Comment by treszkai

These devices were unsecured for a reason: there wasn't money to hire competent people who would make all services secure.

Finding a vulnerability in the grade tracking system is much different than in IPTV: the first can have real-life implications, the latter only gives the attacker bragging rights. Only students would benefit from hacking IPTV (for funsies), but patching it requires funds nonetheless, and then further effort from staff when the default user/pass doesn't work. And then we complain about the hidden costs of low-trust societies.

If the guy had written to the admins about it, they probably would've replied "yeah we know about it, please don't do it".

"But I want to because I can and you're too lazy and incompetent to fix it."

"Okay then here's 50 bucks, please fix it for us, we don't have time for this nonsense."

"F off", and then proceeds to rick roll because that can get him to HN front page.