In the fall of 1983, with his newly minted associate’s degree in his pocket, Scott started on his bachelor’s degree at Rochester Institute of Technology (RIT). Scott brought his new TRS-80 Model III, and his roommate had a TRS-80 Model I. Two computers were in one dorm room outside the nerdy Computer Science floor, which was unheard of back then. During his first semester at school, Scott took FORTRAN, and his teacher was a fan of online testing. The school had four DEC VAX 11/780 systems at that point. During one test, Scott realized their class accounts were executing a login script to jump to the test menu. He then used his account on that system to understand exactly when and how the login script was executed and where the non-atomic weak points were in the program flow.

At his community college in the spring of 1983, Scott took an Assembler for the IBM System 370 class. This gave him a fundamental understanding of mainframe system programming. Since then, Scott has also written several assembly language programs for his TRS-80, creating graphics and sound routines callable from BASIC. After some research and testing, he found a way to break out of the online testing system the professor had used moments before it could finish loading. Lo and behold, he was logged into the professor’s account with full access to all his files.

With much trepidation, Scott visited the professor and demonstrated the flaw in the school’s system. He then suggested that teachers use another account for testing. The teacher then set up a meeting for Scott with the director of the IT department, who asked Scott not to tell anyone what he’d done as that’s how all university online testing worked. So, in his first “white hat” hacking exploit, he was told to shut up and respect “security through obscurity.”

Scott did get an “A” in Fortran, but it was because he wrote some awesome code that semester.