Home opinion-and-analysis Open Sauce Kid who found PTV website flaw deserves a medal

Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Kid who found PTV website flaw deserves a medal Featured

Subscribe now and get the news that matters to your industry.

* Your Email Address:
* First Name:
* Last Name:
Job Function:
Australian State:
Email marketing by Interspire
weebly statistics

Sixteen-year-old Joshua Rogers should be given a medal and a financial reward for having found out that the website of Public Transport Victoria was poorly built, to the extent that it could reveal the personal details of users.

Instead of that, the authorities are trying to give the lad a criminal record. That will certainly encourage young, curious minds, the future of this country, to push the boundaries and find out things which can benefit the public.

What did the kid do? According to reports, he found a weakness in the website of Public Transport Victoria. Did he try to profit from it? No, he contacted as many people in PTV using their email addresses which he obtained from LinkedIn and told them about it. It was only on January 6, after Rogers had spoken to a reporter and that reporter contacted PTV for their take on the matter, that someone responded to his email.

And then PTV upped the ante by reporting the matter to the police. Way to go, PTV.

By the way, this is the same PTV that has given Melbourne its half-arsed myki ticketing system at a cost of well over a billion dollars - when the technology for an off-the-shell system like London's Oyster or Brisbane's Go card could have been purchased for less than a third of that amount.

It is probably too much to expect such an organisation to react in a logical manner. It is bothered only about one thing - its public image. After all that it has done, the organisation is now little more than a joke.

Year after year, when Australians hear of kids from other countries finding out things that lead to the creation of companies which yield enormous value to the exchequer, they cry themselves hoarse and complain that initiative is never rewarded in this country. They are right to do so.

But when they hear of kids like Rogers, who are undoubtedly brainy in one direction, kids who can be top-notch security experts if they were sent to the right people for training, what do they do? They stay silent.

The bureaucratic mind can conceive of only one response in cases like this: generate enough fear so that the next some crud company builds a website that has holes big enough to drive a truck through and a curious teen finds out, he or she will keep their mouths shut.

After all, the reputation of said company is more important that data security, isn't it?

Linus Torvalds, the creator of the Linux kernel, was a nerdy teen too. If his parents had ferreted him out so he could indulge in so-called wholesome activities, we would never had a kernel which today is probably running some device or the other in at least one house out of 10 in practically every country on the face of the earth.

Steve Wozniak planned most of the material that went into building the Apple I during his office hours at HP. Finally, when he was ready to build it in actuality, he told the company what he had been doing and asked if they would like to market it. What was HP's response? Did they try to sue Wozniak for doing his own work on company time? Did they seize all his material and call in the police?

One can call HP foolish for not deciding to take advantage of Wozniak's honesty and fund the creation of what has become the most valuable technology company on the face of the earth. But did they tie him up in legal issues because he had developed something on company time, something he was not supposed to do? Did they fire him? The answer is a big NO.

Teens, by nature, are curious. They experiment with everything - and so they should. If they do not, Australia will end up building a nation of morons, who can only act like robots, who look for precedent to justify everything they do.

Australia is well on the way to justifying the label of being anything but the clever country. Dumb would be a better description. Only that can account for the fact that it is American journalists who have taken up cudgels on behalf of Rogers.

The next time a curious kid finds a vulnerability in the website of a big company, what should he or she do? Try to do the right thing as Rogers did? Or make a quick buck by informing one of the hundreds of thousands who make a living by selling data of this kind?

The police, politicians and bureaucrats should seriously consider what kind of message they are sending to the next generation by their actions in the Rogers case. And half-educated consultants who are spreading fear, uncertainty and doubt about Rogers would be well-advised to think before opening their big mouths.


Don't let traffic bottlenecks slow your network or business-critical apps to a grinding halt. With SolarWinds Bandwidth Analyzer Pack (BAP) you can gain unified network availability, performance, bandwidth, and traffic monitoring together in a single pane of glass.

With SolarWinds BAP, you'll be able to:

• Detect, diagnose, and resolve network performance issues

• Track response time, availability, and uptime of routers, switches, and other SNMP-enabled devices

• Monitor and analyze network bandwidth performance and traffic patterns.

• Identify bandwidth hogs and see which applications are using the most bandwidth

• Graphically display performance metrics in real time via dynamic interactive maps

Download FREE 30 Day Trial!



Where are your clients backing up to right now?

Is your DR strategy as advanced as the rest of your service portfolio?

What areas of your business could be improved if you outsourced your backups to a trusted source?

Read the industry whitepaper and discover where to turn to for managed backup


Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.