Reading the linked article and letter attached I would guess it's not an issue of CALs or software issues, sounds like it's strictly hardware. The number of additional devices (android and apple tablets, phones, etc.) sounds like it's putting strain on the physical resources of their server(s), specifically those that use ActiveSync. I don't know much about that particular service but I would expect it's fairly resource heavy.
The fact that they're not cutting off RIM devices makes it highly likely that they need additional server resources. This, of course, is as much a management issue as it is a technological one. Obviously there was no research, or not enough, done prior to rolling out the new program to determine if their existing hardware could support a rapid influx of thousands of additional devices. I would speculate that this is due to the decision to add the tablets being made, then the IT staff was simply informed "make these work" rather than finding out if there would be issues post rollout.
^This, times 100! There's a saying one of my co-workers has (I work in IT, specifically in network engineering) - "it's technology, not magic." I don't know how many times I get a job that has been sold to the customer to do x, y, and z but actually only has the specs to do x!
Between that and the now pending bill to mark IT workers above a certain pay level (which will only be lowered over time) as exempt to the laws governing OT for hourly workers I am, for the first time, actually thinking that I would join a union if given the opportunity!
I would second this opinion (also, as above, assuming USA as OP's location). Though your intentions are noble it is highly illegal to breach a computer system without permission/ownership, regardless of intent. Similar to other crimes - you would still be arrested for breaking and entering a property even if your intent was to show the owner that their security system was flawed, unless they asked you to test it out for them.
My advice - do nothing further. You discovered the flaw and told them about it, the onus is on them to make sure that their systems are secure. Just make sure that you don't leave a trail for other, less scrupulous people to follow...you certainly wouldn't want a future breach and malicious use of this flaw to point to you as the one who discovered it!
Slashdot Mirror
Reading the linked article and letter attached I would guess it's not an issue of CALs or software issues, sounds like it's strictly hardware. The number of additional devices (android and apple tablets, phones, etc.) sounds like it's putting strain on the physical resources of their server(s), specifically those that use ActiveSync. I don't know much about that particular service but I would expect it's fairly resource heavy.
The fact that they're not cutting off RIM devices makes it highly likely that they need additional server resources. This, of course, is as much a management issue as it is a technological one. Obviously there was no research, or not enough, done prior to rolling out the new program to determine if their existing hardware could support a rapid influx of thousands of additional devices. I would speculate that this is due to the decision to add the tablets being made, then the IT staff was simply informed "make these work" rather than finding out if there would be issues post rollout.
^This, times 100! There's a saying one of my co-workers has (I work in IT, specifically in network engineering) - "it's technology, not magic." I don't know how many times I get a job that has been sold to the customer to do x, y, and z but actually only has the specs to do x!
Between that and the now pending bill to mark IT workers above a certain pay level (which will only be lowered over time) as exempt to the laws governing OT for hourly workers I am, for the first time, actually thinking that I would join a union if given the opportunity!
Aliens...
I would second this opinion (also, as above, assuming USA as OP's location). Though your intentions are noble it is highly illegal to breach a computer system without permission/ownership, regardless of intent. Similar to other crimes - you would still be arrested for breaking and entering a property even if your intent was to show the owner that their security system was flawed, unless they asked you to test it out for them.
My advice - do nothing further. You discovered the flaw and told them about it, the onus is on them to make sure that their systems are secure. Just make sure that you don't leave a trail for other, less scrupulous people to follow...you certainly wouldn't want a future breach and malicious use of this flaw to point to you as the one who discovered it!