Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Who Do I Contact?
From: "Dave \"No, not that one\" Korn" <davek_throwaway () hotmail com>
Date: Sun, 23 Apr 2006 15:11:40 +0100

Valdis.Kletnieks () vt edu wrote:

The number of US universities big enough to have 7,000 incoming students
is extremely limited.  *that* little tidbit probably tells us more than
the fact his traceroute ends in Kansas.....

  Plus he just gave away that his parents work there, so we can cut it down 
to those where we can automatically find surname matches between the staff 
directory and the pupils list ....

  CM, my suggestion would be to phone up the Dean/Principal while he's in 
the middle of his sunday lunch and read out his SSN to him and tell him how 
he can go to his computer and see it for himself.  Do it from a phonebox, 
tell him he really needs to bang heads together in the IT department *now*, 
tell him you haven't messed or tampered with it in any way and you just want 
it fixed because your own data is in there too (don't mention the parents!) 
then say you're sorry but you hope he'll understand why you don't want to 
identify yourself and ring off.

  Then when you go to school on Monday you can enjoy the looks of pain on 
the faces of the IT staff who've been up all night fixing the hole because 
the Dean's torn them all a second one ... ;-D

Can't think of a witty .sigline today.... 

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]