Hamed Al-Khabaz

student who got expelled after finding critical flaw in Dawson College computer systems

Hosted AMAs

Highest Rated Comments

wololo_35 karma

Hey man, what you're writing here is not even remotely true to what happened. None of us stole any information and the proof to that is us reporting the problems to the IT department the very next day. We believe we acted accordingly and ethically. In case any of us wanted to steal information or had any malicious intent, we had the option of doing so before reporting it. Since you don't seem to understand the magnitude of the effects this could have had on students, have we not reported it, in case someone with malicious intents would have found it beforehand, I can tell you that having your personal information at risk can be a living nightmare. What you posted here are all false allegations. There was no SQL injection involved, and no information has been used for any sort of personal gain. The media investigated the case from both sides before releasing any article, hence nothing was misinterpreted.

wololo_11 karma

All teachers never heard my side of the story except for one of them hence the 14/15. The sole teacher decided to call me into his office and discuss the series of events that happened. He understood my motivations. I wish I knew they were going to vote against me, so I would of barked into their office and start talking. I was under an NDA from Skytech at that time and I didn't know teachers were allowed to vote against me let alone know about my story. Everything happened silently.

wololo_10 karma

Hmm.. not really a Tuskar player, more of a techies guy :D

wololo_9 karma

Nah, my name is actually Ahmed in ID but I'd like to be called Hamed and that's how it's been since I was born. I guess my dad made a typo when telling the name to the doctors when I was born or something lol.

wololo_9 karma

Had most of my teachers not vote against me (14/15 profs decided to give me the boot) I would want to go back.

I got in total 2 college offers and 1 university offer.

wololo_8 karma

I never signed any agreement when I started college. If anything, our school portal has a privacy policy in the website which they broke by confirming to us that their encryption is not reversable. Besides, what motivated me to look for flaws was because they were using deprecated code in the frontend of their website and that they also store our sensitive information there. Would you not do the same knowing that you have background knowledge in information security and feel a bit curious ? The "attack" that kicked me out was done in a test server with my account without being behind a proxy. Thought it was safe after they congratulated me for what I have done.

wololo_8 karma

This one is for chrome!

DotA 2 Match Ticker for Firefox & Opera

wololo_8 karma

Thanks for your comment! I absolutly do not regret this experience, it's really once a in a lifetime thing. The only upsides I can think of after this situation is that school systems will be more secure since from now on, they need to step up their game if they don't want to be shamed at. And it's a good thing. They store so much sensitive data that they need to be more secure than top tier companies like reddit.

wololo_7 karma

Hi. I'm a Javascript guy and I use many of it's libraries. I also do HTML5/CSS3 too! Although they didn't teach us webdev at school (Java was the main language), I self-taught myself what I really like.

wololo_7 karma

Dota2 for me. I made quite a few extensions for competive players to track games for chrome and all major browsers!