Computer Science

we are 2 persons in the same class so we need difrent answer for each of us please and dont be late 

we need it on sunday at 5PM please and we need a good answer and for each qusition at les 7 senenc

There is an ongoing debate about Responsible Disclosure. Is it ethical (or legal) to report a vulnerability in a computer system or website? If a "White Hat Hacker" reports a vulnerability to the owner of the website, he might get in trouble. ReadBreach case could curtail Web flaw finders <Alternate link>(note that you must read all three linked pages--the alt link has them all together) and answer the following questions:

1. Eric McCarty found a flaw in the USC website. What danger did this vulnerability pose, and to whom?
2. Was McCarty's action malicious? Did it cause harm to USC?
3. Discovering the vulnerability was not itself illegal. What did McCarty do that was illegal? Why did he do it? Be specific.
4. A conviction in this case would likely discourage other security researchers from reporting security vulnerabilities to websites. How could this effect affect the security of the Web? Explain. (4 points)

Resources:

http://www.securityfocus.com/news/11239

http://xkcd.com/341/

http://www.cs.csubak.edu/~steve/sci350b/breachcase.html

http://www.securityfocus.com/news/11389/1

https://www.schneier.com/blog/archives/2011/05/new_siemens_sca.html

http://www.wired.com/news/technology/infostructure/1,69488-2.html

http://www.wired.com/news/columns/circuitcourt/1,70857-0.html

http://www.cerias.purdue.edu/site/blog/post/reporting-vulnerabilities-is-for-the-brave/

http://www.securityfocus.com/brief/191