lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 26 Jul 2006 17:09:19 -0500
From: evilrabbi <evilrabbi@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Undisclosed breach at major US facility

That's why you shouldn't tell people about things like that. Just keep them
to yourself and you'll be ok.

On 7/26/06, kaiser scapegoat <kaiser_scapegoat@...mail.com> wrote:
>
> Hi -
>
> I only joined this list because I read about the "how to disclose a
> breach"
> issue in Wired. I read through the posts, and it didn't look like anyone
> brought up my case. I'm the person who proved the press and government
> agencies prefer to portray the whistleblower as a hacker even if the info
> has been on a public web site for five years.
>
> Here's a timeline of my situation:
> http://corphq.livejournal.com/60599.html
>
> I keep a blog on this issue here: http://corphq.livejournal.com
>
> What was surprising about my case was not that Kaiser attempted to frame
> me
> - they've always been slime. What's upsetting is the way the press and the
> State of California enabled them by portraying me off the bat as a hacker.
> This made it impossible for me to get timely legal help. Even more
> upsetting
> is that even after the CA Dept. of Managed Health Care realized their
> mistake, they did nothing to fix the problem they had caused me. They
> didn't
> publicly apologize for their press release, and they left the Order
> against
> me on their web site. They pressured me into signing a "settlement" just
> to
> cover their own ass, and then they broke their side of it. The actions of
> the DMHC were illegal to begin with since they have no jurisdiction over
> private citizens.
>
> It seems that it's okay with all of society that the State can take
> illegal
> actions against me and I can be left to the HMO legal team wolves just
> because I'm a nobody and it apparently appeases public anxieties to punish
> the person who symbolizes the danger of medical records being posted on
> the
> Internet.
>
> In the end, though, this is shooting the messenger, and that just assures
> that people in the future will be afraid to report this kind of security
> leak.
>
> _________________________________________________________________
> On the road to retirement? Check out MSN Life Events for advice on how to
> get there! http://lifeevents.msn.com/category.aspx?cid=Retirement
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



-- 
-- h0 h0 h0 --
www.nopsled.net

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ