Okay, the headline is provocative. I admit that. But I think it is honest.
I'm refering to how 119 Harvard Business School applicants are being rejected for checking their status "illegally". Read about it here.
Basically what happened was that Harvard made their choices about who to admit and who to reject about a month earlier than they were going to announce it. They then provided letters about acceptance to a web service that they used to handle applications. Someone figured out that the security wasn't very secure. Merely changing a URL by adding "&status" would let them determine what Harvard was going to do with them. 119 students checked after seeing information on a web forum about how to do so.
Now Harvard Business School is going to reject the 119 because of their bad ethics.
Personally, I think Harvard is going on the offensive to cover their own ass. They screwed up. They put this information in a publically accessible place. It's their fault it was availablte.
Really now, who is at fault? People who learned how they could check on their status before the official date, or the institution that didn't keep the information private and then decided to punish the curious?
Fark Harvard.
Addendum: Here's a hacker's take on it on his blog.
Posted by Mike at March 9, 2005 1:08 AM