Full Disclosure mailing list archives

Re: Re: Who Do I Contact?

From: "CrYpTiC MauleR" <crypticmauler () linuxmail org>
Date: Sun, 23 Apr 2006 13:48:16 -0500

Wouldn't it matter on which state? I know California for instance has strict laws about telling public of breaches, but 
not sure about other states. I will be calling the Attorney General of the the school's state tomorrow so should have a 
good answer.

----- Original Message -----
From: "Dave "No, not that one" Korn" <davek_throwaway () hotmail com>
To: full-disclosure () lists grok org uk
Subject: [Full-disclosure] Re: Who Do I Contact?
Date: Sun, 23 Apr 2006 15:18:49 +0100


CrYpTiC MauleR wrote:

students attending. So everyone please dont wast your time trying to
play 'who can guess what school it is or where it is?' because I
really will not verify if you are correct or not and plain do not
want to play that game. I just asked FD on advice of what to do
considering the implications, and that is all it will be kept at.


   :)  It was just a game, and I'm not actually interested in guessing where
it is.  See my other recent post in this thread for my actual serious advice
about what might work the best.  Good luck, it is important and it does need
fixing.

   Incidentally, since presumably this bug has been there for some time, and
if it's accessible from the web, then it's already too late; the data might
have been leaked and without going through server logs with a fine-tooth
comb it may be impossible to tell (and perhaps even with).  I don't know if
SarbOx applies to an edu, but if the data may already have leaked then they
really ought to be obliged to warn everyone whose data is on that database
that they need to take precautions to protect themselves against identity
theft.  They shouldn't be allowed to cover it up or sweep it under the
carpet.

     cheers,
       DaveK
--
Can't think of a witty .sigline today....



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



-- 
_______________________________________________
Check out the latest SMS services @ http://www.linuxmail.org
This allows you to send and receive SMS through your mailbox.

Powered by Outblaze

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: Re: Who Do I Contact?, (continued)
- - - Re: Re: Who Do I Contact? Paul Schmehl (Apr 23)
    - Re: Re: Who Do I Contact? Barrie Dempster (Apr 24)
    - Re: Re: Who Do I Contact? Paul Schmehl (Apr 25)
    - Re: Re: Who Do I Contact? Barrie Dempster (Apr 25)
- Re: Who Do I Contact? CrYpTiC MauleR (Apr 22)
- Re: Re: Who Do I Contact? CrYpTiC MauleR (Apr 22)
- Re: Who Do I Contact? CrYpTiC MauleR (Apr 23)
  - Re: Who Do I Contact? Valdis . Kletnieks (Apr 23)
  - Re: Who Do I Contact? Dave "No, not that one" Korn (Apr 23)
- Re: Re: Who Do I Contact? CrYpTiC MauleR (Apr 23)
- Re: Re: Who Do I Contact? CrYpTiC MauleR (Apr 23)
  - Re: Re: Who Do I Contact? Paul Schmehl (Apr 23)
- Re: Who Do I Contact? CrYpTiC MauleR (Apr 24)
  - Re: Who Do I Contact? Gadi Evron (Apr 24)
    - Re: Who Do I Contact? n3td3v (Apr 24)