Alex Bruner -
InconsiderateSerra - Here I have an honest persona. In my professional life I play an act, because it is required. I need to know if there is even a hypothical chance that someone could link the two through this breach. These arguments are like saying "if you didnt want to get raped you shouldnt have been wearing Yoga Pants."
So it sounds like he dumped the DB so he probably had access to whatever information you voluntarily entered into the webform.
When you enter information into a webform, it goes into a database. If that database is ever breached, the information you entered is then 'out there'. If you have information you don't want 'out there', THEN DON'T PUT IT INTO WEBFORMS BECAUSE EVENTUALLY, SOMEONE IS GOING TO GET IN. If The Department of Defense, CIA, NSA and FBI cannot keep their sites secure, what makes you think MixedMartialArts.com stands a chance?
For all the people squealing about data breach laws, bone up on how laws work. Those laws are based on definitions and unless he got names and CC or SS numbers, nothing here rises to meet that statutory threshold. Likewise, FEDERAL CRIME!>Q#1!!!1! has a fuckton to do with whether or not Kirik has a good deal of spare time in his future to spend working as a witness on a case that may not have resulted in any injury outside the realm of 'hypothetical' and ultimately, won't get charged or brought before a GJ.
I'm not vulnerable to any of this, have no reasons to 'kiss his ass' whatsoever but I *have* been in the position of needing a competent security tester who wasn't out to fry me for the sport of it or rip me off. Blackhats mostly worthless in legal business, whitehats are usually bush league amateurs.
Guys like this who may pull occasional pranks but have a deep skill set and no ill will are immensely useful to have on your side. Its unfortunate that they occasionally cause butthurt and rustled jimmies in the process of doing what they do but the hysterical overreaction is based on ignorance of tech, ignorance of laws, ignorance of what role you play in your own security... basically people clinging to any ignorant branch on the dumb-ass tree to elevate their sqwaking.<br /><br />A lot of STFUs need to be doled out here. <br />If this kid wanted to burn you down, believe me, he would have. It happens every day, that isn't what happened here.
No, its more like saying "Parking your $4000 bicycle in downtown Chicago without a lock will likely result in your bike being stolen"
There's ideology, then there's how shit works in the real world.
All the fear and hysterics doesn't change the fact that he brought this to their attention, even if he socked DFWs account for the lulz.
You people are so fucking naive to how this shit goes down when the cracker has malicious intent. Hint: It looks nothing like this.
Watch this, faggots.
He just handed this site their left shoe.