----- Original Message -----
From: "Dave "No, not that one" Korn" <davek_throwaway () hotmail com>
To: full-disclosure () lists grok org uk
Subject: [Full-disclosure] Re: Who Do I Contact?
Date: Sun, 23 Apr 2006 15:11:40 +0100
Valdis.Kletnieks () vt edu wrote:
The number of US universities big enough to have 7,000 incoming students
is extremely limited. *that* little tidbit probably tells us more than
the fact his traceroute ends in Kansas.....
Plus he just gave away that his parents work there, so we can cut it down
to those where we can automatically find surname matches between the staff
directory and the pupils list ....
CM, my suggestion would be to phone up the Dean/Principal while he's in
the middle of his sunday lunch and read out his SSN to him and tell him how
he can go to his computer and see it for himself. Do it from a phonebox,
tell him he really needs to bang heads together in the IT department *now*,
tell him you haven't messed or tampered with it in any way and you just want
it fixed because your own data is in there too (don't mention the parents!)
then say you're sorry but you hope he'll understand why you don't want to
identify yourself and ring off.
Then when you go to school on Monday you can enjoy the looks of pain on
the faces of the IT staff who've been up all night fixing the hole because
the Dean's torn them all a second one ... ;-D
Can't think of a witty .sigline today....
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/