lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20060422180956.EB1F62435A@ws5-3.us4.outblaze.com>
Date: Sat Apr 22 19:10:17 2006
From: crypticmauler at linuxmail.org (CrYpTiC MauleR)
Subject: Who Do I Contact?

I called the FBI they said to call the local police, who then told me to call the Attorney General of that state. I can't speak to him or anyone in his office until Monday due to being close on weekend. So school is lucky to get an extra 24 hours to fix this.



> ----- Original Message -----
> From: "Gadi Evron" <ge@...uxbox.org>
> To: "CrYpTiC MauleR" <crypticmauler@...uxmail.org>
> Subject: Re: [Full-disclosure] Who Do I Contact?
> Date: Sat, 22 Apr 2006 19:30:00 +0200
> 
> 
> CrYpTiC MauleR wrote:
> > I am sorry I am not going to say who the school is. Mainly 
> > because so many socials numbers are at risk including mine. I 
> > have contacted the VP of Information Technology and he assured me 
> > he would call the company that makes the website. After 20 days 
> > the hole was not fixed, so I called the department heads and am 
> > giving them 48 hours from then which is now currently at 24 hours 
> > before I move onto notifying someone else. I was also thinking 
> > about contacting FBI about this seeing they handle school 
> > breaches but not sure.
> >
> > I will not go full disclosure with the info, collect SSNs and 
> > show school (illegal) and also please don't ask me for the 
> > school's name or the details of the hole. The school has been 
> > careless even with the tech department making a support ticket 
> > about my initial report which I later found out anyone could view 
> > too. They obviously don't know how to do anything right. So if 
> > anyone could provide me with a phone number or place I can 
> > contact would be great. Please do not reply with a name or number 
> > without it being posted on a credited site or be easily 
> > verifiable. I am not going to just randomly call whoever someone 
> > tells me too. Could be some idiot wants to just trick me into 
> > giving the details to him. Thank for the help so far guys!
> >
> 
> I can connect with the secret service, but I am not sure they are 
> the right people.
> 
> Without even some minor details, I can't help.
> -- /~\ The Green
> \ / Ribbon Campaign
>   X  Against Purple
> / \ Ribbons!        -- "The Geometry of Shadows", Babylon 5.

>


-- 
_______________________________________________
Check out the latest SMS services @ http://www.linuxmail.org
This allows you to send and receive SMS through your mailbox.

Powered by Outblaze

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ