All Things Considered
Yesterday, NPR talked with Dean Schmalensee of MIT Sloan about the entire 'hacking' issue. He came out saying that the 'hackers' who did this were essentially 'breaking and entering' a locked room. I have to say, I was pretty enraged. Now, my interest in the issue is not so much around the ethical debate as it is on the 'hacking' part. I wrote a long hard letter to NPR protesting their passivity in accepting what he said without questioning him. 'Are the powerful to be so trusted with their word?', I wrote in the heat of that moment.
I got an email earlier today from them asking for my real name and city/state so they could read from my letter in a follow-up segment today. After some thought, I replied back that I did not wish for my real identity to be declared on-air(given that in my email I had also pointed to my blog and asked them to look at what really was done). This goes against their practices so my letter went unread. No issues, I was just glad that they noticed.
I tuned into the show and what was cool was that they did read from another listener who basically said the same thing. So, NPR being the reasonable entity they are, brought in their in-house networking guru and asked him to explain what was actually done. Then the question was asked if this could be characterized as a 'hack'. In his opinion - no way Jose. What happened was nothing but some very sloppy software on AY's part.
Zach was right on the money with his prediction on how this thing would play out. In the last day or so, more tech-savvy voices have emerged with almost universal condemnation of the characterization of this incident as a 'hack'. Mind you, they are divided about the ethics issue, but since the entirety of HBS/MIT's position lies on a criminal 'hack' being committed, any weakening of this argument could affect the sentence handed down.
For those who still have any interest left in the story:
* Philip Greenspun, a CS professor at MIT, wrote his now-famous post on Business Schools redefining hacking to "stuff a 7-year old could do".
* blogdex.net, an MIT project that tracks what it calls 'the most contagious information currently spreading in the weblog community', lists both Greenspun's commentary as well as the actual steps archived on this blog in the Top 20.
* Orin Kerr covered the issue on The Volokh Conspiracy. In that piece, he writes: I am fairly confident that no court would hold defendants criminally liable under them for visiting a public site in the way they did.
* Brian D Foy wrote a bang-on-target piece over at O'Reilly (the tech guys, not the fox guys) titled Not Linking is Not Security
* Tim Jarrett, an MIT Sloan alum, while defending the response of the schools, writes: ApplyYourself’s system doesn’t appear to meet even minimal standards for securing the sensitive information with which it is being entrusted.
* About 3hours and 3minutes ago, MSNBC got into the act with their own blogger. Writing on Prof. Greenspun's comments about the 7-year olds, he says: Literally. I mean, I could hack it.
* A few hours ago, Anurag Jain, a PhD student at IIM, Bangalore had an interesting observation on his blog covering the issue. Apparently the IIM's had an almost similar issue last year. In their response, the director said: "During this testing, conducted on Monday for about two hours, if anybody has access to the IIM (A) website link and the web address to get the results in specific,....they can see the results simultaneously....it cannot be called breach." He continued: "However, what we did not do and should have done is change the web address. We retained last year's even during the testing period".
* Freedom to Tinker " ... is your freedom to understand, discuss, repair, and modify the technological devices you own".
* Rogers Cadenhead opines on the issue, saying: "Incidents like these make me wonder how anyone can argue that modifying a URL is inappropriate, much less compare it to breaking in to a computer system.If you make something available at a URL, you've invited the world to view it"
* Over at TechDirt, Mike writes: "It's a "cheap" way for them to appear tough on ethics -- when the lesson we're really learning is that publicity concerning how strong you are on ethics trumps an actual look at the ethics of the situation."
* The Harvard Crimson, which was the first on the scene labeling the applicants as 'hackers' has today published an opinion, leading with "HBS applicants are being sacrificed to fix the business world’s ethics problem."