Depending upon which Dean you're referring to, this could little to no good at all. The Dean might even think there's nothing wrong with SSNs being exposed.CM, my suggestion would be to phone up the Dean/Principal while he's in the middle of his sunday lunch and read out his SSN to him and tell him how he can go to his computer and see it for himself. Do it from a phonebox, tell him he really needs to bang heads together in the IT department *now*, tell him you haven't messed or tampered with it in any way and you just want it fixed because your own data is in there too (don't mention the parents!) then say you're sorry but you hope he'll understand why you don't want to identify yourself and ring off.
Paul Schmehl (pauls@xxxxxxxxxxxx) Adjunct Information Security Officer University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/
Attachment:
p7sSZ43fPBjZb.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/