Princeton hacks Yale
Page 1 of 3 123 LastLast
Results 1 to 10 of 26

Thread: Princeton hacks Yale

  1. #1
    Senior Member
    Join Date
    Sep 2001
    Posts
    800

    Talking Princeton hacks Yale

    here is a funny article I found
    here is the source http://www.signonsandiego.com/news/c...onhacking.html

    Yale accuses Princeton of hacking into admissions Web site



    By Diane Scarponi
    ASSOCIATED PRESS

    July 25, 2002

    NEW HAVEN, Conn. Yale University complained to the FBI on Thursday that admissions officials at Princeton hacked into a Yale Web site that was set up for prospective students.

    Yale said it found 18 unauthorized log-ins to the Web site that were traced back to computers at Princeton, including computers in the admissions office.

    "We're assessing the information to see if there is a federal violation," FBI spokeswoman Lisa Bull said.

    The head of admissions at Princeton said the school just checked the site to see how secure it was. Princeton gained access by looking up students who had applied to both schools.

    "It was really an innocent way for us to check out the security," Stephen LeMenager, Princeton's dean of admissions, told the Yale Daily News, which broke the story Thursday in its online edition.

    "That was our main concern of having an online notification system, that it would be susceptible to people who had that information parents, guidance counselors, and admissions officers at other schools."

    Yale said Princeton's actions violated the privacy of the students.

    "We have therefore notified appropriate law enforcement authorities as well as the applicants whose Web locations were accessed," said Dorothy K. Robinson, Yale vice president and general counsel.

    The Web site was activated for a few weeks in the spring so that undergraduate applicants could find out if they got in to Yale. Applicants could access the site by using their Social Security numbers and birthdates. The site included links to admissions information and personal data about the students.

    If a student was admitted, the site flashed fireworks and a congratulatory message. If the student did not get in, a message indicating that was displayed.

    The site included a notice that only students, not parents or others, may access the site, and it warned that Yale would investigate and act on any unauthorized use.

    This was the first year Yale used the Web site, which proved to be popular with students. The day it went online in April, more than 9,700 applicants had logged in, including 1,190 of the nearly 1,500 students who were admitted.
    [gloworange]\"A hacker is someone who has a passion for technology, someone who is possessed by a desire to figure out how things work.\" [/gloworange]

  2. #2
    Casper,

    By now, I'm sure everyone has seen the article it is everywhere. Why not take your post one step further. Quote an interesting point from the article, provide a link to the whole article, and post your opinion of the incident, and turn this into a discussion. Just my .02

  3. #3
    Originally posted here by Joey_Batch_File
    Casper,

    By now, I'm sure everyone has seen the article it is everywhere. Why not take your post one step further. Quote an interesting point from the article, provide a link to the whole article, and post your opinion of the incident, and turn this into a discussion. Just my .02
    I think I may do just that

    Originally posted here by casper3699
    here is a funny article I found
    here is the source http://www.signonsandiego.com/news/c...onhacking.html

    Yale accuses Princeton of hacking into admissions Web site



    By Diane Scarponi
    ASSOCIATED PRESS

    July 25, 2002

    NEW HAVEN, Conn. Yale University complained to the FBI on Thursday that admissions officials at Princeton hacked into a Yale Web site that was set up for prospective students.

    Yale said it found 18 unauthorized log-ins to the Web site that were traced back to computers at Princeton, including computers in the admissions office.

    "We're assessing the information to see if there is a federal violation," FBI spokeswoman Lisa Bull said.

    The head of admissions at Princeton said the school just checked the site to see how secure it was. Princeton gained access by looking up students who had applied to both schools.

    "It was really an innocent way for us to check out the security," Stephen LeMenager, Princeton's dean of admissions, told the Yale Daily News, which broke the story Thursday in its online edition.

    "That was our main concern of having an online notification system, that it would be susceptible to people who had that information parents, guidance counselors, and admissions officers at other schools."

    Yale said Princeton's actions violated the privacy of the students.

    "We have therefore notified appropriate law enforcement authorities as well as the applicants whose Web locations were accessed," said Dorothy K. Robinson, Yale vice president and general counsel.

    The Web site was activated for a few weeks in the spring so that undergraduate applicants could find out if they got in to Yale. Applicants could access the site by using their Social Security numbers and birthdates. The site included links to admissions information and personal data about the students.

    If a student was admitted, the site flashed fireworks and a congratulatory message. If the student did not get in, a message indicating that was displayed.

    The site included a notice that only students, not parents or others, may access the site, and it warned that Yale would investigate and act on any unauthorized use.

    This was the first year Yale used the Web site, which proved to be popular with students. The day it went online in April, more than 9,700 applicants had logged in, including 1,190 of the nearly 1,500 students who were admitted.
    Could they have not used a better Access Control System....I mean SSN's and Birthday's????.....LAME!!!! Biomectrics perhaps?

  4. #4
    Senior Member
    Join Date
    Jun 2002
    Posts
    165
    this is the part that kills me:

    Yale said Princeton's actions violated the privacy of the students.
    as though offering the information in an unprotected manner wasn't a violation of not only privacy but also trust. if i were the students i'd be more upset with Yale than Princeton for not protecting my information. but that's just me.
    -droby10

  5. #5
    Senior Member
    Join Date
    Feb 2002
    Posts
    1,210
    ha.. and to think I almost accepted a job at Yale

    hmmm.. 'tho maybe they're better off without me

  6. #6
    Computer Forensics
    Join Date
    Jul 2001
    Posts
    672
    My opinion about the whole thing ? Who really cares about a couple of rich colleges vying over admissions ? does it really need to be such big news that it deserves the front page on a paper ? **** no. I could think of uhm perhaps 40 other things happening around the world that deserve more attention than that ****. The media is a pathetic entity.
    Antionline in a nutshell
    \"You\'re putting the fate of the world in the hands of a bunch of idiots I wouldn\'t trust with a potato gun\"

    Trust your Technolust

  7. #7
    Member
    Join Date
    Jul 2002
    Posts
    41
    I would be interested to know if the Yale webpage was encrypted so that students checking their status weren't sending their SSN/B-Day unencrypted across the Internet.

  8. #8
    Originally posted here by wyverspur
    I would be interested to know if the Yale webpage was encrypted so that students checking their status weren't sending their SSN/B-Day unencrypted across the Internet.
    They didn't think to use better access control, so why would they think to use SSL?. They better rethink the system or disasters will continue.

  9. #9
    Senior Member
    Join Date
    Sep 2001
    Posts
    800
    The head of admissions at Princeton said the school just checked the site to see how secure it was. Princeton gained access by looking up students who had applied to both schools.

    "It was really an innocent way for us to check out the security," Stephen LeMenager, Princeton's dean of admissions, told the Yale Daily News, which broke the story Thursday in its online edition.
    This is a creative way around getting in trouble.
    So if I hacked a webpage and got caught would I be able to use this excuse? "I was only testing its security, honest. "

    PS Sorry I just found this article and I couldnt find anyone that posted it before.
    [gloworange]\"A hacker is someone who has a passion for technology, someone who is possessed by a desire to figure out how things work.\" [/gloworange]

  10. #10
    Originally posted here by casper3699
    This is a creative way around getting in trouble.
    So if I hacked a webpage and got caught would I be able to use this excuse? "I was only testing its security, honest.
    It didn't work for the guy in jcdux's thread:

    Originally posted here by jcdux
    A Houston computer security analyst has been charged with hacking after demonstrating the insecurity of a county courts wireless LAN.

    Stefan Puffer, 33, was indicted by a Grand Jury on Wednesday with two counts of fraud for allegedly breaking into Harris County district clerk's wireless computer system.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides