Full Disclosure mailing list archives
RE: Responsibility
From: "Scott Forrest" <sforrest () hsdwdc com>
Date: Thu, 25 May 2006 09:24:05 -0400
My question would be why the previous IT staff didn't put the customer access on a different leg than the actual business network? A simple VLAN or something to keep the two separate so something like that wouldn't happen. Scott Forrest IT Manager Hobbs, Straus, Dean & Walker, LLP 2120 L St. NW - Suite 700 Washington, D.C. 20037 202.822.8282 ext.326 sforrest () hsdwdc com -----Original Message----- From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of <...> Sent: Tuesday, May 23, 2006 4:08 AM To: Greg; full-disclosure () lists grok org uk Subject: Re: [Full-disclosure] Responsibility unfortunately if there is a paper signed by both parties "per acceptance" of the hotel (it is usually part of the buying/lease contract), and that includes also the IT stuff, there's nothing to do.... a good lawyer could help on this, rather than security experts.... and, by the way, if something like this happens there's no easy way to say you've done the utmost to lock down the customer... just my .02?c (that's 20% more that in $) ----- Original Message ----- From: "Greg" <full-disclosure3 () pchandyman com au> To: <full-disclosure () lists grok org uk> Sent: Monday, May 22, 2006 12:05 AM Subject: [Full-disclosure] Responsibility Large motel/hotel chain I recently acquired wants to sue previous company who did their I.T. work for them as a customer's wifi connected machine infected their network and caused loss of booking data thus money. My question then is - if you have done the utmost to lock down your customer but someone connects an infected machine and somehow it gets in, is the customer right in suing you? Eg, like a car mechanic, you do the best but you cannot be 100% sure that something else that was never a problem will now cause a problem (such as a new exploit in our case that wasn't known generally until 24 hours ago). Should you be sued at that point? Wondering whether to dump the guy at this point. Thanks. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -------------------------------------------------------------------------------- Hobbs, Straus, Dean and Walker, LLP. Confidentiality Statement This message is intended only for the use of the individuals to which this e-mail is addressed, and may contain information that is privileged, confidential and exempt from disclosure under applicable laws. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this e-mail in error, please notify the sender immediately and delete this e-mail from both your "mailbox" and your "trash." Thank you. -------------------------------------------------------------------------------- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Responsibility Greg (May 21)
- Re: Responsibility Line Noise (May 21)
- Re: Responsibility Paul Schmehl (May 21)
- Re: Responsibility Sol Invictus (May 22)
- Re: Responsibility <...> (May 23)
- Re: Responsibility Sean Comeau (May 23)
- <Possible follow-ups>
- RE: Responsibility Scott Forrest (May 25)
- Re: Responsibility Michael Holstein (May 25)
- RE: Responsibility Scott Forrest (May 25)
- Re: Responsibility Valdis . Kletnieks (May 25)
- Re: Responsibility gboyce (May 25)
- Re: Responsibility Valdis . Kletnieks (May 25)