|
Full Disclosure
mailing list archives
Re: You shady bastards.
From: Anders B Jansson <hdw () kallisti se>
Date: Thu, 07 Jun 2007 14:40:33 +0200
Any company email adress is primarily intended for company related issues.
Even the company in question allows you to use it for personal issues,
it's still mainly intented for company use.
An email adressed to, up until recently employed, security researcher,
HR drone or sales assistant, Elmer Fudd using his company email
elmer.fudd () shadybastards com must be seen as adressed to this person
in his position at the company, not to him as a person.
If he for some reason can't take care of it, it's obvious that the
company must take care of the message, usually by the individual who
is covering for him (or replacing him).
If you want to send a message to a specific individual, not a position
at a company, then use his (or hers) personal adress.
// hdw
rlogin () hush ai wrote:
The key is *personal* e-mail. It's not unreasonable for any
company to assume their e-mail systems are used primarily for
business purposes. The e-mail doesn't indicate it's personal. It
doesn't say, "Your Ghonorrhea test results have come back! Click
here for the results." The e-mail has no contents other than a
link and doesn't indicate that the "Zero Day" promise was made
after this employee left the company. In fact, the subject "Zero
Day" is directly related to SecureWork's business and it's entirely
reasonable to expect a security company to investigate the
contents. I'm actually surprised someone actually monitors these
accounts and took the time to look into it!
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
- Re: You shady bastards., (continued)
|
Intro
