Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: How to obtain a yahoo username off a computer

From: Kerberus <kerberus () microbsd net>
Date: 12 Jun 2003 23:05:12 -0500
Or it could also have been of a legitimate corporate need, as im used to
seeing. So when its not blatently obvious, where do you draw that line
?? Nothing i read here in the replies is any different then you could
find doing a little bit of googling on the web

On Thu, 2003-06-12 at 13:03, Townson, Glenn A wrote:

Kelly, I applaud all of your efforts !!!!

As a subscriber to the list if there is anything posted I am not interested
in or thought inappropriate, I ignore it.

As a security professional the more information I have available (good or
bad) affords the opportunity to deduce my own conclusion and act
accordingly.

"As long as technology exists, security or lack there of, will exist"

-----Original Message-----
From: Kelly Martin [mailto:kel () securityfocus com]
Sent: Thursday, June 12, 2003 12:28 PM
To: Tim Laureska
Cc: seeliger.curt () epa gov; security-basics
Subject: RE: How to obtain a yahoo username off a computer


I receive posts to the list on a daily basis that appear to be questions
on how to circumvent security. Those that are so obvious are rejected
outright with standard explanation, and in some cases people respond by
rephrasing their question, indicating the legitimate purpose of such a
request, and then I approve it. That's the process.

While I am absolutely security paranoid myself, I'm not going to pry into
the lives of anyone on this list, nor am I going to go more than just one
step beyond the obvious implications of a simple question. The answers are
out there anyway -- whether you find them on the web or Usenet (remember
newsgroups?) or on this list. The knowledge can be used for good or bad
either way, and many people here have the ability to do either quite
effectively (yet in the vast majority of cases, are *still* not black
hats). There needs to be a certain amount of leeway in this area,
considering the very nature of security discussions.

--
Kelly Martin <kel () securityfocus com>
Moderator, Security-Basics

On Wed, 11 Jun 2003, Tim Laureska wrote:


Curt is absolutely right... I was amazed at how quickly people responded
with various mechanisms to do what was originally asked... I would hope
that the new Security Basics List administrator might pick up on this
potential social engineering ... For all we know this could be some 13
year old kid trying to get into a friend's A/C (no offence meant to the
original author).... paranoia is definitely part of the game!

I finish with a question ....Is this an appropriate question for this
list?


-----Original Message-----
From: Curt Seeliger [mailto:seeliger.curt () epa gov]
Sent: Wednesday, June 11, 2003 7:53 PM
To: security-basics () securityfocus com
Subject: Re: How to obtain a yahoo username off a computer


There's been a variety of helpful responses to the original request now.

There are good reasons for doing what he wants to do, but (and I'm in no

way impuning the original poster by asking this) there are some crummy
reasons as well.

How do any of you know this isn't part of a stalking, or background info

for more social engineering, or yada? Near as I know, you don't.  Sure,
this is worst case scenario, but isn't paranoia part of the game?


---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------

---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------




---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: