

Business schools redefine hacking to “stuff that a 7-year-old could do” (2005) - asciilifeform
http://blogs.law.harvard.edu/philg/2005/03/08/

======
mscarborough
Misleading headline, particularly the quotes. In this article no school said
any such thing, only the author in creating an analogy.

Synopsis: Business schools outsource their student application web app, said
web app has bug that allows students to change GET parameters and see their
acceptance status early. Exploit is posted to BusinessWeek forums, and at
least some of those students who tried the hack were denied admission to
Harvard.

~~~
quizbiz
Harvard != MIT

~~~
scott_s
The students were denied admission to Harvard. MIT came up because the author
supervised MIT students creating an application with similar requirements.

------
nopal
_As progressively dumber programmers build progressively more complex systems
we will see more of this kind of attempt to paper over coding mistakes with
lawyers, sanctions, policies, and laws._

How very true.

~~~
asciilifeform
And this would have been the submission title, too, if it weren't for the
nonsensical 80-character limit.

------
dschobel
Odd choice for the headline. I think the much more choice quote from Greenspun
is this:

 _All the smart young Americans have gone to law, business, and medical
school. Companies don’t like to hire old people ( > 30 years) to write
computer programs because it saddens them to see old folks doing something so
degrading._

(he's attributing this mentality to the HBS lot)

I'm seeing this a lot now that I've gotten into development in the financial
industry.

I think for some people developers will always be inseparably tied to the
stereotypical unkempt and petulant tech-support guy who troubleshoots Windows
boxes all day.

It's not a particularly well-respected profession unless you're doing the
start-up thing in which case you're only respected because of the business
aspect (and your potential to become a millionaire by 30), not the cool/hard
things you may doing on the technology side.

------
zain
Note, this article is from March 2005.

------
aptimpropriety
One of the more interesting parts of the college application process (there
weren't many) was comparing the websites of top-tier schools. Echoing what the
writer said - it's amazing how poor the structure, workflow, security and
general design the web systems of these schools with $X-billion endowment are.

MIT stood out as an exception; the rest I dealt with were par at best. Fast
forward two years - I now attend an ivy league school with what I would
consider a laughable website and data storage system.

"You must close your browser to log out of the system" - I don't even have to
probe to know it's bad.

------
mquander
Top-tier schools already admit students based on a lot of fairly arbitrary
criteria, so it doesn't seem like a very big deal to add "does not tinker with
school-related web applications" onto the Harvard list.

~~~
gaius
That is particularly arbitrary considering how many HBS grads were discovered
to have been involved in finance scams recently.

------
edw519
"Instead of students studying Literature, Art, History, and Science they would
be going through the motions of a scholar while occupying their minds with
things that formerly had been learned at a desk as an apprentice in a dreary
Victorian counting house."

Wow, that may be the best description of the concerns of the MBA I've ever
read.

I have my MBA and, to this day, I still don't know how I feel about it. Sure,
it covered a lot of valuable theory and it's opened doors, but then again I
often wonder if the time would have been better spent in industry, honing my
skills in the trenches.

The #1 quote I remember from one of my professors, "A degree in business is a
degree in nothing."

~~~
sbt
Sure. I think it's accepted that you go to business school to network with
students with rich parents. A friend of mine applying said that if she didn't
get into any of the top 5 programs, it wasn't worth going.

~~~
jraines
Friend of mine went to one that's around #25. His offer coming out was $35K
more than the job he left to attend the program full time. And he moved fields
from one he didn't like (healthcare) to one he did (marketing). No rich
parents involved. Sample size of 1 FTW!

~~~
antiismist
Is that really a win though? Your friend is out two years worth of income +
considerable debt to make an extra 35K after two years.

~~~
zackattack
35k a year adds up pretty quickly. Salary acceleration is also likely to be
increased.

~~~
jraines
I agree, especially with the first point. Also, though the program was a lot
of work, two years of being back in a college environment is pretty cool for
most people (from the people I've met in this program, it's not like the
typical ennui- and angst-ridden experience you usually see other types of
graduate school portrayed as -- although I guess it would be if you're going
into it because you've got no other ideas, i.e. grad school as "the snooze
button on the alarm clock of life")

------
notirk
I'm guessing this bug was fixed, but I applied to b-school this summer
(starting part-time in the fall) and ApplyYourself was used for a few of the
schools I applied to (NYU Stern, Fordham, NYU-Poly). From a front end/end user
interaction point of view, it did not strike me as a well made system. I'm
more an IT guy and not a programmer but I know a shoddy website when I use
one. I applied to multiple programs at one school and the information could
not be shared, it actually lost one of my applications at one point.

------
omnipresent1
I wonder how ApplyYourself found out which students took a peek? Were they
dumb enough not to implement access at the Gatekeeper level but smart enough
to some how keep a track, if someone did?

~~~
mquander
It seems probable that they just looked at the BusinessWeek forums on which
the exploit was posted, and denied the applicants who they saw discussing it.

~~~
omnipresent1
If thats the case, its very unreliable. Denying admission based on a post on a
forum...gotta love the digital age.

~~~
mquander
In an age when many employers seem happy to deny employment based on social
networking profile posts and pictures, I suggest that it might teach them an
important lesson about the presence of foolish people in positions of power.

------
lallysingh
Huh, if they were disqualifying students for modifying URLs, I wonder how hard
it'd be to scan the results for _all_ students applying.

------
buugs
I thought the fandango thing was pretty much fair game as that is one of the
first thing people learn, or should learn, about web scripting is what can be
controlled by the browser versus controlled by the server.

And in a perfect world the programmer would have made up the price lost not
the theatre nor fandango.

------
pguerin
hahaha this reminds me of a discussion I just had today with a student at the
business school of my university. He was pissed off at the "IT people" because
they know nothing about management and never finishes on time their projects.
The way he talked to me was as if it was all our fault and that we were simply
lazy. He was agressive to me even if he never worked with me and told me to
check the "new york" methodology and the "ITIL" best practices for doing IT
services. I haven't found them on google, does someone know anything about
that?

It's great to live in a world where management loves and respect us! A world
where they try to understand what is hard about software development instead
of thinking about how much time it takes to "place a button there" :)

~~~
whatusername
ITIL is pretty standard for managing IT Infrastructure. So standard in fact
that <http://www.google.com.au/search?q=itil> maybe returns 1 result that
isn't about ITIL in the top 50.

If you can't google for something as basic as that - then maybe the bus. guy
was right about you being lazy.

~~~
qohen
FWIW, Google.com has the Wikipedia link up top:
[http://en.wikipedia.org/wiki/Information_Technology_Infrastr...](http://en.wikipedia.org/wiki/Information_Technology_Infrastructure_Library)

Though it is interesting to see that ITIL originated in the UK, which might
explain why not everyone has heard of it.

BTW, here's an article from '05 describing ITIL use in the US (and ITIL's
history): <http://www.govtech.com/gt/articles/95672>

~~~
daleharvey
My first job out of uni was developing itil training software.

It was soul sucking.

I am in the UK, but hadnt heard of ITIL prior to the job, noone I know that
can program has heard of it, I occasionally meet some business guys that have
though.

~~~
whatusername
True. It's not a Programming standard - as it is a way to manage IT
Infrastructure which should be HW/SW/staff/etc to promote the goals of the
business.

Remember everyone - there's a whole world of companies out there who don't
know or care what AJAX or Python or Ruby is. They want to make the stuff they
need to make, server their customers, and use computers as what they really
are - a tool that should make stuff easier - not harder. (And it's in those
industries that there is a lot of opportunity).

Oh - and don't take this as a post glorifying ITIL.. I think it's overdone and
too verbose for an awful lot of companies.. (what do you expect coming out of
a gov dept.) What I haven't seen is much of an alternative.

------
Cecil
Slashdot thread:
[http://slashdot.org/article.pl?sid=05/03/08/2341213&tid=...](http://slashdot.org/article.pl?sid=05/03/08/2341213&tid=172&tid=146)

------
keefe
title = troll, rtfa

------
tezza
_Hacking :: stuff that a 7-year-old could do_

Wow, Python makes it that easy! _( just a quick laugh )_

