lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 8 Jun 2007 07:55:13 -0400
From: Kradorex Xeron <admin@...ibase.ca>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: You shady bastards.

On Friday 08 June 2007 07:12, Thierry Zoller wrote:
> Dear List,
>
> I know we have a "World Police" but luckily we have no World laws, how
> about some of you stick to things your supposed to be able to do,
> security, coding whatever and leave law to those that practise it ?
>
> I have yet to see a lawyer good at sec, it depends on
> - legislation the company resides in
> - the contract
> - the form of the message
>
> In luxembourg for instance mails labeled as PRIVATE or CONFIDENTIAL
> are not allowed to be viewed by the company, ALSO as email. Write it
> in the subject line.

To risk breaking my keeping off legal grounds (note: IANAL)

With your logic, someone could bring in their home computer, hook it into the 
network, upload their private files to the server and name a 
directory "CONFIDENTIAL" and shove their personal home files in it and nobody 
is allowed to see what's in it to determine if it's supposed to be there or 
not because it's named "CONFIDENTIAL", thus the person gets free space on the 
COMPANY server to do whatever they please, even after they leave the company.

To be brutally honest, Those marked "CONFIDENTIAL" emails stick about as much 
as those lines some corperations make their staff have at the bottom of 
emails that say essentially "If you received this email in error, delete it 
immediately as it is confidential. It is illegal for you to have this email 
if it isn't reguarding you".

Is it me or are too many people expecting "security by good will" nowadays?

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ