Student expelled from Dawson College for exposing security flaw – Global National Interview

 

Student expelled from Dawson College for exposing security flaw He’s getting job offers from computer software companies — including one  whose security flaw he found while rooting around in Dawson College’s system.

“I think I’ll move on,” Al-Khabaz said Tuesday, adding he enjoyed attending  Dawson College until he

was kicked out in November.

“I’ll take one of those job offers I’ve got and I’ll apply to another English  (junior college) in September.”

Al-Khabaz says he has been offered employment by the president of Skytech  Communications, which provides the software for Dawson’s system. Another 10 or  so offers are also on the table.

A Skytech spokesman was not immediately available for comment.

Al-Khabaz, 20, became persona non grata at Dawson after discovering a major  security flaw in the school’s computer system while working on a class  project.

At a news conference on Tuesday, Dawson director-general Richard Filion  acknowledged Al-Khabaz had found the flaw but said he was expelled after he  repeatedly tried to gain access to areas of the college information system where  he had no authorization.

Filion said the student was kicked out because he breached the college’s code  of professional conduct.

“Dawson College has the responsibility to instil the principles of proper  conduct in the workplace so that employers hiring our graduates know they are  responsible citizens and qualified workers who understand how to behave in a  professional environment,” Filion said.

Francois Paradis, the college’s director of information services, said  Al-Khabaz was warned after being sighted twice in Dawson’s system before he  reported the computer flaw. Paradis said Al-Khabaz was spotted again after being  told about limitations on tests he could conduct after finding the flaw.

Dawson said it was speaking out because of what it called inaccuracies in a  media barrage in the last 24 hours that has seen Al-Khabaz gain support from  students beyond Montreal.

In Ottawa, Adam Awad, national chairperson of the Canadian Federation of  Students, accused Dawson of being more interested in protecting its own image  than guarding students’ personal data.

“The administration chose to punish the whistle-blower in hopes that the  problem would quietly go away,” Awad said as he called for Al-Khabaz to be  reinstated.

Filion said Dawson considered pushing for criminal charges against Al-Khabaz  but the institution decided to deal with the matter on an academic level and  leave any further action to Skytech.

Speaking to reporters after Dawson’s news conference, which he attended as a  member of the audience, Al-Khabaz rejected the college’s version of events. He  said it concentrated on “the negative stuff.”

“I was just scanning the software because I was scared for our data,” he  said.

The student said he also asked for permission to do the later scan when he  was told he was not authorized to carry out the task.

He said he had three meetings with college officials and explained what he  was doing.

“I really wanted to help,” said Al-Khabaz.

He rejected the college’s characterization of his activity as an attack,  calling the allegation “false.”

“A smart man would hide his identity if he was going to do that,” he said,  pointing out he never tried to conceal who he was or cover his tracks.

 

Terry Cutler

Terry Cutler

Founder and Chief Technology Officer at Digital Locksmiths, Inc.
Terry Cutler is the founder of Digital Locksmiths, Inc. - an IT security and data defense firm based in Montreal - and serves as the company's Chief Technology Officer. Terry is a Certified Ethical Hacker who has learned the mindset of hackers and trained in the techniques of "the bad guys" who seek to do harm to corporations and individuals alike.He is responsible for staying on top of the latest trends in cybersecurity and being an advocate for best practices in the identification and eradication of vulnerabilities that leave the customers of Digital Locksmiths susceptible to the most dangerous threats.Another one of Terry's roles is to be a thought leader for Digital Locksmiths by sharing his expert insights about effective digital security strategies and countermeasures through his writings, speaking engagements, and media interviews.

Connect with Terry on Google +
Terry Cutler