades back. Imagine if someone besides my ex had found that flaw and had the ability to erase such a thing so close to graduation - it would have been chaos. And what if they never found the guy? These are reasons why I like the idea of the EFF because if there's a team out there who can search and destroy these types of 'villians' we're all safer for it. And, actually, Kyle now works for GE's IT department in Richmond essentially defensively hacking for the company so that they can avoid major disaster, such as confidential information getting into the wrong hands. In a way he sort of bends the law to benefit the company. The EFF would protect his rights to do so, which I think is important not only for him and for GE but also for the greater good. The most important thing to gather from this reading I think is the idea that the average Internet user is not a criminal.
No comments:
Post a Comment