A very good point.
The subject line doesn't always show anything related to personal e-mail
message and does the person monitoring messages know what is related to
his/hers work?
I see adding the word PRIVATE as a part of subject line a good practice.
It's not so easy to accidentally post
On Friday 08 June 2007 07:12, Thierry Zoller wrote:
Dear List,
I know we have a World Police but luckily we have no World laws, how
about some of you stick to things your supposed to be able to do,
security, coding whatever and leave law to those that practise it ?
I have yet to see a
In luxembourg for instance mails labeled as PRIVATE or CONFIDENTIAL
are not allowed to be viewed by the company, ALSO as email. Write it in
the subject line.
Hey, don't read this. This isn't for you.
Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
Dear List,
I know we have a World Police but luckily we have no World laws, how
about some of you stick to things your supposed to be able to do,
security, coding whatever and leave law to those that practise it ?
I have yet to see a lawyer good at sec, it depends on
- legislation the company
On 6/8/07, Kradorex Xeron [EMAIL PROTECTED] wrote:
On Friday 08 June 2007 07:12, Thierry Zoller wrote:
Dear List,
I know we have a World Police but luckily we have no World laws, how
about some of you stick to things your supposed to be able to do,
security, coding whatever and leave
Dear Kradorex,
Oh now canada enters the game, somebody from russia pleae also comment
on Luxemburgish law, aeessome.
It is not logic, it's law (read: positive law). It applies to Mail
only, get over it. It gives you legal ground to sue. Can you grasp
the concept here?
--
forget Luxembourg! In Texas the law is quite clear. It says if you
send a message to the wrong address and the recipient reads it, you
have to cry about it on a mailing list, call the recipient names,
and question the legality like an idiot.
---
Human salvation lies in the hands of the
ok..
On 6/8/07, M. B. Jr. [EMAIL PROTECTED] wrote:
cool,
HD Moore started a thread,
yeah, lets reply the more we can!!!
On 6/6/07, Kradorex Xeron [EMAIL PROTECTED] wrote:
On Wednesday 06 June 2007 09:47, H D Moore wrote:
Hello,
Some friends and I were putting together a
cool,
HD Moore started a thread,
yeah, lets reply the more we can!!!
On 6/6/07, Kradorex Xeron [EMAIL PROTECTED] wrote:
On Wednesday 06 June 2007 09:47, H D Moore wrote:
Hello,
Some friends and I were putting together a contact list for the folks
attending the Defcon conference this year
On Friday 08 June 2007 08:04, Thierry Zoller wrote:
Dear Kradorex,
Oh now canada enters the game, somebody from russia pleae also comment
on Luxemburgish law, aeessome.
It is not logic, it's law (read: positive law). It applies to Mail
only, get over it. It gives you legal ground to sue.
yeah, lets reply the more we can!!!
I like cake.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
LOLOLOLOL
On Fri, 08 Jun 2007 11:52:21 -0400 evilrabbi [EMAIL PROTECTED]
wrote:
ok..
On 6/8/07, M. B. Jr. [EMAIL PROTECTED] wrote:
cool,
HD Moore started a thread,
yeah, lets reply the more we can!!!
On 6/6/07, Kradorex Xeron [EMAIL PROTECTED] wrote:
On Wednesday 06 June 2007 09:47,
More importantly, will the party attendees include Matt Skape
Miller or will we all have to settle for Metasploit figurehead HD
Moore?
J
On Fri, 08 Jun 2007 13:35:19 -0400 Forest Lobster
[EMAIL PROTECTED] wrote:
Interesting thread. But y'all are missing the bigger picture here.
[Wed, Jun
Interesting thread. But y'all are missing the bigger picture here.
[Wed, Jun 06, 2007 at 08:47:12AM -0500]
[H D Moore ([EMAIL PROTECTED]) wrote]
: Some friends and I were putting together a contact list for the folks
: attending the Defcon conference this year in Las Vegas. My friend sent
:
On 6/8/07, Morning Wood [EMAIL PROTECTED] wrote:
yeah, lets reply the more we can!!!
I like cake.
with Chocolate, or Vanilla icing?
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and
[
[--
[
[Message: 2
[Date: Wed, 6 Jun 2007 20:23:25 -0400
[From: Larry Seltzer [EMAIL PROTECTED]
[Subject: Re: [Full-disclosure] You shady bastards.
[To: full-disclosure@lists.grok.org.uk
[Message-ID:
[ [EMAIL PROTECTED]
[Content-Type: text/plain; charset=us
The key is *personal* e-mail. It's not unreasonable for any
company to assume their e-mail systems are used primarily for
business purposes. The e-mail doesn't indicate it's personal. It
doesn't say, Your Ghonorrhea test results have come back! Click
here for the results. The e-mail has no
On Wednesday 06 June 2007 11:06, Tim wrote:
Sorry H.D., it most likely isn't illegal.
I agree. But still sleazy.
cheers,
--dr
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored
Any company email adress is primarily intended for company related issues.
Even the company in question allows you to use it for personal issues,
it's still mainly intented for company use.
An email adressed to, up until recently employed, security researcher,
HR drone or sales assistant, Elmer
Hello,
Some friends and I were putting together a contact list for the folks
attending the Defcon conference this year in Las Vegas. My friend sent
out an email, with a large CC list, asking people to respond if they
planned on attending. The email was addressed to quite a few people, with
*IANAL*
Is this illegal? I could see reading email addressed to him being within
the bounds of the law, but it seems like trying to download the 0day
link crosses the line.
It might be. The ECPA prohibits this kind of behavior unless one of
several exceptions applies. Typically,
This surprises you? You and everyone else at this point should know all
these security companies that have been spawned the last few years are all
fucking scumbags, who would sell their own mothers organs after a shot to
the head for a coupon to get a free ice cream sundae. They are soulless
H D Moore wrote:
Hello,
Some friends and I were putting together a contact list for the folks
attending the Defcon conference this year in Las Vegas. My friend sent
out an email, with a large CC list, asking people to respond if they
planned on attending. The email was addressed to quite a
Why would it be illegal if his former employer accessed his email using
this method. The information going to their network is considered their
property and they could do as they see fit.
This is a poor assumption. See the Wiretap Act and the Electronic
Communications Privacy Act. Of course
Tim wrote:
Why would it be illegal if his former employer accessed his email using
this method. The information going to their network is considered their
property and they could do as they see fit.
This is a poor assumption. See the Wiretap Act and the Electronic
Communications Privacy
Spare me and the list...
Spare you what? If this is somehow off topic, please elaborate.
/ * SNIPPED * /
What about an employer's right to read e-mails as
they come in? As they hit the inbound server? ...
If the e-mail is not subject to the consent of
all parties, and one of the parties
This is clearly a forged electronic mail trolling attempt and
attempt at assassinating the character of HD. The real HD Moore
(famous inventor of the Millerpreter and Skapesploit) would not be
so naive/ignorant in a matter like this.
Grow up list, don't feed the trolls.
J
On Wed, 06 Jun 2007
I'm certainly not a laywer, but the below cases refer to an employer and
employee relationship. That isn't the case here and is likely an important
distinction. You're also assuming that while he was an employee he consented
to monitoring and had no expectation of privacy. While that is generally
Tim wrote:
Spare you what? If this is somehow off topic, please elaborate.
Spare me and the list legalities. One it is slightly offtopic then again
this is fd so I retract.
That entire argument and any thread arising from what is legal and what
is not is likelier
to be answered,
On Wed, 6 Jun 2007, J. Oquendo [EMAIL PROTECTED] wrote:
H D Moore wrote:
Hello,
Some friends and I were putting together a contact list for the folks
attending the Defcon conference this year in Las Vegas. My friend sent out
an email, with a large CC list, asking people to respond if
Spare me and the list legalities. One it is slightly offtopic then again
this is fd so I retract.
That entire argument and any thread arising from what is legal and what
is not is likelier
to be answered, dissected, studied on a legal forum.
I agree that the subscribers to FD are not the
Mr. Moore,
Your expert recon abilities have been established earlier in this
thread. I will not allow you to trick me into giving up my Georgia
cable modem address knowing full well that you are armed with the
latest version of the 'preter. Besides, Richard (who stresses the
importance of
Tim wrote:
As mentioned multiple times by multiple posters, but apparently eluded
your reading, the recipient's consent:
A) May have never been given
B) May have expired with the employment contracts
C) May not apply at all if the monitoring party was not given
authorization by the
On 6/6/07, Joey Mengele [EMAIL PROTECTED] wrote:
In any event, I have alerted the FBI to your hacking attempt. I do
not wish to become your latest victim of police kidnapping,
choking, and beating.
Woot Woot ..what Hacking attempt ??
Send Bait. Check Log. Pub finding - the recon worked
Tim wrote:
This definitely could apply in the case of the ECPA, but could get
dicey, since ordinary course of business is ill-defined and I suspect
would require some serious legal wrangling to argue. Does this business
regularly read everyone's email?
In any case, whether they were legally
It seems there's a presumption that an employee, when he leaves, still owns
that email address that the former employeer provided. I do not believe
that's the case, anymore than the ex employee owns the cell phone provided
by the former employer.
If a call comes into the cell phone of the
It seems there's a presumption that an employee, when he leaves, still owns
that email address that the former employeer provided. I do not believe
that's the case, anymore than the ex employee owns the cell phone provided
by the former employer.
If a call comes into the cell phone of the
Why would this be offensive? It's a company address. Someone might send
e-mail containing company business to the address.
Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
http://blogs.eweek.com/cheap_hack/
Contributing Editor, PC Magazine
[EMAIL PROTECTED]
On 6/6/07, Larry Seltzer [EMAIL PROTECTED] wrote:
Why would this be offensive? It's a company address. Someone might send
e-mail containing company business to the address.
Would you feel the same way if it was a voicemail left on his machine?
What about a postal letter addressed to the person?
Would you feel the same way if it was a voicemail left on his machine?
What about a postal letter addressed to the person?
To the company phone or address? Yes. Of course. They're company
property, there for company purposes.
Larry Seltzer
eWEEK.com Security Center Editor
On 6/6/07, Larry Seltzer [EMAIL PROTECTED] wrote:
Would you feel the same way if it was a voicemail left on his machine?
What about a postal letter addressed to the person?
To the company phone or address? Yes. Of course. They're company
property, there for company purposes.
Really? I have
On Wed, 6 Jun 2007, blah wrote:
It seems there's a presumption that an employee, when he leaves, still owns
that email address that the former employeer provided.
Yeah. And if the e-mail in question is [EMAIL PROTECTED], a generic
business contact point, he is perfectly OK to hand it over to a
Really? I have gotten benefits and medical communications at my office
addy.
That stuff should be going to your home address, not least for this
reason.
Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
http://blogs.eweek.com/cheap_hack/
Contributing Editor, PC Magazine
On 6/6/07, Larry Seltzer [EMAIL PROTECTED] wrote:
Really? I have gotten benefits and medical communications at my office
addy.
That stuff should be going to your home address, not least for this
reason.
Is should relevant? Is it a violation of HIPAA to read these
communications, even if I
Dude VanWinkle wrote:
On 6/6/07, Larry Seltzer [EMAIL PROTECTED] wrote:
Really? I have gotten benefits and medical communications at my office
addy.
That stuff should be going to your home address, not least for this
reason.
Is should relevant? Is it a violation of HIPAA
The only part I find legally questionable is
the impersonation of Mr. Maynor by someone at
his old company. It certainly appears legal for
his company to read the email. Acting on that
email under the guise of the addressee would
seem to tread pretty close to impersonation.
2 cents ...
On Jun
go fuck yourself
On 6/6/07, Joey Mengele [EMAIL PROTECTED] wrote:
Mr. Moore,
Your expert recon abilities have been established earlier in this
thread. I will not allow you to trick me into giving up my Georgia
cable modem address knowing full well that you are armed with the
latest
No, you! LOLOLOLOLOLOLOLOL!
On Wed, 06 Jun 2007 16:20:57 -0400 evilrabbi [EMAIL PROTECTED]
wrote:
go fuck yourself
On 6/6/07, Joey Mengele [EMAIL PROTECTED] wrote:
Mr. Moore,
Your expert recon abilities have been established earlier in
this
thread. I will not allow you to trick me
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Larry Seltzer wrote:
Why would this be offensive? It's a company address. Someone might send
e-mail containing company business to the address.
Isn't everyone also assuming that dmaynor isn't now Dan Maynor or Doug Maynor
or John Smith who
likes
One time I made everyone start calling me Waffles, but they refused to
create me an email account with that name. I was heart broken. I'm still on
anti-depressants because of it.
On 6/6/07, Brian Anderson [EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Larry Seltzer
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Larry Seltzer wrote:
Why would this be offensive? It's a company address. Someone might send
e-mail containing company business to the address.
Isn't everyone also assuming that dmaynor isn't now Dan Maynor or Doug Maynor
or John Smith who
likes
On Wednesday 06 June 2007 09:47, H D Moore wrote:
Hello,
Some friends and I were putting together a contact list for the folks
attending the Defcon conference this year in Las Vegas. My friend sent
out an email, with a large CC list, asking people to respond if they
planned on attending. The
On Wed, 6 Jun 2007, Kradorex Xeron wrote:
: Illegal or not, this is still pretty damned shady.
:
:
: I will seldom touch on the legal side but I have a possible scenario:
:
: -- If David is no longer at that address, it could be said that his mail
: account was taken down and the mail sent
: A more ethical company would have sent HDM a polite note saying that
: the person no longer works there before curiosity got the best of them.
:
: Does your company do this for all former employee e-mail accounts?
No. But they also don't continue to accept mail to those accounts either.
:
54 matches
Mail list logo