lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
From: sil at infiltrated.net (J. Oquendo)
Subject: Re: hushmail.com, is this true?


> They can't force you to produce information you can prove you don't have...

Actually, I believe the Sarbanes Oxley Act requires companies keep records
for a period of time. Not sure the entire specifics of this but I'm sure
if you wanted to quote me on this you could (http://tinyurl.com/542n3)

Outside of this argument (records), I'm willing to be for security
purposes though, Hushmail is keeping tabs on who is doing what. That would
be logical provided that they are security based and I would hope would
keep tabs on connections should someone infiltrate their network.

"Gee we were pwned but we don't know by whom because we don't keep records
or tabs on ANYONE!"

Sound kosher? I doubt they're not keeping tabs on someone. Aside from
this, just because they are keeping tabs on someone's account information
(regarding the IP connections they are coming from), it becomes a
different story when an account is being accessed by proxies all over the
world. Hell with all the botnet machines around, a lawyer defending
someone on trial could throw this into the mix due to the fact that it
would be difficult to pinpoint so and so due to the fact that so many
connections have been made from differing locations.

Of course the lawyer would have to have enough of a clue to do so, but
even then with so much crapaganda from the US government, hell any
government for that matter, and due to the fact governments have deeper
pockets than anyone, a defendant would get pounded with other crappy
technicalities.


=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
J. Oquendo
GPG Key ID 0x51F9D78D
Fingerprint 2A48 BA18 1851 4C99

CA22 0619 DB63 F2F7 51F9 D78D
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x51F9D78D

sil @ politrix . org    http://www.politrix.org
sil @ infiltrated . net http://www.infiltrated.net

"How a man plays the game shows something of his
character - how he loses shows all" - Mr. Luckey

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ