Just for clarification
This person would break into a local ISP, post the general information about
the hole, smtp port open, etc, etc, go to the next local ISP and do the same
thing, all on the same place.
He wouldn't remove the information unless it was fixed AND he was
informed/happened across it or he was paid to fix it.
This was a publicly viewable web site, and in fact the competing ISPs could
even see the pointers at each other's holes.
Please direct all responses to the newsgroup so that all may benefit from my
lack of wisdom!
----- Original Message -----
From: "Tim Lieberman" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, April 05, 2000 6:39 AM
Subject: RE: Security holes revisited -- reward offered
> It's only extortion if there's a threat implied.
>
> Think of it this way:
> 1) If there is an exploitable hole, your box is insecure.
> 2) Assuming I don't cause any damage[*], all I'm doing is
> alerting you to a security problem.
>
> It's not really ethical to do this, but it's not extortion either. It's
> more like a locksmith walking into your locked office at night, and
leaving
> a note that says: "Your locks suck - I was able to pick them in under 30
> seconds. Call me at <number> and we'll talk about getting you some real
> security".
>
> Yes he was trespassing, but it's not extortion. Some might call it
> "breaking and entering", but assuming the lock still functions (in what is
> now recognized as a limited capacity), I wouldn't agree with the
"breaking"
> part.
>
> Extortion would be, for example, if I hacked your box, deleted some
> unimportant data, and said that if I didn't get paid, I'd come back and
> delete some important stuff.
>
> [*] Some companies try to claim that someone breaking their security
causes
> damage in the form of losses to upgrade/update/fix their security. This
is
> a fallacy, the hole was there before the 'hacker' exploited/called
> attention to it.
>
>
> At 06:15 PM 00/04/05 -0400, you wrote:
> >Gee sounds like a classic mafia protection racket. Pay us or your
business
> >will suddenly have some broken windows. Most places call this extortion.
> >
> > - Steve
> >
> >
> >-----Original Message-----
> >From: Jennifer [mailto:[EMAIL PROTECTED]]
> >Sent: Wednesday, April 05, 2000 12:57 PM
> >To: [EMAIL PROTECTED]
> >Subject: Re: Security holes revisited -- reward offered
> >
> >
> >At 08:29 AM 4/5/00 -0500, you wrote:
> >>So what do you guys think about part time hackers that attempt a
breakin,
> >>post general results on a website, and then ask for payment to fix your
> >>problems?
> >
>
>---------------------------------------------------------------------------
> ---
> >Archives: http://www.eGroups.com/list/cf-talk
> >To Unsubscribe visit
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
> send a message to [EMAIL PROTECTED] with 'unsubscribe' in
> the body.
> >
> >
>
> Tim Lieberman Take a break and have a listen,
> Electric Mind Control Do It NOW:
> Workshop & Funk Bakery http://www.mp3.com/emcw
> --------------------------------------------------------------------------
----
> Archives: http://www.eGroups.com/list/cf-talk
> To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.
>
------------------------------------------------------------------------------
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
