Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Ps. Informing Companies about security vulnerabilities...

from [mailing lists] Network Security [Permanent Link]
Subject: Re: Ps. Informing Companies about security vulnerabilities...
Date: Thu, 05 Oct 2006 10:06:36 +0200 
Ps.   
 we have had contact with the police a few times after some reactive_aggressive 
had
reported a "hackers attack" to them.
 but after showing the law enforcers what really happened and how with prove, 
they every
time reached the same conclusion with something like "So, they have wasted our 
time by
screaming Wolf!, when you guys only did your friendly neighbour duty by telling 
them they
didn't lock their car door, and did not take anything from it"
and then the police phoned the complainers with the message,  please stop 
wasting our
time, we have closed the file.

slight difference with your case, is that we do not actively go out to find 
sites and try
attacks on them, we some times notice flaws when following a path from a paying 
clients
who ask us to look at the information sources they are using.

but i think there is nothing bad about walking over a parking space and putting 
notes
under windshield-wipers of every car that has unlocked doors.
just because most people don't care about their living environment, doesn't 
mean that the
few friendly neighbours that still have the guts to stand for doing the right 
thing
should be persecuted by those who stand for nothing other then making a few 
quick bucks.

so ;)  keep up the good work!
there are way too many servers 'leaking' privacy sensitive information, and the 
people
who's information is leaked are the real victims, not the rich companies who are
responsible for leaking it by neglect.
 

Cheers,

  






------------

Has anyone else gone through a similar situation? Was the company
receptive? Other companies I've contacted in the past have been quite
receptive - I'm just curious if other people have gone through this as
well.

No need to fill the list with this, you can email me directly with your
inputs and stories.

-- 
Joe McCray


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Informing Companies about security vulnerabilities..., Andreas Putzo
Next by Date:  Re: Frontpage no password privileges escalation?, thomas springer
Previous by Thread:  Layer 3 and Firewall, dubaisans dubai
Next by Thread:  RE: Ps. Informing Companies about security vulnerabilities..., Craig Wright
Indexes:  [Date] [Thread] [Top] [All Lists]