|
Security Basics
mailing list archives
Re: Bank Exploit
From: Adam Pal <pal_adam () gmx net>
Date: Thu, 26 Jul 2007 21:57:07 +0200
Hello securityz,
That really depends on the country`s laws.
I would say, if you neither intercepted any data, nor intruded the
system you are partialy safe.
From what i know the USA has very strong laws at this point of view.
As here mentioned, you can carefuly try to get in touch with the team
and point on the gaps.
On the other hand, keep in mind what Craig
Wright mentioned on that list, that people have a right to be unsafe.
It is not logical, but staying out of the issue can protect you from
being accused.
--
Best regards,
Adam Pal
Wednesday, July 25, 2007, 3:34:29 PM, you wrote:
<==============Original message text===============
sdc> Friend of mine (not me, really) is working with a client of
sdc> his who claims to have inadvertently discovered a few web
sdc> exploits of several financial institutions. Does anyone have any
sdc> insights as to how this guy could bring these to the attention of
sdc> the organizations involved without being seen as a hacker? His
sdc> minimal goal is to help the institutions, optimally he would like
sdc> to consult to help them rectify the issues.
sdc> thx
sdc> Steve
<===========End of original message text===========
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
 By Date 
By Thread
Current thread:
RE: Bank Exploit Murda Mcloud (Jul 26)
Re: Bank Exploit Adam Pal (Jul 27)
Re: Bank Exploit Warren V Camp (Jul 25)
RE: Bank Exploit Siscar, Emerson E. (Jul 26)
|
Intro
