[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200503182008.j2IK8N6H026390@turing-police.cc.vt.edu>
Date: Fri, 18 Mar 2005 15:08:17 -0500
From: Valdis.Kletnieks@...edu
To: Paul Laudanski <zx@...tlecops.com>
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com,
news@...uriteam.com
Subject: Re: Truth, Justice and the Ordinary Person
On Fri, 18 Mar 2005 12:22:27 EST, Paul Laudanski said:
> Somewhere in all this, the truth seems to be something that is forgotten
> about. Now it appears to be who can swing the majority of the voters their
> way, who can convince the general public that they are being hard done by
> or trying to show that, what the person is doing is OK, because this
> person has credibility.
This seems off-topic even by full-disclosure standards, so...
> [This message is for the designated recipient(s) only and may contain
> privileged or confidential information. If you have received it in error,
> please notify the sender immediately and delete the original. Any other
> use of the email by you is prohibited.]
We've obviously received it in error. Consider this your notification. I'd
however like to see what citation you have for prohibiting other use (for
instance, as source material for a satire or parody or social commentary).
Also, do you have plans to indemnify us for the costs of making sure that the
copy that resided on our central mail server is in fact deleted (as opposed to
merely unlinked from the file system)? Peter Guttman had quite a bit to say
about the secure deletion of data from disks. You however seem to be in luck,
as there wasn't a backup running on the mail server at the time. You wouldn't
want to end up like Col Oliver North, would you?
http://www.fas.org/spp/starwars/offdocs/reagan/chron.txt
By the way, mention to your legal eagles that your site is unable to tell if
postings to public mailing lists contain privileged information. An opposing
attorney could use that against you by using it as proof that your site doesn't
have a *clue* which information needs to be protected.
I'd recommend the use of PGP, GnuPG, or S/Mime if you actually have sensitive
information to send via e-mail. Don't trust the disclaimer to do the work you
should be doing.
Content of type "application/pgp-signature" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://www.secunia.com/
Powered by blists - more mailing lists