mailing list archives
Re: Privacy leak in VeriSign's SiteFinder service #2
From: Hugo van der Kooij <hvdkooij () vanderkooij org>
Date: Wed, 24 Sep 2003 21:26:14 +0200 (CEST)
On Wed, 24 Sep 2003, Mark Coleman wrote:
More naughty Verisign deeds...
This means that they can easily harvest the SOURCE email address field
for marketing purposes (no typos there), and would have a strong
educated guess of the correct domain of the mistyped TARGET.
Unfortunatly I found paper mail getting to me with an address that was
only used by a Veri$ign company and the address in this format was not
available through the WHOIS records. They sold my data without my consent.
That was the moment I decided to go to another register with my domain
info. So I think ill intend is not just suspected but must be considered
to be a real fact of life with Veri$ign
I for one have removed the Veri$ign root certificates and will inform
sites relying on them about the risk they take with Veri$ign and do advise
others to take smilar actions so we hurt them through their wallet.
All email sent to me is bound to the rules described on my homepage.
hvdkooij () vanderkooij org http://hvdkooij.xs4all.nl/
Don't meddle in the affairs of sysadmins,
for they are subtle and quick to anger.