Nova Scotia Teen Gets Charged With Pwning Gov’t Website…. But I Think He’s A Scapegoat For Gov’t Incompetence

Here’s the situation. According to the CBC, a Nova Scotia teen was charged with “hacking” a Nova Scotia Government website called the Freedom of Information and Protection of Privacy Portal. This is a website that serves up freedom of information requests to the public. The teen downloaded 7,000 publicly available documents from the site. Eventually the people who ran the site noticed and the teen got charged with “Unauthorized use of a computer.”

Here’s the problem. This wasn’t a hack as such. It was a screw up by the Nova Scotia Government. According to privacy lawyer David Fraser and software engineer Evan d’Entremont, all one has to do is to change the document ID number at the end of a URL and it’s yours. Example, you could create a script to download document number 1234, then 1235, 1236 and so on as long as you knew what number to start at. Elite hacking this is not. What makes this worse is that not all the documents that are available on this website got redacted to remove personal info that is not relevant to the freedom of information request. So one who had ill intent could come up with some really juicy info. To top it all off, since this was a web site that was available to the public, the contents of these documents were picked up by Google’s webcache bots. So a simple Google search could uncover this info.

All of this sounds like to me the Nova Scotia Government really screwed up here. So when this teen came to their attention, I am guessing that they used this as an opportunity to cover up their stupidity by dropping the hammer on this teen. I say that because according to the teen, 15 cops showed up at his house.

I seriously doubt that this teen is a serious enough threat to public safety that it requires 15 cops to arrest him.

Now privacy watchdogs announced they were starting a probe into this gong show, including investigating whether or not the portal and its information was properly secured. I for one hope that the right heads roll when that’s completed. As in the people who were behind this stupidity. As for the teen behind this, while I don’t claim that he’s innocent, he’s no 1337 h4x0r with mad skillz that’s out for epic pwnage either. Hopefully when all is said and done, common sense will prevail and he’ll just get a slap on a wrist and a life lesson that will encourage him to not do this again.

Advertisements

One Response to “Nova Scotia Teen Gets Charged With Pwning Gov’t Website…. But I Think He’s A Scapegoat For Gov’t Incompetence”

  1. […] appears that there is common sense in the world as news is filtering out that a teen in Nova Scotia who was arrested last month for figuring out how to mass download freedom of i…, effectively pwning the site, have been […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s

%d bloggers like this: