Wha...? That is messed up.

Ok, that's nuts.

This may not last long. It could be a serious security compromise for, say, some rich guy who needs to be discrete and doesn't need the world knowing his history. Should be interesting.

(Insert jokes about Episcopalians here)

Wow.

To protect your identity, do not share your Password or Secret Answer with anyone. ... We'll share your full name for you.

discreet.

I've emailed the webfriar (who just happens to be a person that I grew up with at that school) to tell him of the potential serious problem.
I appreciate their literal interpretation of the definition for alumnus, but I also think it's kind of snotty[typical of everything I ever experienced there] that they would only allow you to register if you actually graduated from the 12th grade.

This is a serious security issue, and considering that that's true, I don't think we should be linking to the site as it stands. I hope the mods will remove the link.

Yeah... I don't think we want to advertise that specific hole here, so I removed the link (and also the specific Name/Year that was mentioned). but I had a look, and yes - totally wide open. eek.

Well, I'd back off of "serious" as it's not clear that there's anything of value here beyond a small-pond version of Classmates.com. It can be astonishingly easy to get class lists (see the aforementioned) and even a requirement that you enter your name and class year would be something someone could overcome. But somebody could wreak prank-level havoc if they wanted to, and I suppose someone could use the site to phish someone as a "fellow classmate" or whatever.

So, a bit dumb, but I dunno that I'm up in arms about it.

You're right, not really a "serious" risk as there wasn't much on the site that wasn't available for public consumption anyway, but in the interest of protecting those that might unwittingly post personal information perhaps it's best that the link is removed. -30-