funsec mailing list archives
Re: Police secret password blunder
From: Anthony Rodgers <cunningpike () gmail com>
Date: Wed, 5 Apr 2006 14:23:34 -0700
That this is shoddy programming is beyond question, but only if the users concerned reused their high-security network passwords to sign up for an external mailing list is this a genuine security issue, in which case is it the cluefulness or lack thereof of the users that is the real security issue.
-- Anthony Rodgers cunningpike () gmail com"Genuinely objective journalism not only gets the facts right, it gets the meaning of events right. It is compelling not only today, but stands the test of time. It is validated not only by 'reliable sources', but by the unfolding of history. It is journalism that ten, twenty, fifty years after the fact still holds up a true and intelligent mirror to events." - T.D. Allman.
On 5-Apr-06, at 9:51 AM, Brian Loe wrote:
At least they've gotten rid of the page...now you have to go by the cached page. :) On 4/5/06, Jeff Rosowski <rosowskij () ie ymp gov> wrote:Why stop there? It gets better if you are a little more patient:http://www.google.com/search?q=%22View+TABLE%3A%22+ID+%22Full+Name %22+email+password+Organization+site% 3Acustomscripts.police.nsw.gov.au&btnG=SearchHey, Nicole and Webb have the same password as me!I'm still wondering why the passwords were being stored as plain text.______________________________________________________________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Police secret password blunder Kane Lightowler (Apr 04)
- Re: Police secret password blunder Blue Boar (Apr 04)
- Re: Police secret password blunder Valdis . Kletnieks (Apr 04)
- Re: Police secret password blunder George Bakos (Apr 04)
- Re: Police secret password blunder Jeff Rosowski (Apr 05)
- Re: Police secret password blunder Stephen J. Smoogen (Apr 05)
- Re: Police secret password blunder Valdis . Kletnieks (Apr 05)
- Re: Police secret password blunder Brian Loe (Apr 05)
- Re: Police secret password blunder Anthony Rodgers (Apr 05)
- Re: Police secret password blunder Blue Boar (Apr 04)
- Re: Police secret password blunder Drsolly (Apr 05)
- <Possible follow-ups>
- RE: Police secret password blunder Kane Lightowler (Apr 04)
- Re: Police secret password blunder Fergie (Apr 05)