Full Disclosure mailing list archives
Re: Undisclosed breach at major US facility
From: "kaiser scapegoat" <kaiser_scapegoat () hotmail com>
Date: Wed, 26 Jul 2006 15:27:34 -0700
There's something that's not in the timeline or my blog, but I think it's relevant in bringing up possible consequences of the "paint whistleblower as hacker" strategy.
University security sites often post information of interest to the security on their web sites. Through simple Internet searches I found several universities that had posted presentations that gave me as an example of a hacker/danger. I'm pretty sure these presentations were offshoots of the HIPAA conference run by the Kaiser lawyer. I tried to contact a couple of the universities directly and asked them to redact that part of their presentations, but they didn't reply.
From: "kaiser scapegoat" <kaiser_scapegoat () hotmail com> To: full-disclosure () lists grok org uk Subject: Re: [Full-disclosure] Undisclosed breach at major US facility Date: Wed, 26 Jul 2006 15:16:46 -0700I'm on a mission to make it okay. This will not end with Kaiser concluding that trying to frame people "works".If the public insists on putting the "messenger" through all this crap, they will deserve a society owned by corporate interests and bereft of all individual rights. Might as well use the U.S. constitution for a cigar wrapper, because it sure doesn't apply to the "little people" anymore.From: evilrabbi <evilrabbi () gmail com> To: full-disclosure () lists grok org uk Subject: Re: [Full-disclosure] Undisclosed breach at major US facility Date: Wed, 26 Jul 2006 17:09:19 -0500That's why you shouldn't tell people about things like that. Just keep themto yourself and you'll be ok. On 7/26/06, kaiser scapegoat <kaiser_scapegoat () hotmail com> wrote:Hi - I only joined this list because I read about the "how to disclose a breach" issue in Wired. I read through the posts, and it didn't look like anyone brought up my case. I'm the person who proved the press and government agencies prefer to portray the whistleblower as a hacker even if the info has been on a public web site for five years. Here's a timeline of my situation: http://corphq.livejournal.com/60599.html I keep a blog on this issue here: http://corphq.livejournal.com What was surprising about my case was not that Kaiser attempted to frame me- they've always been slime. What's upsetting is the way the press and the State of California enabled them by portraying me off the bat as a hacker.This made it impossible for me to get timely legal help. Even more upsetting is that even after the CA Dept. of Managed Health Care realized their mistake, they did nothing to fix the problem they had caused me. They didn't publicly apologize for their press release, and they left the Order against me on their web site. They pressured me into signing a "settlement" just to cover their own ass, and then they broke their side of it. The actions of the DMHC were illegal to begin with since they have no jurisdiction over private citizens. It seems that it's okay with all of society that the State can take illegal actions against me and I can be left to the HMO legal team wolves justbecause I'm a nobody and it apparently appeases public anxieties to punishthe person who symbolizes the danger of medical records being posted on the Internet. In the end, though, this is shooting the messenger, and that just assures that people in the future will be afraid to report this kind of security leak. _________________________________________________________________ On the road to retirement? Check out MSN Life Events for advice on how to get there! http://lifeevents.msn.com/category.aspx?cid=Retirement _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/-- -- h0 h0 h0 -- www.nopsled.net_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_________________________________________________________________On the road to retirement? Check out MSN Life Events for advice on how to get there! http://lifeevents.msn.com/category.aspx?cid=Retirement_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_________________________________________________________________Express yourself instantly with MSN Messenger! Download today - it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Undisclosed breach at major US facility, (continued)
- Re: Undisclosed breach at major US facility Valdis . Kletnieks (Jul 04)
- RE: Undisclosed breach at major US facility The Shadow (Jul 04)
- Re: Undisclosed breach at major US facility r r (Jul 05)
- Re: Re: Undisclosed breach at major US facility Valdis . Kletnieks (Jul 05)
- Re: Re: Undisclosed breach at major US facility Javor Ninov (Jul 05)
- Re: Re: Undisclosed breach at major US facility Valdis . Kletnieks (Jul 05)
- Re: Undisclosed breach at major US facility Andrew A (Jul 11)
- Undisclosed breach at major US facility kaiser scapegoat (Jul 26)
- Re: Undisclosed breach at major US facility evilrabbi (Jul 26)
- Re: Undisclosed breach at major US facility kaiser scapegoat (Jul 26)
- Re: Undisclosed breach at major US facility c0ntex (Jul 26)
- Re: Undisclosed breach at major US facility kaiser scapegoat (Jul 26)
- Re: Undisclosed breach at major US facility evilrabbi (Jul 26)