lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <591fd0b21002250718p3a4542e3xc218c8dc27041fee@mail.gmail.com>
Date: Thu, 25 Feb 2010 08:18:53 -0700
From: Stack Smasher <stacksmasher@...il.com>
To: the hacker <info@...-hacker.info>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: ACM.ORG data leak still there 4 days after
	announcing to CEO John White

Seriously dude this is not a big deal. This site does not have any
information worth protecting. Stop acting like you hacked the fucking
Pentagon and move alone.

 They don't give a shit and nether does anyone else.

Its a professional group who would give you the information you found if you
asked nice enough!





On Mon, Feb 22, 2010 at 10:07 AM, the hacker <info@...-hacker.info> wrote:

>  4 days since I informed ACM's CEO John White of the severe data leak on
> acm.org - but the leak has not been fixed
>
> 26 hour after contacting ACM and 2 hours after a reminder to the CEO I got
> an email from ACM member services:
>
> "Thank you for pointing out the security issues you located on acm.org. We
> are in the process of updating these security issues."
>
> But that was 3 days ago and nothing has changed - they did not even ask me
> where the leak is!
>
> as stated before full postal and email address data can be extracted from a
> database & also overwritten
>
> I'm going to write CEO Mr. White again and attach a sample of 2500
> extracted addresses & send it to some CC's
>
> Its weird, I mean this company is not selling flowers, ACM states on its
> website that " ACM is an educational and scientific society uniting the
> world's computing educators, researchers and professionals to inspire
> dialogue, share resources and address the field's challenges. ACM
> strengthens the profession's collective voice through strong leadership,
> promotion of the highest standards, and recognition of technical excellence.
> ACM supports the professional growth of its members by providing
> opportunities for life-long learning, career development, and professional
> networking."
>
> so where is technical excellence here???
>
> details & screenshot of extracted data on http://www.the-hacker-news.com/
>
> follow this on http://twitter.com/_the_hacker_
>
> the hacker
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



-- 
"If you see me laughing, you better have backups"

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ