Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-Disclosure] This sums up Yahoo!s security policyto a -T-

from [James Tucker] Network Security [Permanent Link]
Subject: Re: [Full-Disclosure] This sums up Yahoo!s security policyto a -T-
Date: Thu, 30 Dec 2004 23:02:21 -0400 
I agree wholeheartedly.


On Mon, 27 Dec 2004 10:05:55 -0500, Mary Landesman <mlande@bellsouth.net> wrote:

While I feel great compassion for the deceased Marine's father, I do not
believe that grief should override security, privacy, terms of service, and
good judgement. Any email Justin Ellsworth wished his father to have could
reasonably be expected to have been sent to his father prior to Justin's
death - by Justin, of course. Any email destined for other persons is not -
nor should it ever be - the property of anyone other than Justin and the
person to whom the email was sent.

If Justin wanted his father to inherit his email account, he would/should
have provided his dad with the logon info.

Excerpted from Yahoo's ToS agreement:
--------------------
21. NO THIRD PARTY BENEFICIARIES

You agree that, except as otherwise expressly provided in this TOS, there
shall be no third party beneficiaries to this Agreement.
--------------------

And under item 25 (General Information):

--------------------
No Right of Survivorship and Non-Transferability. You agree that your Yahoo!
account is non-transferable and any rights to your Yahoo! I.D. or contents
within your account terminate upon your death. Upon receipt of a copy of a
death certificate, your account may be terminated and all contents therein
permanently deleted.
--------------------

As a Yahoo member, I would expect these terms to be enforced.

It is tragic that a father lost his son. It is understandable that the
father wishes to gain access to every word his son ever typed. But, no
matter how cold it may seem, just because it is understandable doesn't make
it right.

Now, if there were reason to believe that a crime had been committed and
that evidence lies in the email, that's a different story. In such a case, I
believe the email should be turned over to the authorities. But absent legal
need, turning over email to a grieving parent/spouse/child is a dangerous
and undesirable precedent.

Yahoo should be applauded for protecting the privacy of its members.
Frankly, I am shocked that many members of this particular list seem to feel
otherwise. As it stands, Yahoo's security policy suits me to a -T-.

-- Mary

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Full-Disclosure] MySQL and the user "su", Andrew Farmer
Next by Date:  Re: [Full-Disclosure] Multiple Backdoors found in eEye Products(IRISand SecureIIS), Roberto Muñoz
Previous by Thread:  RE: [spam] Re: [Full-Disclosure] This sums up Yahoo!s security policy to a -T-, J.A. Terranson
Next by Thread:  Re: [Full-Disclosure] This sums up Yahoo!s security policy to a -T-, n3td3v
Indexes:  [Date] [Thread] [Top] [All Lists]