lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <43B6841A.17760.332277B0@nick.virus-l.demon.co.uk>
Date: Sat Dec 31 00:14:24 2005
From: nick at virus-l.demon.co.uk (Nick FitzGerald)
Subject: Let's check out cocc.com

Technica Forensis wrote:

[corrected for top-posting-itis]

<<snip>>
> > ---------- Forwarded message ----------
> > Date: Fri, 30 Dec 2005 04:20:28 -0500
> > From: "Preston, Ian" <Ian.Preston@...c.com>
> > To: Dave Horsfall <dave@...sfall.org>
> > Subject: Out of Office AutoReply: [Full-disclosure] complaints about the g
> >     overnemnt spying!
> >
> > I will be out of the office until Tuesday, January 4th.
> >
> > If you need immediate assistance, please address your message to
> > internetplus@...c.com. You can also dial x625 to reach the Internet Plus
> > hunt group.
> >
> > If you need to contact me directly, my cell phone # is 203 525 5770
<<snip>>
>  should we all call his cell phone?

To really make the point, we should each do it at a pre-arranged 
_local_ time -- like, say mid-night New Year's Eve/New Years Day...

Another thing to do with such cases (if you're really bored and have 
the time) is to report them to the security contact at the originating 
domain.  In this case you may just choose the internetplus@ address 
mentioned in the actual message, but for the obsessively verbose ones
-- you know, the ones like:

   I'm at a conference until ...  For database queries contact Tom ...
   For backup issues contact Dick ...  For other support issues
   contact Mary ...

reporting them to the company's security contact is both a good thing 
(the twat clearly is giving up way too much internel-only info they 
should have policies against, so warning them is a genuinely good 
thing), and a better thing (their security contact will likely have the 
mail admin kill/fix such auto-responses so we see no more from them in 
the list) and a really evil thing (the staff member will return from 
conference to a meeting with security and possibly even get slapped 
with a security policy infringement note on their HR record).


Regards,

Nick FitzGerald

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ