Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Who Do I Contact?
From: "Dave \"No, not that one\" Korn" <davek_throwaway () hotmail com>
Date: Sun, 23 Apr 2006 15:18:49 +0100

CrYpTiC MauleR wrote:

students attending. So everyone please dont wast your time trying to
play 'who can guess what school it is or where it is?' because I
really will not verify if you are correct or not and plain do not
want to play that game. I just asked FD on advice of what to do
considering the implications, and that is all it will be kept at.

  :)  It was just a game, and I'm not actually interested in guessing where 
it is.  See my other recent post in this thread for my actual serious advice 
about what might work the best.  Good luck, it is important and it does need 
fixing.

  Incidentally, since presumably this bug has been there for some time, and 
if it's accessible from the web, then it's already too late; the data might 
have been leaked and without going through server logs with a fine-tooth 
comb it may be impossible to tell (and perhaps even with).  I don't know if 
SarbOx applies to an edu, but if the data may already have leaked then they 
really ought to be obliged to warn everyone whose data is on that database 
that they need to take precautions to protect themselves against identity 
theft.  They shouldn't be allowed to cover it up or sweep it under the 
carpet.

    cheers,
      DaveK
-- 
Can't think of a witty .sigline today.... 



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault