From the Guardian comes the story of Patrick Foster and Roger Waite, two Oxford students who are in trouble because they discovered serious vulnerabilities in their university's network which allowed for access to students' e-mail accounts, instant messaging conversations, and CCTV broadcasts. This discovered them in the course of writing an article for their college newspaper. From the Oxford Student article:
Access to the video-streaming of CCTV footage of College A was easily available, pictured right, and cameras across the College could be taken down at the touch of a button. One student who appeared in security footage accessed said: "As well as understanding the security implications, it was personally shocking and especially worrying."
Alas, on the vast majority of university networks, the policy is far more restrictive. For example, Harvard's "Computer Rules & Responsibilities" notes:
Students may not attempt to circumvent security systems or to exploit or probe for security holes in any Harvard network or system, nor may students attempt any such activity against other systems accessed through Harvard's facilities. Execution or compilation of programs designed to breach system security is prohibited unless authorized in advanced.