lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Thu Aug  4 16:23:31 2005
From: bkfsec at sdf.lonestar.org (bkfsec)
Subject: SixApart/LiveJournal's Denise Paolucci should
	resign.

Deep Lolz wrote:

>Denise Paolucci's chief responsibility at LiveJournal
>is to head their abuse department. Recently, she began
>abusing her powers and suspending the accounts of
>people merely because she didn't like material
>contained within their journals. This prompted a
>massive community backlash at her personal website <a
>href="http://denisepaolucci.com">denise paolucci dot
>com</a> and <a href="http://ljabuse.com">LJ Abuse dot
>com</a>, a website not officially sanctioned by
>LiveJournal but an after-hours messageboard for abuse
>team volunteers. In response, she moved her websites
>elsewhere and replaced them with a website that abuses
>javascript to open countless moving popup windows
>displaying extremely offensive images. Disturbingly,
>these websites use the clipboardData.getData function
>to grab the clipboard contents of Internet Explorer
>users. She is also somehow affiliated with the
>infamous trolling organization, the GNAA. She said in
>an IRC channel that she did this "because it was
>funny".
>
>Denise Paolucci's actions are unfitting of her
>position in such a large and prominent organization.
>She has repeatedly shown no regard for the privacy and
>freedoms of the users of LiveJournal. This is the type
>of childish -1 flamebait crap you'd expect from the
>twelve year olds at something awful, not of someone
>who manages the abuse department at a service that has
>2 million account holders. She should resign, and
>failing that, SA/LJ should fire her.
>
>
>
>  
>
Not to mention the fact that there's a known abuse policy social 
engineering exploit where reporting of copyright infringement will 
always result in account suspension.

In further investigation, it turned out that suspension was far more 
likely if something you said wasn't liked by Denise and other "lj abuse 
department" (Which really means that they are there to abuse LJ) members.

I found that it's actually more of an exception that the person won't be 
suspended or banned, but it's quite simple to get someone suspended 
using the abuse team as a foil.

Frankly, the whole damn abuse team is incompetent and should be 
fired/removed (depending on whether they work or are volunteers) and the 
whole thing should be rethought.

                -bkfsec

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ