or-
Rush To Market (a play on 'Release To Manufacturing' and what the poster likely meant)
or-
Read The Manual (usually RTFM ;-)

I couldn't help but notice that his site (diabetes-warrior.net) is hosted by Bluehost in Provo, Utah. Not really having a legal background I wonder how this changes the landscape... i.e.-
What if he were living in Utah but the site was hosted in North Carolina? Could they go after him then? What if he just registered the site under a business in a different state and continued to host the site in Utah? Could they still get him for writing it in N.C.?

Don't get me wrong. It does appear he crossed the line by offering 'coaching' services which is forbidden by the law. But the blog itself describing his battle against diabetes and the steps that he has found useful is likely protected free speech. It's going to be hard to convince a judge that a blog is illegal when the same information could be printed and bound in a book and sold at the Barnes & Noble in Raleigh legally.

Reading the lawthough, pretty much every mother in North Carolina is likely a criminal. From the statute-

Nutrition care services means any part or all of the following:
a. Assessing the nutritional needs of individuals and groups, and determining resources and constraints in the practice setting
b. Establishing priorities, goals, and objectives that meet nutritional needs and are consistent with available resources and constraints
c. Providing nutrition counseling in health and disease
d. Developing, implementing, and managing nutrition care systems
e. Evaluating, making changes in, and maintaining appropriate standards of quality in food and nutrition services.

Seriously, any parent worth their salt does this for their children from an early age. Friends do it for each other. Adults do it for their aging parents. 'Dad! Why are you eating that? You know it'll set off your gout/blood sugar/.' It takes support and encouragement to make lifestyle changes. Some people find that support in their family or friends. Some find it online. The best solution would be to slap his wrist for offering coaching and let the rest go.

Really? That is the BEST privacy policy I've ever seen. As proof I offer the fact that I actually read it all the way through, and enjoyed reading it. Neither of those things has ever happened before...

Read this article then immediately saw this @ Huffington Post- http://imgur.com/VBhqr/ (Which made me laugh!)

Seems a bit dodgy to punish websites for hosting banner ads when your company takes out banner ads. It's entirely possible they are filtering based upon the source of ads as well and placing their 'paying' ad customers higher than sites which utilize competing services...

What do you think the engineers who design aircraft are doing already? As others here have pointed out, the biggest killer in a plane crash is fire. So the biggest priority is to get passengers off the plane AFTER it lands. Modern passenger aircraft are already well designed in this respect. As an example the Airbus 320 has one entrance, but no less than 8 exits! That's not bad for 150 seats.

Bottom line, I fly a lot. I am simply disputing your assertion that airplanes are unsafe. You can call me closed-minded if you like, I will call you irrational. Statistically, your own choices will kill you long before any pilot's choices figure into it. I simply do not understand how people can fear plane crashes or crime or terrorism and yet have absolutely no fear of the the things that will actually kill them. If the goal is to save people from needless death, perhaps you should start by looking at what ACTUALLY kills people and pick something with better numbers: Cancer, heart disease, automobiles, alcohol, tobacco, stroke, suicide. murder, drowning, electrocution... All are far more likely to kill you than air travel. You have more of a chance of dying from injuries sustained falling down(1 in 246) than of dying in a plane(1 in 20000).

Do not taunt Happy-Fun-Ball!

Dude, no offense but passenger planes are already extremely safe. Your lifetime odds of dying in an auto wreck are around 200 times greater than your chances of dying in a plane crash.

And what do you suggest anyway? Perhaps we can ALL get ejection seats! In an emergency the ENTIRE CEILING of the passenger cabin will blow off. Then row by row we can all watch our fellow passengers shoot into the air as the explosive bolts in their chairs go off. Or perhaps they can just hand you a chute and open the door if things go South?

The truth of it is that in most any scenario where the plane is going to crash, there is not going to be a realistic way to exit the aircraft in mid-air. For that reason I'll say-

NO THANKS.

As someone who is into foam-built RC aircraft I am excited by the possibilities of this software. Electronics not included, a plane costs me about $10 to build. While I've built enough planes that I can just 'wing it' (See what I did there?), It would be fun to use this software to design RC planes...

ED-209 anyone???
http://www.youtube.com/watch?v=mrXfh4hENKs

Shouldn't it be 'walk upstairs'? We know he lives in his parents' basement. (All IT people eventually end up working/living in a basement. We feel more comfortable there for some reason...)

I can't help notice how many posts on this thread have encouraged the poster to 'run and hide' since he's OBVIOUSLY broken the law.
I'm not so sure that's the case. Many vulnerabilities such as this (especially SQL injections) can be discovered using nothing more than Google dorks. In that scenario, It is Google that has (unintentionally) breached the company's security. The poster is simply accessing information that has been indexed by a search engine. Even if he found it directly, that doesn't mean he broke the law. I've found SQL injections on accident before simply by typing "O'Donnell" into a text box. (That single quote is a Bit**!)
I'm not saying that is what happened here. But don't assume that one has to break the law in order to discover a vulnerability. Google has indexed credit card numbers and other sensitive data in the past. And it's not Google's fault either. If their web spiders are able to scrape it, some web developer screwed up BIG-TIME...

As for advice, I'd say-
1. Document all communications with the company in question. It'll be harder for them to accuse you of wrongdoing if your first action was to inform them of the problem.
2. DO NOT EXPLOIT THIS VULNERABILITY! Or you actually are breaking the law.
3. Report the company in question to VISA, MC, AMEX, etc. You might have broken the law. But they are in violation of PCI-DSS. The company might not listen to you, but once they've got the card companies breathing down their neck they'll correct the issue. (Or they'll get shut down by their payment processor.)
4. Consult an attorney. You are in jeopardy of being blamed if the company does lose data, regardless of the facts. Regardless of legality, it doesn't sound like you have done anything immoral. Don't be their scapegoat.
5. If they do come after you, BE LOUD! The company in question has through their incompetence, screwed their customers. At some point they will have to weigh their options. The person who said 'There's no such thing as bad publicity.' did so before there was such a thing as the Internet. If coming after you means losing customers?

In any case, Good Luck! I've been where you are and it's not a comfortable position...
 

If you're near D.C./Baltimore at all the NSA runs the National Cryptographic Museum at Fort Meade. It doesn't get any geekier than that. The VLA is a lot of fun as well. It's a great picnic spot. (But if you're trekking across NM there's also White Sands Nat. Mon. And the Southeast corner of the state has a couple of real 'gems'- Roswell, where you can get your LGM fix and Carlsbad Caverns where you can go hiking for miles underground in the most beautiful setting you can imagine!) Oh and if you're in Arizona at all check out the Meteor Crater! It's off I-40 near WInslow...

Um, two reasons- 1. Going to Verizon would only get them historical data. As in 'Here is all the location data we have for the last month. In addition, the suspect in this case wasn't using a phone. He was using a broadband data card to file fraudulent tax returns. So GPS might not even be an option. So they would be limited to network location data. The 'Stingray' however, tracks devices in real time from the back of a van that's driving around with SWAT guys in the back. It's the difference between them knowing where you were last week and looking for you actively RIGHT NOW. In this case the suspect was tracked to the apartment building he lived in. Agents then went to the apartment manager and got the lease applications for the tenants. One of those applications used a fake ID and (surprise!) a fraudulent tax return from the agents' investigation to pass the credit check. 2. Different legal standards apply to 'Stingray' type devices than requests to providers. Use of these devices requires only a court order. (Different from a warrant.) Had the suspect been more savvy and used a clean ID and spent a few thousand of those stolen millions on a botnet proxy/VPN he would likely still be at large. The real thing protecting citizens from abuse of this kind of tech is $. In order to deploy one of these you've got to put some trained agents on the ground. It costs thousands of dollars a day to even try to find someone with a stingray. Realistically by the time they pull one of these out of the closet and dust it off, they already have enough evidence to arrest. I find carriers snooping to be much more invasive.

'Stingray's do not intercept communication. That's why they get around the wiretapping warrant requirements. They are designed to spoof the carrier's tower in order to ascertain only the location of a mobile device. So I don't see wiretapping as the issue. What IS troubling however is the fact that once law enforcement has found the suspect/device they as a rule WIPE THE DATA from the stingray. They've been doing this supposedly to prevent defendants/criminals learning how they were caught. The issue is that a judge signs a court order approving the use of the Stingray. Then after gathering evidence, law enforcement DESTROYS that evidence instead of handing it over to the court for review. All this to prevent the defendant from getting it during discovery. That practice will likely stop soon since it's motive was to keep the device itself a secret. Now that it's use is public knowledge, there's no reason to continue the charade...