[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sun Apr 23 19:49:07 2006
From: crypticmauler at linuxmail.org (CrYpTiC MauleR)
Subject: Re: Who Do I Contact?
Wouldn't it matter on which state? I know California for instance has strict laws about telling public of breaches, but not sure about other states. I will be calling the Attorney General of the the school's state tomorrow so should have a good answer.
> ----- Original Message -----
> From: "Dave "No, not that one" Korn" <davek_throwaway@...mail.com>
> To: full-disclosure@...ts.grok.org.uk
> Subject: [Full-disclosure] Re: Who Do I Contact?
> Date: Sun, 23 Apr 2006 15:18:49 +0100
>
>
> CrYpTiC MauleR wrote:
>
> > students attending. So everyone please dont wast your time trying to
> > play 'who can guess what school it is or where it is?' because I
> > really will not verify if you are correct or not and plain do not
> > want to play that game. I just asked FD on advice of what to do
> > considering the implications, and that is all it will be kept at.
>
> :) It was just a game, and I'm not actually interested in guessing where
> it is. See my other recent post in this thread for my actual serious advice
> about what might work the best. Good luck, it is important and it does need
> fixing.
>
> Incidentally, since presumably this bug has been there for some time, and
> if it's accessible from the web, then it's already too late; the data might
> have been leaked and without going through server logs with a fine-tooth
> comb it may be impossible to tell (and perhaps even with). I don't know if
> SarbOx applies to an edu, but if the data may already have leaked then they
> really ought to be obliged to warn everyone whose data is on that database
> that they need to take precautions to protect themselves against identity
> theft. They shouldn't be allowed to cover it up or sweep it under the
> carpet.
>
> cheers,
> DaveK
> --
> Can't think of a witty .sigline today....
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
--
_______________________________________________
Check out the latest SMS services @ http://www.linuxmail.org
This allows you to send and receive SMS through your mailbox.
Powered by Outblaze
Powered by blists - more mailing lists