On Wed, 09 Jul 2014 14:44:27 -0700 Ted Mittelstaedt <t...@ipinc.net> wrote:
> David DID NOT say that. He said that "he was shocked to discover" > Why are you assuming he is under NDA or he is an employee of this > company? Let me clarify the situation: 1) I'm the owner of Roaring Penguin, so my boss is unlikely to fire me for breaching company policy. 2) We operate hosted anti-spam service for a large number of customers. 3) Many of our customers are quite sensitive about their privacy. 4) Although I could probably reveal details of this incident without consequences, I choose not to out of respect for our customers. It would not look good if I revealed the companies with whom our customers correspond to the entire Internet, at least not without asking first. [...] > Now, in MY opinion there are only TWO ways to handle organizations > like "large data processing company" It turns out that the company is using this product: http://www.symantec.com/business/support/index?page=content&id=TECH149840 to send sensitive information to its customers. I'm not about to shame the large data processing company since the product is probably being used by some low-level and harried clerk who was told by IT that it was the approved way to send sensitive information. I am *quite* happy to call out Symantec and say: Symantec, you BONEHEADS! You're an anti-virus company and you think it's a good idea to distribute sensitive information as a WINDOWS EXECUTABLE??? Symantec, you ought to be ashamed of yourselves! Is that sufficient naming and shaming? :) Regards, David.
