| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 7 Jun 2007 00:28:26 +0000 (UTC) From: security curmudgeon <jericho@...rition.org> To: Larry Seltzer <Larry@...ryseltzer.com> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: You shady bastards. : >>A more ethical company would have sent HDM a polite note saying that : the person no longer works there before curiosity got the best of them. : : Does your company do this for all former employee e-mail accounts? No. But they also don't continue to accept mail to those accounts either. : Let's hope he unsubscribed from all his mailing lists before he left. If a company is going to continue monitoring a former employee's mailbox (intentionally or via a 'catch all'), that is fine. But when they specifically act on a personal private mail between someone outside of their company and the former employee, they are crossing the line of ethical behavior I think. As I said, the least they should have done is mail HDM and notified him the person no longer works there. If they didn't do that, and if you think they shouldn't be required to, then they shouldn't act on the information in the mail either. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists