
Infosec ethics in zero days, exploits and attribution - santaragolabs
https://anvilventures.com/blog/zerodays_exploits_attribution.html
======
cody8295
I was working for a tech support/student financial aid support center for a
couple months and was fired for finding and using an exploit.

It was getting close to Thanksgiving and all the employees had to do state
mandated online ethics training (this was a Connecticut state job).

The online ethics training was honestly bullshit, it was poorly designed and
even more poorly implemented. Some slides wouldn't load fully and others would
be buggy. I had to restart it about 3 times.

In my frustration I looked into the source code for shortcuts and found a
javascript file which included a function called SetScore(min,max,val).

After opening Chrome dev console and trying the function, I exited the
training and refreshed to see a score of 100!

I immediately emailed my managers, and the admin of the site where the
training was being hosted. 2 weeks later I got a call that I was terminated.

