Re: You shady bastards.

[security curmudgeon <jericho () attrition org>]

On Wed, 6 Jun 2007, Kradorex Xeron wrote:

: > Illegal or not, this is still pretty damned shady.
: >
: 
: I will seldom touch on the legal side but I have a possible scenario:
: 
: -- If David is no longer at that address, it could be said that his mail 
: account was taken down and the mail sent ended up in a possible "catch 
: all" box, perhaps someone at SecureWorks was looking through the said 
: catchall mailbox for any interesting mail sent to the secureworks.com 
: domain (i.e. to old employees) - It's quite common for companies and 
: organizations to monitor former employee mailboxes in the event anyone 
: that doesn't have any new contact information to be able to still get 
: somewhere with the old address. And them being a security organization, 
: maybe they proceeded to investigate the link sent.

This is no doubt exactly what happened.

A more ethical company would have sent HDM a polite note saying that the 
person no longer works there before curiosity got the best of them.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/