From [Workbench]
Harvard Hacked at URL Guessers. Ed Felten offers an interesting analysis of the legal and technical implications of the Harvard Business School URL-hacking incident.
More than 100 applicants to the school have been summarily rejected because they changed fields in a URL to see if they had been accepted, learning about the technique from weblogs or message boards.
Felten believes the school's punishment is extreme:
I might feel differently if I knew that the applicants were aware that they were breaking the rules. But I'm not sure that an applicant, on being told that his letter was already on the web and could be accessed by constructing a particular URL, would necessarily conclude that accessing it was against the rules.
Incidents like these make me wonder how anyone can argue that modifying a URL is inappropriate, much less compare it to breaking in to a computer system.
If you make something available at a URL, you've invited the world to view it. Harvard should be dropping the hammer on ApplyYourself, the company whose poor programming revealed admission decisions prematurely, not on these hapless applicants.
Update: One of the peeking applicants said knowing early about his rejection helped him pursue another school before it was too late. [Workbench]
11:01:04 AM  ;
|
