Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Who Do I Contact?
From: "CrYpTiC MauleR" <crypticmauler () linuxmail org>
Date: Sat, 22 Apr 2006 13:16:53 -0500

I'm sorry I don't plan on going public with the details of the hole except with school staff and/or law enforcement. 
Main reason being dont want to put my info and my parents info in any great danger than it already is in. As you know 
identity theft is one of the fastest growing crimes so I feel that releasing the news before the holes is fixed will do 
more damage than good.



----- Original Message -----
From: "Brian Eaton" <eaton.lists () gmail com>
To: full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] Who Do I Contact?
Date: Sat, 22 Apr 2006 12:52:14 -0400


On 4/22/06, CrYpTiC MauleR <crypticmauler () linuxmail org> wrote:
I am sorry I am not going to say who the school is. Mainly because so many
socials numbers are at risk including mine. I have contacted the 
VP of Information
Technology and he assured me he would call the company that makes 
the website.
After 20 days the hole was not fixed, so I called the department heads and am
giving them 48 hours from then which is now currently at 24 hours 
before I move
onto notifying someone else. I was also thinking about contacting 
FBI about this
seeing they handle school breaches but not sure.

How about notifying the school newspaper?  Take a tech savvy reporter,
prove to them the hole exists, and let them get some quotes from the
VP of IT explaining exactly what the school is doing to fix the
problem.

A little sunshine can have some wonderful effects.

Regards,
Brian

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/




-- 
_______________________________________________
Check out the latest SMS services @ http://www.linuxmail.org
This allows you to send and receive SMS through your mailbox.

Powered by Outblaze

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]