IT consultant in Germany fined for exposing shoddy security::Spotting a plaintext password and using it in research without authorization deemed a crime
IT consultant in Germany fined for exposing shoddy security::Spotting a plaintext password and using it in research without authorization deemed a crime
I hope it gets reversed in the next instance. The judge had it absolutely wrong. And the consultant did not expose it, but told the company directly that he is able to read the admin password without an effort. They sued for telling them. That’s absolutely the worst thing to do.
The people that write laws and the systems that enforce laws are inept to an unbeliavable degree when dealing with anything cyber related so I have less than zero expectations that this gets reversed and actually expect a worse outcome should there be an appeal.
Because somehow only the most incompetent morons appear to be able to make it to judge or law maker.