| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 6 Dec 2011 14:38:57 -0800 From: Jeffrey Walton <noloader@...il.com> To: Christian Sciberras <uuf6429@...il.com> Cc: full-disclosure <full-disclosure@...ts.grok.org.uk> Subject: Re: OMIGOD CIQ HACKING THE WORLD. On Tue, Dec 6, 2011 at 7:52 AM, Christian Sciberras <uuf6429@...il.com> wrote: > Or not... > > http://vulnfactory.org/blog/2011/12/05/carrieriq-the-real-story/ Just to play devil's advocate: this application has the potential to do a lot of harm. Should we treat it like 'location data' from the recent past? Recall that many companies denied using location data without consent, yet one major operating system provider was using it despite their claims. It spurred a number of lawsuits (https://encrypted.google.com/#sclient=psy-ab&q=apple+lawsuit+unauthorized+use+of+data). I really enjoy reading Dan Rosenberg, but I'm not sure its safe because he has not observed any suspicious activity (and the carriers say so). And I'm not sure I am buying Apple's "we distribute it but we don't use it" claim (its sounds very fishy to me). Jeff _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists