Re: information disclosure
From: Barry Margolin (barmar_at_alum.mit.edu)
Date: 03/24/05
- Next message: Unruh: "Re: information disclosure"
- Previous message: Colin B.: "Re: information disclosure"
- In reply to: bz: "Re: information disclosure"
- Next in thread: Unruh: "Re: information disclosure"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 23 Mar 2005 20:44:20 -0500
In article <Xns962249AC87178WQAHBGMXSZHVspammote@130.39.198.139>,
bz <bz+csm@ch100-5.chem.lsu.edu> wrote:
> joshandlinds@gmail.com wrote in news:1111554686.962430.22570
> @l41g2000cwc.googlegroups.com:
>
> > I found a HUGE security hole on my college website about a year ago and
> > it still hasn't been fixed. It shows SSNs, Names, birthdates, address,
> > phone etc... How dow I let peole know without getting in trouble myself?
>
> I suggest you call the admin in charge of the web site and tell him/her
> about the problem.
His phrase "still hasn't been fixed" suggested to me that the admins
know about it. I.e. I assumed he told them about it a year ago, they
haven't done anything about it, and now he wants to know how to
publicize it more widely in order to get them to fix it, but without
getting into trouble for doing so.
-- Barry Margolin, barmar@alum.mit.edu Arlington, MA *** PLEASE post questions in newsgroups, not directly to me ***
- Next message: Unruh: "Re: information disclosure"
- Previous message: Colin B.: "Re: information disclosure"
- In reply to: bz: "Re: information disclosure"
- Next in thread: Unruh: "Re: information disclosure"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
