Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Re: Who Do I Contact?
From: Paul Schmehl <pauls () utdallas edu>
Date: Sun, 23 Apr 2006 18:45:47 -0500

--On April 23, 2006 3:11:40 PM +0100 "Dave \"No, not that one\" Korn" <davek_throwaway () hotmail com> wrote:

  CM, my suggestion would be to phone up the Dean/Principal while he's in
the middle of his sunday lunch and read out his SSN to him and tell him
how  he can go to his computer and see it for himself.  Do it from a
phonebox,  tell him he really needs to bang heads together in the IT
department *now*,  tell him you haven't messed or tampered with it in any
way and you just want  it fixed because your own data is in there too
(don't mention the parents!)  then say you're sorry but you hope he'll
understand why you don't want to  identify yourself and ring off.

Depending upon which Dean you're referring to, this could little to no good at all. The Dean might even think there's nothing wrong with SSNs being exposed.

Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
University of Texas at Dallas
AVIEN Founding Member

Attachment: _bin

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]