Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Bank Exploit

From: "Murda Mcloud" <murdamcloud () bigpond com>
Date: Thu, 26 Jul 2007 14:29:11 +1000
I don't know whether banks would be better or worse than Cisco but when
Michael Lynn tried to do something similar last year he found it very hard
http://www.schneier.com/blog/archives/2005/07/cisco_harasses.html

I'd be very wary about trying to get the banks to ask your 'friend' to
consult. Frank Abegnale had to serve time before doing that kind of thing!
Uhh, so did Mitnick, actually. 

'Inadvertently' does not sound like a legal term that stands up in court....

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of securityz () delahunty com
Sent: Wednesday, July 25, 2007 11:34 PM
To: security-basics () securityfocus com
Subject: Bank Exploit

Friend of mine (not me, really) is working with a client of his who claims
to have inadvertently discovered a few web exploits of several financial
institutions.  Does anyone have any insights as to how this guy could bring
these to the attention of the organizations involved without being seen as a
hacker?  His minimal goal is to help the institutions, optimally he would
like to consult to help them rectify the issues.


thx

Steve
Previous By Date Next
Previous By Thread Next

Current thread: