Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
[Full-disclosure] Re: Re: Who Do I Contact?
From: Dave \ (davek_throwawayhotmail.com)
Date: Sun Apr 23 2006 - 09:03:46 CDT
john kalergis wrote:
>> So, let's see.... Washington... Virginia.... Ohio.... Illinois....
>> You're in Kansas, right?
> wow....everybody here is more than impressed
Well, I don't suppose *everybody* has had a sense of humour bypass. And
there's a valid point I was making about how information can leak in
unexpected ways; they guy doesn't want to give away anything that could
reveal the .edu in question, but the combination of his geo location from
his posting IP and the fact that he's revealed that his own ssn is on the
list and hence it's his own school and hence can be assumed to be
geographically local to him allow us to deduce something that we couldn't
have known from his words alone and allow any potential attacker to
massively reduce the search space.
IOW I was illustrating the point that if you want to discuss something
openly but really, really, *really* want to keep the lid on any information
that could identify it, you need to post through a proxy. And how's that -
a legitimate use for posting through anonymous proxies!
So there :-P~~~
Can't think of a witty .sigline today....
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/