[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Re: Who Do I Contact?

To: davek_throwaway@xxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] Re: Who Do I Contact?
From: "CrYpTiC MauleR" <crypticmauler@xxxxxxxxxxxxx>
Date: Sun, 23 Apr 2006 13:48:16 -0500

Wouldn't it matter on which state? I know California for instance has strict 
laws about telling public of breaches, but not sure about other states. I will 
be calling the Attorney General of the the school's state tomorrow so should 
have a good answer.



> ----- Original Message -----
> From: "Dave "No, not that one" Korn" <davek_throwaway@xxxxxxxxxxx>
> To: full-disclosure@xxxxxxxxxxxxxxxxx
> Subject: [Full-disclosure] Re: Who Do I Contact?
> Date: Sun, 23 Apr 2006 15:18:49 +0100
> 
> 
> CrYpTiC MauleR wrote:
> 
> > students attending. So everyone please dont wast your time trying to
> > play 'who can guess what school it is or where it is?' because I
> > really will not verify if you are correct or not and plain do not
> > want to play that game. I just asked FD on advice of what to do
> > considering the implications, and that is all it will be kept at.
> 
>    :)  It was just a game, and I'm not actually interested in guessing where
> it is.  See my other recent post in this thread for my actual serious advice
> about what might work the best.  Good luck, it is important and it does need
> fixing.
> 
>    Incidentally, since presumably this bug has been there for some time, and
> if it's accessible from the web, then it's already too late; the data might
> have been leaked and without going through server logs with a fine-tooth
> comb it may be impossible to tell (and perhaps even with).  I don't know if
> SarbOx applies to an edu, but if the data may already have leaked then they
> really ought to be obliged to warn everyone whose data is on that database
> that they need to take precautions to protect themselves against identity
> theft.  They shouldn't be allowed to cover it up or sweep it under the
> carpet.
> 
>      cheers,
>        DaveK
> --
> Can't think of a witty .sigline today....
> 
> 
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

>


-- 
_______________________________________________
Check out the latest SMS services @ http://www.linuxmail.org
This allows you to send and receive SMS through your mailbox.

Powered by Outblaze

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Re: Who Do I Contact?
  - From: Paul Schmehl

Prev by Date: Re: [Full-disclosure] Re: Who Do I Contact?
Next by Date: [Full-disclosure] Buffer-overflow and crash in Fenice OMS 1.10
Previous by thread: Re: [Full-disclosure] Re: Who Do I Contact?
Next by thread: Re: [Full-disclosure] Re: Who Do I Contact?
Index(es):
- Date
- Thread