[mappum]

While Hamed was honorable and didn't try to abuse his exploits, I think it is a stretch to say "Hamed helped". I doubt he tried to get into the data for the purpose of helping make it more secure, it is more likely that he just had the "hacker drive", where he just wanted the challenge of beating a system.

[arcatek]

If I'm not mistaking, he discovered the vulnerability while developing an app for its university, then he sent it to the system administrators.

His troubles began when he checked later if the security hole was still opened.

[anonymouz]

According to the expulsion letter (linked somewhere in his thread) he only reported the issue after he was detected and his access was blocked. That doesn't prove either sides version but shows why one should get authorization before attempting such a thing. After getting caught anyone can say that they were just trying to help.

[noibl]

The letter says no such thing. I don't know why you've taken the trouble to post this falsehood twice in a short thread.

http://news.ycombinator.com/item?id=5096170

[mappum]

Ah, so that means he wasn't even really "hacking". But I still think it is weird that the site calls it him "helping".

[rurounijones]

Basically he did something he shouldn't have/ He Scanned them again after reporting the bug to "see if they had fixed it" (per his claims).

It seems like he had no malicious intent (At least I believe him) but his school and the vendor basically went nuclear on him.