Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Re: Who Do I Contact?
From: Paul Schmehl <pauls () utdallas edu>
Date: Tue, 25 Apr 2006 12:17:40 -0500

Barrie Dempster wrote:
On Sun, 2006-04-23 at 18:45 -0500, Paul Schmehl wrote:
Depending upon which Dean you're referring to, this could little to no good at all. The Dean might even think there's nothing wrong with SSNs being exposed.

In that case you could cite some *very* recent precedent on the matter:
http://www.statesman.com/news/content/news/stories/local/04/24utcomputers.html
http://tinyurl.com/h55y6

I hate to tell you this, but even that wouldn't make a difference to some Deans. I have had profs and Deans complain because we wouldn't allow them to just put a hacked machine back online. They think that somehow, once we've discovered a breach, it automagically goes away (or, more likely, it's not as important as the work that server was doing.)

So was the above your responsibility then Paul ?
;-P

If you look at my sig you should be able to figure out I'm not at the school cited in that article. (And that's not to say that we're any better than they are or that we'd never be hacked like that.)

--
Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]