lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20030624200735.GA22253@eiv.com>
From: smcmahon at eiv.com (Shawn McMahon)
Subject: Sql Injection big5 consultancy

On Tue, Jun 24, 2003 at 07:03:48PM +0000, joseph blater said:
> 
> Thanks for all the valuable input, I decided I will just STFU and keep it 
> to myself. Let them discover it when some bad guy drops their databases and 
> own their box. Better than facing a prossecution because of security 
> professionals and developers trying to blame their incompetency on me (I 
> can even imagine the "extorsion cracker"). Altough my country doesnt have 
> any police forensics or especific laws, things could get nasty.

That's not that far-fetched a concern.  Remember:

http://www.landfield.com/isn/mail-archive/2001/Aug/0150.html
http://www.sweetliberty.org/issues/tidbits/briankwest.htm
http://www.usdoj.gov/criminal/cybercrime/WestPlea.htm
http://lists.insecure.org/lists/politech/2003/Jan/0106.html

Brian K. West was sentenced to 3 years probation, and is now a convicted
felon, for poking around not dissimilar to yours.  Note that the travel
restrictions he's under would prevent travelling to either of the large
cities in Oklahoma.  He's essentially confined to a rural existence
unless he gets permission.


-- 
Shawn McMahon     | Let every nation know, whether it wishes us well or ill,
EIV Consulting    | that we shall pay any price, bear any burden, meet any
UNIX and Linux	  | hardship, support any friend, oppose any foe, to assure
http://www.eiv.com| the survival and the success of liberty. - JFK
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030624/c8f8527d/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ