Bugtraq mailing list archives
Re: Privacy leak in VeriSign's SiteFinder service #2
From: Hugo van der Kooij <hvdkooij () vanderkooij org>
Date: Wed, 24 Sep 2003 21:26:14 +0200 (CEST)
On Wed, 24 Sep 2003, Mark Coleman wrote:
More naughty Verisign deeds...
....
This means that they can easily harvest the SOURCE email address field for marketing purposes (no typos there), and would have a strong educated guess of the correct domain of the mistyped TARGET.
Unfortunatly I found paper mail getting to me with an address that was only used by a Veri$ign company and the address in this format was not available through the WHOIS records. They sold my data without my consent. That was the moment I decided to go to another register with my domain info. So I think ill intend is not just suspected but must be considered to be a real fact of life with Veri$ign I for one have removed the Veri$ign root certificates and will inform sites relying on them about the risk they take with Veri$ign and do advise others to take smilar actions so we hurt them through their wallet. Hugo. -- All email sent to me is bound to the rules described on my homepage. hvdkooij () vanderkooij org http://hvdkooij.xs4all.nl/ Don't meddle in the affairs of sysadmins, for they are subtle and quick to anger.
Current thread:
- Privacy leak in VeriSign's SiteFinder service Richard M. Smith (Sep 24)
- Privacy leak in VeriSign's SiteFinder service #2 Mark Coleman (Sep 24)
- Re: Privacy leak in VeriSign's SiteFinder service #2 Marco Ivaldi (Sep 24)
- Re: Privacy leak in VeriSign's SiteFinder service #2 Diego Bitencourt Contezini (Sep 24)
- Re: Privacy leak in VeriSign's SiteFinder service #2 Henning Rust (Sep 25)
- Re: Privacy leak in VeriSign's SiteFinder service #2 Niels Bakker (Sep 25)
- Re: Privacy leak in VeriSign's SiteFinder service #2 Marco Ivaldi (Sep 24)
- Re: Privacy leak in VeriSign's SiteFinder service #2 der Mouse (Sep 24)
- Re: Privacy leak in VeriSign's SiteFinder service #2 Hugo van der Kooij (Sep 24)
- Message not available
- Re: Privacy leak in VeriSign's SiteFinder service #2 Timothy J. Biggs (Sep 25)
- Privacy leak in VeriSign's SiteFinder service #2 Mark Coleman (Sep 24)