lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Mon, 7 Feb 2011 12:21:02 +0000
From: "Cal Leeming [Simplicity Media Ltd]"
	<cal.leeming@...plicitymedialtd.co.uk>
To: CSIRTTAC <CSIRTTAC@...ta.com>
Cc: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>
Subject: Re: Best Buy and Privacy?

Yeah, this technique is employed by many local police forces, in which they
encourage the sharing of information between
agencies, and/or communites/businesses. This isn't something that's going to
get any easier, and it's certainly not going to be stopped.

As a general rule of the thumb, you should always apply the "chain effect"
to these scenarios. This basically means, if *anything* other than cash is
exchanged when dealing with a business, then you have absolutely no control
over what happens to this information, despite laws being in place to
'protect' it. Try to think like a fraud investigator, what tricks would you
use to trace the steps of a purchase?

Slightly off subject but, the same logic applies to cell phones. Even if you
go into a store in another city, purchase a SIM with cash from an over the
counter corner shop with little CCTV, that SIM can still be tied back to you
based on 'trends' in your local area. This is why I always laugh when people
make a concerted effort to make sure as little information about them ends
up in the public domain, because it's really all much of a muchness. If
someone wants to find info on you, they will find it, one way or another
lol.

As a good friend once quoted to me: "Total paranoid is total awareness".

</rant>


On Fri, Feb 4, 2011 at 7:31 PM, CSIRTTAC <CSIRTTAC@...ta.com> wrote:

> And the turnaround at Gamestop would be a much better investment anyway.
> Usually you can get at least 10-20% off or up to 15 bucks or so on a new
> game with your trade-in's there vice turning them into BestBuy.
>
> -----Original Message-----
> From: full-disclosure-bounces@...ts.grok.org.uk [mailto:
> full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of Thor (Hammer of
> God)
> Sent: Friday, February 04, 2011 12:42 PM
> To: Paul Heinlein; Thor (Hammer of God)
> Cc: full-disclosure@...ts.grok.org.uk
> Subject: Re: [Full-disclosure] Best Buy and Privacy?
>
> No, that didn't come up at the time, but I wondered the same thing.   I've
> not heard of any rash of XBOX game thievery around, so my feeling is that
> it's practiced elsewhere, though I have no evidence of that.  The thing is,
> stealing a $50 game in order to get $5 or so at Best Buy isn't exactly an
> equitable model for theft, so none of it really makes too much sense to me.
>
> t
>
> >-----Original Message-----
> >From: Paul Heinlein [mailto:heinlein@...boa.com]
> >Sent: Friday, February 04, 2011 8:33 AM
> >To: Thor (Hammer of God)
> >Cc: full-disclosure@...ts.grok.org.uk
> >Subject: Re: [Full-disclosure] Best Buy and Privacy?
> >
> >On Fri, 4 Feb 2011, Thor (Hammer of God) wrote:
> >
> >> I found this interesting, so I thought I would share it [....]
> >
> >It is interesting. Did you get a sense of whether the policy is specific
> to Seattle
> >/ King County / Washington?
> >
> >--
> >Paul Heinlein <> heinlein@...boa.com <> http://www.madboa.com/
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ