Home page logo
/

funsec logo funsec mailing list archives

Re: Youth expelled from Montreal college after finding "sloppy coding" that compromised security of 250, 000 students personal data
From: Valdis.Kletnieks () vt edu
Date: Tue, 22 Jan 2013 13:50:10 -0500

On Tue, 22 Jan 2013 08:14:34 -0500, Rich Kulawiec said:

about that story is that this statement from the company CEO (Edouard Taza):

      "We acted immediately to fix the problem, and were able to do
      so before anyone could use it to access private information."

was not challenged by the article's author, since it is of course an
obvious fabrication.

Yeah, I liked how they didn't know they had gotten probed till the kid
*told* them, but were immediately able to verify that they didn't have
any other un-noticed exploits of the hole.  (Sure, you can easily grep
for the scanning tool's footprint, but it takes a lot longer to verify
there's no disguised attacks with a different footprint).

Attachment: _bin
Description:

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]