Comment on Anon updates GNU/linux
misteloct@lemmy.dbzer0.com 2 months ago
This more or less happened to my friend in early ~2000s, they were technically amazing for grade school. When the school “database” was deleted they + friend were suspended for an entire month, almost expelled.
Turns out they had warned their teacher that the files were in a public shared folder and anyone could just literally delete them. No backups, these were grades, assignments, etc for dozens of teachers over many years. They were severely punished for trying to disclose a vulnerability essentially and blamed for the whole thing.
LastYearsIrritant@sopuli.xyz 2 months ago
Never report vulnerabilities yourself to an organization, always use a neutral, trusted third party to report it.
Aatube@kbin.melroy.org 2 months ago
which organization would you use in this situation?
Wolf314159@startrek.website 2 months ago
If you were in highschool at the time, really the only ethical thing to do for someone in your position is to delete all the files and shine a light on their bad security practices, but don’t say anything about it to anyone. It’s that last bit that always gets you in trouble. Absolute candor is something adults almost never want to hear from children.
michaelmrose@lemmy.world 2 months ago
Couldn’t you just rename it to something obvious so as to make people think it was gone whilst leaving all the valuable data intact. mv valuableData.whatever valuableData.thiswholethingisvulnerablefixit
Aatube@kbin.melroy.org 2 months ago
genuinely think of the teachers
Gustephan@lemmy.world 2 months ago
None. Just cheat. It will prepare you for the real world better than pretending to respect the authority of morons.
ikidd@lemmy.world 2 months ago
A pair of scissors, various magazines, and the postal service.
Saledovil@sh.itjust.works 2 months ago
I suppose having a lawyer notify the school would be ideal. Most likely too expensive, though. So, yeah, ransom letter it is.
misteloct@lemmy.dbzer0.com 2 months ago
The Parent-Teacher Association? 😂
Natanael@infosec.pub 2 months ago
Depending on where you are, either the regional / national school system administration, or some random local journalist