A university student faces criminal charges for exposing a school security flaw:

“A Carleton University student is facing criminal charges, accused of stealing user names, passwords, financial information and other data from 32 other students to expose security flaws in the university’s student card system.

Mansour Moufid, 20, is charged with mischief to data and unauthorized use of a computer, Ottawa police said Thursday in a release.”

link: Alleged Carleton hacker faces criminal charges

The means by which the security flaws were exposed are characteristic of a sophisticated hack. There is the malicious software – and the keystroke recordings. The argument is that the data gathered were not used in an exploitive manner. The security issue was revealed to the university and the victims by the hacker.

It is the ‘means-justify-the end’ argument. Is this hacker a criminal?

Catherine Forsythe