"I will setup a a honey pot/trap/perform an SQL injection on a website then go to the people in charge and explain the vulnerability" is an incredibly stupid thing to do.
I think it shows an immature understanding on how large bureaucratic organizations work. In either way he might learn pretty soon. Depending on the incentive structures and their emergent effects they won't act rationally. He can be seen as trying to test vulnerabilities to exploit them. He might have broken some law he doesn't know about and someone is looking for a case to work on and might take it. He might be perceived as someone to be made an example of to discourage these things in the future. Etc etc...
I think there is a good chance he will be charged with fraud or a crime and the fact that he wasn't is surprising.
2 comments
[ 3.3 ms ] story [ 16.3 ms ] threadI wouldn't be so confident.
I think it shows an immature understanding on how large bureaucratic organizations work. In either way he might learn pretty soon. Depending on the incentive structures and their emergent effects they won't act rationally. He can be seen as trying to test vulnerabilities to exploit them. He might have broken some law he doesn't know about and someone is looking for a case to work on and might take it. He might be perceived as someone to be made an example of to discourage these things in the future. Etc etc...
I think there is a good chance he will be charged with fraud or a crime and the fact that he wasn't is surprising.