lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <BAY103-F152183C0D813BADB03C3D5EE570@phx.gbl>
Date: Mon, 07 Aug 2006 10:49:20 -0700
From: "kaiser scapegoat" <kaiser_scapegoat@...mail.com>
To: full-disclosure@...ts.grok.org.uk
Subject: AOL data being mirrored everywhere

Hi, all -

AOL released data for 500,000 out in the wild for 500,000:
http://tinyurl.com/ky6ek

Since it has been widely mirrored, AOL will next find a scapegoat so the 
public will be more worried about those villains that dared to point out the 
problem and mirror the evidence.

Here is the instant recipe:

1) PR department reaches out to their media contacts. Journalists then tell 
sensationalist story of "hackers" or "bloggers" who mirrored *your* private 
data. AOL worms out of responsibility for letting the data loose in the 
first place by declaring war on the evil bloggers.

2) Now that there's no public support for the blogger, AOL can safely trick 
a government agency into publicly denouncing the blogger. Since the blogger 
is clearly a danger to public safety, the government is allowed to ignore 
all applicable law. After all their heart was in the right place, and that 
matter's more than an individual's rights. Also, since the press is already 
committed to portraying the blogger as a villain, the government knows that 
they will never have to apologize if they make a mistake. The press has a 
vested interest not to report the error.

3) Next AOL's team of corporate lawyers will file a lawsuit. It doesn't 
matter if the lawsuit is frivolous - they are after the PR value of 
"prosecuting on behalf of the public", and reinforcing to the media that the 
blogger who dared link to the info is the evil one. If the blogger is poor, 
weak, and has no media platform of their own, then AOL might actually win 
the lawsuit by default, adding further legitimacy to their "public defender" 
posture.

4) The public doesn't understand that killing the messenger only guarantees 
successful cover ups in the future. And as far as I can tell, they don't 
care that there is a layer of people who corporations can calculate as 
having no Constitutional rights in this country (if a person can't defend 
their rights, they might as well not exist). AOL's "issues management" team 
is weaving these assumptions into their strategy.

Scapegoating worked for Kaiser Permanente. It'll work for AOL.

_________________________________________________________________
Don’t just search. Find. Check out the new MSN Search! 
http://search.msn.click-url.com/go/onm00200636ave/direct/01/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ