| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4B82DF07.8010503@the-hacker.info> Date: Mon, 22 Feb 2010 20:46:15 +0100 From: the hacker <info@...-hacker.info> To: full-disclosure@...ts.grok.org.uk Subject: Re: ACM.ORG data leak still there 4 days after announcing to CEO John White Hello Benji I did not crack/enumerate any passwords, use buffer overflow with metasploit or whatever other tools... I dont think that by just modifying one parameter of an url you already break a law (or all people that have spelling problems when entering an url would be in jail). Also I have contacted ACM with my REAL name, address, phone number etc. via email. I've even called the CEO twice! So they know my identity because I just wanted to let them know about the problem on their website - but when they did not react for 4 days I extracted some sample data (I could have got much more) from the site to mail it to them. I've extracted enought to show them that its not just 10 addresses, but its far from everything. So I wonder why I should be in trouble for wanting to help them? Do you other guys on the list also think that this is already a crime? By the way, I've sent the mail with the data 2 hours ago but no reaction. Greetings th _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists