Originally posted here by Viperbite
In my opinion "helping them" is wrong.
Am I correct?
Well lets consider the definition of wrong thanks to www.dictionary.org:

1]Contrary to conscience, morality, or law; immoral or wicked.
2]Not required, intended, or wanted.

According to the first definition reporting a hole to an admin is not wrong, you are doing something that is totally un-selfish, and using your valuable time to do it! But, if you consider the second definition, you will see that your reporting the hole was not required, the hole was not intended to be there, and your help was not wanted from the admins so the fact that you are a whitehat who wants to help the computing community makes no difference. Your goin' to jail (maybe).

I believe that if your going to search for an exploit in a system then you must either use it your advantage or report it, if you do nothing then you do not exeplify what I believe a hacker or a security buff is. If you do report if tho, don't take credit for the find or...post it on a popular vulnerability website where the admin will eventually here about it and then all those who read it will know that you "L33TgUy" found the exploit and then there is no case against you because it cannot be proven.