Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Should I Be Worried?
From: "Andrew A" <gluttony () gmail com>
Date: Wed, 26 Apr 2006 12:22:25 -0700

Your list troll was pretty lol.

I commend you.

On 4/26/06, CrYpTiC MauleR <crypticmauler () linuxmail org> wrote:

After reading http://www.securityfocus.com/news/11389 it made me think
twice about actually going public with my school's security hole by having
school notify students, parents and/or faculty at risk due to it.

I mean I didnt access any records, just knew that it was possible for
someone to access my account or anyone elses. I did not even exploit the
hole to steal, modify etc any records. Does this still put me in the same
boat at the USC guy? If so I am really not wanting to butt heads with the
school in case they try to turn around and bite the hand that tried to help
them. Even if my intentions were good, they might even make something up
saying I accessed entire database or something. I have nothing to prove me
otherwise since they have access to the logs. Already it seems like the
school is trying to sweep the incident under the rug, so very wary as to
what they might do if they were pushed into a corner and forced to go
public. Anyone has any idea what I can do or should I just let this slide? I
am already putting my credit report and such on fraud alert just in case,
and definelty do not plan on attending this school after my degree or school
year is over. A transfer is better than having me risk my data.

Regards,
CM

--
_______________________________________________
Check out the latest SMS services @ http://www.linuxmail.org
This allows you to send and receive SMS through your mailbox.

Powered by Outblaze

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]