| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Pine.LNX.4.64.0706070017290.18827@forced.attrition.org> Date: Thu, 7 Jun 2007 00:18:51 +0000 (UTC) From: security curmudgeon <jericho@...rition.org> To: full-disclosure@...ts.grok.org.uk Subject: Re: You shady bastards. On Wed, 6 Jun 2007, Kradorex Xeron wrote: : > Illegal or not, this is still pretty damned shady. : > : : I will seldom touch on the legal side but I have a possible scenario: : : -- If David is no longer at that address, it could be said that his mail : account was taken down and the mail sent ended up in a possible "catch : all" box, perhaps someone at SecureWorks was looking through the said : catchall mailbox for any interesting mail sent to the secureworks.com : domain (i.e. to old employees) - It's quite common for companies and : organizations to monitor former employee mailboxes in the event anyone : that doesn't have any new contact information to be able to still get : somewhere with the old address. And them being a security organization, : maybe they proceeded to investigate the link sent. This is no doubt exactly what happened. A more ethical company would have sent HDM a polite note saying that the person no longer works there before curiosity got the best of them. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists