Harvard Rejects B-School Applicants for Backspacing
Harvard Rejects Applicants It Says Hacked (Reuters-Boston Globe)
Harvard Business School said on Tuesday it is rejecting applications from 119 would-be students who it says hacked into a Web site to learn if they were accepted at the Ivy League university ahead of the official notification. “This behavior is unethical at best — a serious breach of trust that cannot be countered by rationalization,” Kim Clark, dean of Harvard Business School, said in a statement. “Any applicant found to have done so will not be admitted to this school.”
Harvard said 119 applicants had hacked into Virginia-based ApplyYourself, a company that manages Web pages used by students to apply to roughly 300 different universities. “We know that 119 applicants hacked into the system — and we know their names,” said Jim Aisner, a spokesman for Harvard Business School.
Aisner declined to comment on how many of the 119 applicants would have been accepted at the school had they not broken into the ApplyYourself Web site.
Hooray for Harvard for it’s commitment to ethics, right? Not so fast. Philip Greenspun gives a rather thorough breakdown of the nature of the “hacking” involved here:
- The ApplyYourself code had a bug such that editing the URL in the “Address” or “Location” field of a Web browser window would result in an applicant being able to find out his admissions status several weeks before the official notification date. This would be equivalent to a 7-year-old being offered a URL of the form http://philip.greenspun.com/images/20030817-utah-air-to-air/ and editing it down to http://philip.greenspun.com/images/ to see what else of interest might be on the server.
- Someone figured this out and posted the URL editing idea on the BusinessWeek discussion forum, where all B-school hopefuls hang out and a bunch of curious applicants tried it out.
So, essentially, the students are being denied entrance to business school for the crime of . . . backspacing?