lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <BAY103-F3463C61F81F14D0D541451EE5B0@phx.gbl>
Date: Wed, 26 Jul 2006 15:27:34 -0700
From: "kaiser scapegoat" <kaiser_scapegoat@...mail.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Undisclosed breach at major US facility

There's something that's not in the timeline or my blog, but I think it's 
relevant in bringing up possible consequences of the "paint whistleblower as 
hacker" strategy.

University security sites often post information of interest to the security 
on their web sites. Through simple Internet searches I found several 
universities that had posted presentations that gave me as an example of a 
hacker/danger. I'm pretty sure these presentations were offshoots of the 
HIPAA conference run by the Kaiser lawyer. I tried to contact a couple of 
the universities directly and asked them to redact that part of their 
presentations, but they didn't reply.


>From: "kaiser scapegoat" <kaiser_scapegoat@...mail.com>
>To: full-disclosure@...ts.grok.org.uk
>Subject: Re: [Full-disclosure] Undisclosed breach at major US facility
>Date: Wed, 26 Jul 2006 15:16:46 -0700
>
>I'm on a mission to make it okay. This will not end with Kaiser concluding 
>that trying to frame people "works".
>
>If the public insists on putting the "messenger" through all this crap, 
>they will deserve a society owned by corporate interests and bereft of all 
>individual rights. Might as well use the U.S. constitution for a cigar 
>wrapper, because it sure doesn't apply to the "little people" anymore.
>
>
>>From: evilrabbi <evilrabbi@...il.com>
>>To: full-disclosure@...ts.grok.org.uk
>>Subject: Re: [Full-disclosure] Undisclosed breach at major US facility
>>Date: Wed, 26 Jul 2006 17:09:19 -0500
>>
>>That's why you shouldn't tell people about things like that. Just keep 
>>them
>>to yourself and you'll be ok.
>>
>>On 7/26/06, kaiser scapegoat <kaiser_scapegoat@...mail.com> wrote:
>>>
>>>Hi -
>>>
>>>I only joined this list because I read about the "how to disclose a
>>>breach"
>>>issue in Wired. I read through the posts, and it didn't look like anyone
>>>brought up my case. I'm the person who proved the press and government
>>>agencies prefer to portray the whistleblower as a hacker even if the info
>>>has been on a public web site for five years.
>>>
>>>Here's a timeline of my situation:
>>>http://corphq.livejournal.com/60599.html
>>>
>>>I keep a blog on this issue here: http://corphq.livejournal.com
>>>
>>>What was surprising about my case was not that Kaiser attempted to frame
>>>me
>>>- they've always been slime. What's upsetting is the way the press and 
>>>the
>>>State of California enabled them by portraying me off the bat as a 
>>>hacker.
>>>This made it impossible for me to get timely legal help. Even more
>>>upsetting
>>>is that even after the CA Dept. of Managed Health Care realized their
>>>mistake, they did nothing to fix the problem they had caused me. They
>>>didn't
>>>publicly apologize for their press release, and they left the Order
>>>against
>>>me on their web site. They pressured me into signing a "settlement" just
>>>to
>>>cover their own ass, and then they broke their side of it. The actions of
>>>the DMHC were illegal to begin with since they have no jurisdiction over
>>>private citizens.
>>>
>>>It seems that it's okay with all of society that the State can take
>>>illegal
>>>actions against me and I can be left to the HMO legal team wolves just
>>>because I'm a nobody and it apparently appeases public anxieties to 
>>>punish
>>>the person who symbolizes the danger of medical records being posted on
>>>the
>>>Internet.
>>>
>>>In the end, though, this is shooting the messenger, and that just assures
>>>that people in the future will be afraid to report this kind of security
>>>leak.
>>>
>>>_________________________________________________________________
>>>On the road to retirement? Check out MSN Life Events for advice on how to
>>>get there! http://lifeevents.msn.com/category.aspx?cid=Retirement
>>>
>>>_______________________________________________
>>>Full-Disclosure - We believe in it.
>>>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>>Hosted and sponsored by Secunia - http://secunia.com/
>>>
>>
>>
>>
>>--
>>-- h0 h0 h0 --
>>www.nopsled.net
>
>
>>_______________________________________________
>>Full-Disclosure - We believe in it.
>>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>Hosted and sponsored by Secunia - http://secunia.com/
>
>_________________________________________________________________
>On the road to retirement? Check out MSN Life Events for advice on how to 
>get there! http://lifeevents.msn.com/category.aspx?cid=Retirement
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today - it's FREE! 
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ