lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: xploitable at gmail.com (n3td3v)
Subject: This sums up Yahoo!s security policy to a -T-

On Wed, 22 Dec 2004 17:59:25 -0800, morning_wood <se_cur_ity@...mail.com> wrote:
>
> > What's in that mailbox is/was mine, none of your business unless I chose
> > to share it.
> 
> i couldnt agree more... another case of lame, illogical media bullshit
> BRAVO YAHOO
> 
> happy hollidays,
> 
> m.w
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
> 

A few pointers here to remember:
- They reckon he was saving drafts of e-mails to send when he had net
access. Not all of these drafts were sent before he was obviously
murdered.
- He was only using the e-mail account to communicate between friends
or family. It isn't like he has secret e-mails he wouldn't want his
family to read, example: some love affair etc with some random chick.
- Other e-mail providers like AOL have already given families access
to accounts of the e-mail used to send messages from battle.
- Sure, corporation need tight privacy policies, although if a
corporation like Yahoo! are going to be this tight, then surely there
should be an "appeal" system setup in special high profile cases, like
this one. This would be the best way to go, than putting families of
war dead, through extra pain when dealing with a loss of life.
- I personally think Yahoo! could easily allow them access in private,
turning a blind eye in this special circumstance. Which as I mentioned
above, an appeal process would give room for, obviously.
- This account should at least be taken out of the deactivation
process and deletion, until all legal angles have been ventured.
- If all else fails, its not rocket science for some hacker/script
kiddie to do the family a favour and crack the password and/or account
information and e-mail a family member the details.

Thanks, n3td3v

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ