Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Hash
From: Deeþàn Chakravarthÿ <codeshepherd () gmail com>
Date: Fri, 27 Jul 2007 11:57:50 +0800

Nick FitzGerald wrote:
shadown wrote:

  
Just some hashed for the record.

CA eTrust (vulnpack):
md5:919a7645a07aafb388af00e9b39d21bf
sha-1:b21f31892fff9de9bd6933850a66587786896fa1
SHA-256:66fd618e17bfe7db223f9547df15763d8246a49bbd6bbd7aee01964f2537bf86
    

Cool -- thanks for that info...

  
-- 
Sergio Alvarez
Security, Research & Development
IT Security Consultant
email: shadown () gmail com

This message is confidential.  ...
    

Yet you wilfully and knowingly posted it to a public-access mailing 
list with tens of thousands of subscribers and that is well-known to be 
archived in many places across the net?

You must be a prize moron...

  
...  It may also contain information that is
privileged or otherwise legally exempt from disclosure.  ...
    

...who can't afford a lawyer with half a clue, and will now never be 
able to meaningfully defend any kind of accidental Email-borne 
"disclosure" of anything, as you've just admitted, on the public 
record, that you are too stupid to tell if something is privileged or 
legally exempt from disclosure, THUS your only legally defensible 
position regarding such material in future is to ensure that you never 
handle any of it, but as (by your own admission) you cannot tell what 
that it is, you must cut yourself off from all information, a clearly 
impossible task.  In short, you've put yourself in the paradoxical 
position of being both knowingly and negligently responsible for any 
and all "improper" disclosures of any and all "sensitive" material you 
should ever happen across in future.

Good luck ever getting hired again -- it would take a seriously stupid 
employer to take on such a liability as you!

  

Oh ya, you are the Mr.Perfect. 
...  If you have
received it by mistake ...
    

As you say it _is_ confidential and I have NO existing relevant 
"relationship" with you, I MUST have received this by mistake....

  
... please let us know by e-mail ...
    

...and I have a good faith belief that the mailing list software will 
deliver this is to you by Email, so I've fulfilled that part of the 
"deal".  But what about the rest of the F-D subscribers?  You'll get a 
_LOT_ of Email...

  
...immediately ...
    

Although I wrote this as quickly as I could and sent it "immediately" 
thereafter, I didn't read your message till several hours after 
receiving it -- I hope that doesn't mean I didn't do it 
"immediately"...

  
... and
delete it from your system; ...
    

No.  Why should I?  Because _YOU_ are a moron and made a stupid 
mistake?

In case it's not already nice and clear, I'll try to make it even 
clearer why this kind of "Email AUP" is _THOROUGHLY_ bogus.

Imagine that I totally accidentally ran you over with my car BUT THEN 
told you that the terms and conditions of my having run you over are 
that you have to accept that I'm incompetent to judge whether I should 
drive or not [that's the earlier stuff], that you are to forget it ever 
happened [above]...

  
... should also not copy the message nor
disclose its contents to anyone. Many thanks.
    

...and that you are never to tell anyone anything about the accident.

Do you think that would "protect" me in court if you actually had the 
temerity to sue me for damages or some such?

Would any lawyer with at least two good brain cells (yes -- a very rare 
breed) sensibly take _my_ case?


Regards,

Nick FitzGerald

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Secure Computing" group.
To post to this group, send email to Secure-Computing () googlegroups com
To unsubscribe from this group, send email to Secure-Computing-unsubscribe () googlegroups com
For more options, visit this group at http://groups.google.com/group/Secure-Computing?hl=en
-~----------~----~----~----~------~----~------~--~---


  

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]