Skip to content
ADVERTISEMENT
Sign In
  • Sections
    • News
    • Advice
    • The Review
  • Topics
    • Data
    • Diversity, Equity, & Inclusion
    • Finance & Operations
    • International
    • Leadership & Governance
    • Teaching & Learning
    • Scholarship & Research
    • Student Success
    • Technology
    • Transitions
    • The Workplace
  • Magazine
    • Current Issue
    • Special Issues
    • Podcast: College Matters from The Chronicle
  • Newsletters
  • Virtual Events
  • Ask Chron
  • Store
    • Featured Products
    • Reports
    • Data
    • Collections
    • Back Issues
  • Jobs
    • Find a Job
    • Post a Job
    • Professional Development
    • Career Resources
    • Virtual Career Fair
  • More
  • Sections
    • News
    • Advice
    • The Review
  • Topics
    • Data
    • Diversity, Equity, & Inclusion
    • Finance & Operations
    • International
    • Leadership & Governance
    • Teaching & Learning
    • Scholarship & Research
    • Student Success
    • Technology
    • Transitions
    • The Workplace
  • Magazine
    • Current Issue
    • Special Issues
    • Podcast: College Matters from The Chronicle
  • Newsletters
  • Virtual Events
  • Ask Chron
  • Store
    • Featured Products
    • Reports
    • Data
    • Collections
    • Back Issues
  • Jobs
    • Find a Job
    • Post a Job
    • Professional Development
    • Career Resources
    • Virtual Career Fair
    Upcoming Events:
    Hands-On Career Preparation
    An AI-Driven Work Force
    Alternative Pathways
Sign In
Wired Campus circle logo

Wired Campus

The latest on tech and education.

Student, Expelled After Finding Security Flaw in College Network, Clashes With Administrators

By Jake New January 25, 2013
Photo by Martin Reisch.
Photo by Martin Reisch

A Montreal student who was expelled after discovering a security flaw in his college’s computer system is now engaged in a public war of words with the administration, as he tries to persuade it to remove the expulsion from his academic record.

To continue reading for FREE, please sign in.

Sign In

Or subscribe now to read with unlimited access for as low as $10/month.

Don’t have an account? Sign up now.

A free account provides you access to a limited number of free articles each month, plus newsletters, job postings, salary data, and exclusive store discounts.

Sign Up

Photo by Martin Reisch.
Photo by Martin Reisch

A Montreal student who was expelled after discovering a security flaw in his college’s computer system is now engaged in a public war of words with the administration, as he tries to persuade it to remove the expulsion from his academic record.

Hamed Al-Khabaz, 20, said he found what he suspected was a vulnerability in the system at Dawson College in September, while he and another computer-science student were working on a mobile app. The system, called Omnivox, is used by nearly 100 colleges and more than 200,000 students in Canada.

When the pair began prying into the flaw, they received an e-mail from the college’s information-technology department, explaining that they needed permission to run the software they were using on the system. After e-mailing back to ask for consent, Mr. Al-Khabaz said, they never received a response. A month later, they decided to explore the issue further, this time without the help of software.

ADVERTISEMENT

“We found a vulnerability that involved students’ Social Security numbers, grades, and addresses,” Mr. Al-Khabaz said. “We immediately told the college, and they decided to have us meet with them.”

At that meeting, the two students demonstrated the problem for college administrators using a test server. They were thanked for their efforts, Mr. Al-Khabaz said, and he left his phone number, explaining that there were other vulnerabilities that needed to be dealt with.

“These flaws could let someone ban users from logging in or see anybody’s address in a class,” he said. Two days later, he used the test server to see if the problems had been fixed, and was pleased to see that they had.

Then the phone rang. It was Edouard Taza, president of Skytech Communications, the maker of Omnivox. He accused Mr. Al-Khabaz of launching a cyberattack against the system and threatened legal action, Mr. Al-Khabaz said, but he seemed appeased after the student said he had no malicious intent and signed a nondisclosure agreement.

“So I thought everything was fixed,” Mr. Al-Khabaz told The Chronicle. “But then Dawson decided to expel me.”

ADVERTISEMENT

The college met with Mr. Al-Khabaz and asked 15 professors in the computer-science department to decide his fate. Only one professor voted against expelling him, and that professor, Mr. Al-Khabaz said, was the only one of the 15 who had met with him before voting.

He was expelled on November 14, and a note was added to his academic record indicating that he had been dismissed for unprofessional conduct. In the following months, he twice appealed his expulsion, without success.

This week, working with the Dawson Student Union, Mr. Al-Khabaz began talking with reporters at news outlets including the Canadian Broadcasting Corporation and the National Post. Other news media picked up the story, and Dawson, which had declined to comment at first, citing privacy concerns, responded.

“He was expelled for other reasons,” the college said. “Despite receiving clear directives not to, he attempted repeatedly to intrude into areas of college information systems that had no relation with student information systems.”

Mr. Al-Khabaz said that he had received no such directives, apart from the original e-mail in September, and that he had been upfront with the college about his actions.

ADVERTISEMENT

Ken Fogel, chair of Dawson’s computer-science department, has compared the student’s actions to breaking into a house.

“He thinks it’s only his house,” Mr. Al-Khabaz said in response. “That house also has my information and my whole life stored there, and I’ve been in that house the last two years.”

Because of the continued tension with Dawson, he said, he was no longer sure that he would return even if his expulsion were lifted. His goal now, he said, was to remove the expulsion from his record and have his grades reinstated. He said he was afraid that the mark on his record would make it difficult for him to attend a different college or get a job.

On the other hand, since taking his story to the news media, Mr. Al-Khabaz said, he had received at least 10 job offers—and a scholarship from Skytech.

We welcome your thoughts and questions about this article. Please email the editors or submit a letter for publication.
Share
  • Twitter
  • LinkedIn
  • Facebook
  • Email
ADVERTISEMENT
ADVERTISEMENT

More News

Hoover-NBERValue-0516 002 B
Diminishing Returns
Why the College Premium Is Shrinking for Low-Income Students
Harvard University
'Deeply Unsettling'
Harvard’s Battle With Trump Escalates as Research Money Is Suddenly Canceled
Photo-based illustration of a hand and a magnifying glass focusing on a scene from Western Carolina Universiy
Equal Opportunity
The Trump Administration Widens Its Scrutiny of Colleges, With Help From the Internet
Santa J. Ono, president of the University of Michigan, watches a basketball game on the campus in November 2022.
'He Is a Chameleon'
At U. of Michigan, Frustrations Grew Over a President Who Couldn’t Be Pinned Down

From The Review

Illustration showing a valedictorian speaker who's tassel is a vintage microphone
The Review | Opinion
A Graduation Speaker Gets Canceled
By Corey Robin
Illustration showing a stack of coins and a university building falling over
The Review | Opinion
Here’s What Congress’s Endowment-Tax Plan Might Cost Your College
By Phillip Levine
Photo-based illustration of a college building under an upside down baby crib
The Review | Opinion
Colleges Must Stop Infantilizing Everyone
By Gregory Conti

Upcoming Events

Ascendium_06-10-25_Plain.png
Views on College and Alternative Pathways
Coursera_06-17-25_Plain.png
AI and Microcredentials
  • Explore Content
    • Latest News
    • Newsletters
    • Letters
    • Free Reports and Guides
    • Professional Development
    • Virtual Events
    • Chronicle Store
    • Chronicle Intelligence
    • Jobs in Higher Education
    • Post a Job
  • Know The Chronicle
    • About Us
    • Vision, Mission, Values
    • DEI at The Chronicle
    • Write for Us
    • Work at The Chronicle
    • Our Reporting Process
    • Advertise With Us
    • Brand Studio
    • Accessibility Statement
  • Account and Access
    • Manage Your Account
    • Manage Newsletters
    • Individual Subscriptions
    • Group and Institutional Access
    • Subscription & Account FAQ
  • Get Support
    • Contact Us
    • Reprints & Permissions
    • User Agreement
    • Terms and Conditions
    • Privacy Policy
    • California Privacy Policy
    • Do Not Sell My Personal Information
1255 23rd Street, N.W. Washington, D.C. 20037
© 2025 The Chronicle of Higher Education
The Chronicle of Higher Education is academe’s most trusted resource for independent journalism, career development, and forward-looking intelligence. Our readers lead, teach, learn, and innovate with insights from The Chronicle.
Follow Us
  • twitter
  • instagram
  • youtube
  • facebook
  • linkedin