----- Original Message -----
From: "Dave "No, not that one" Korn" <davek_throwaway () hotmail com>
To: full-disclosure () lists grok org uk
Subject: [Full-disclosure] Re: Who Do I Contact?
Date: Sun, 23 Apr 2006 15:18:49 +0100
CrYpTiC MauleR wrote:
students attending. So everyone please dont wast your time trying to
play 'who can guess what school it is or where it is?' because I
really will not verify if you are correct or not and plain do not
want to play that game. I just asked FD on advice of what to do
considering the implications, and that is all it will be kept at.
:) It was just a game, and I'm not actually interested in guessing where
it is. See my other recent post in this thread for my actual serious advice
about what might work the best. Good luck, it is important and it does need
Incidentally, since presumably this bug has been there for some time, and
if it's accessible from the web, then it's already too late; the data might
have been leaked and without going through server logs with a fine-tooth
comb it may be impossible to tell (and perhaps even with). I don't know if
SarbOx applies to an edu, but if the data may already have leaked then they
really ought to be obliged to warn everyone whose data is on that database
that they need to take precautions to protect themselves against identity
theft. They shouldn't be allowed to cover it up or sweep it under the
Can't think of a witty .sigline today....
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/