Student expelled from Dawson College for exposing security flaw – Global National Interview

By January 21, 2013Media, TV Media


Student expelled from Dawson College for exposing security flaw - Global National InterviewStudent expelled from Dawson College for exposing security flaw.

He’s getting job offers from computer software companies — including one  whose security flaw he found while rooting around in Dawson College’s system.

“I think I’ll move on,” Al-Khabaz said Tuesday, adding he enjoyed attending  Dawson College until he

was kicked out in November.

“I’ll take one of those job offers I’ve got and I’ll apply to another English  (junior college) in September.”

Al-Khabaz says he has been offered employment by the president of Skytech  Communications, which provides the software for Dawson’s system. Another 10 or  so offers are also on the table.

A Skytech spokesman was not immediately available for comment.

Al-Khabaz, 20, became persona non grata at Dawson after discovering a major  security flaw in the school’s computer system while working on a class  project.

At a news conference on Tuesday, Dawson director-general Richard Filion  acknowledged Al-Khabaz had found the flaw but said he was expelled after he  repeatedly tried to gain access to areas of the college information system where  he had no authorization.

Filion said the student was kicked out because he breached the college’s code  of professional conduct.

“Dawson College has the responsibility to instil the principles of proper  conduct in the workplace so that employers hiring our graduates know they are  responsible citizens and qualified workers who understand how to behave in a  professional environment,” Filion said.

Francois Paradis, the college’s director of information services, said  Al-Khabaz was warned after being sighted twice in Dawson’s system before he  reported the computer flaw. Paradis said Al-Khabaz was spotted again after being  told about limitations on tests he could conduct after finding the flaw.

Dawson said it was speaking out because of what it called inaccuracies in a  media barrage in the last 24 hours that has seen Al-Khabaz gain support from  students beyond Montreal.

In Ottawa, Adam Awad, national chairperson of the Canadian Federation of  Students, accused Dawson of being more interested in protecting its own image  than guarding students’ personal data.

“The administration chose to punish the whistle-blower in hopes that the  problem would quietly go away,” Awad said as he called for Al-Khabaz to be  reinstated.

Filion said Dawson considered pushing for criminal charges against Al-Khabaz  but the institution decided to deal with the matter on an academic level and  leave any further action to Skytech.

Speaking to reporters after Dawson’s news conference, which he attended as a  member of the audience, Al-Khabaz rejected the college’s version of events. He  said it concentrated on “the negative stuff.”

“I was just scanning the software because I was scared for our data,” he  said.

The student said he also asked for permission to do the later scan when he  was told he was not authorized to carry out the task.

He said he had three meetings with college officials and explained what he  was doing.

“I really wanted to help,” said Al-Khabaz.

He rejected the college’s characterization of his activity as an attack,  calling the allegation “false.”

“A smart man would hide his identity if he was going to do that,” he said,  pointing out he never tried to conceal who he was or cover his tracks.

 

tcutler
Lets Connect

tcutler

VP of Cybersecurity at SIRCO
I’m Terry Cutler, the creator of Insider Secrets from an Ethical Hacker on Internet Safety …That’s a system that’s been used to help defend corporations and individuals from cyber threats.
 
I’m a government cleared cybersecurity expert (a Certified Ethical Hacker), and the Vice-President of Cyber at SIRCO, an investigations and protections firm in Montréal, Canada.
 
I’m also a frequent contributor to National & Global media reportage about cyber-crime, spying, security failures, internet scams, and the real social network dangers that families and individuals face every day.
tcutler
Lets Connect

Author tcutler

I’m Terry Cutler, the creator of Insider Secrets from an Ethical Hacker on Internet Safety …That’s a system that’s been used to help defend corporations and individuals from cyber threats.
 
I’m a government cleared cybersecurity expert (a Certified Ethical Hacker), and the Vice-President of Cyber at SIRCO, an investigations and protections firm in Montréal, Canada.
 
I’m also a frequent contributor to National & Global media reportage about cyber-crime, spying, security failures, internet scams, and the real social network dangers that families and individuals face every day.

More posts by tcutler