funsec mailing list archives
RE: WTF? DHS Mail List Meltdown Becomes Internet Party forExposed Gov Wor kers
From: "Jeffrey Sharpe" <jsharpe () cyberlynk net>
Date: Thu, 4 Oct 2007 11:31:31 -0500
You would think they would vet that list at least a little bit! Jeff -----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Alex Eckelberry Sent: Thursday, October 04, 2007 8:09 AM To: Paul Ferguson; funsec () linuxbox org Subject: RE: [funsec] WTF? DHS Mail List Meltdown Becomes Internet Party forExposed Gov Wor kers
at least one member of the list works in some capacity with Iran's
Ministry of Defense. Conspiracy theorists rejoice! -----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Paul Ferguson Sent: Wednesday, October 03, 2007 11:19 PM To: funsec () linuxbox org Subject: [funsec] WTF? DHS Mail List Meltdown Becomes Internet Party forExposed Gov Wor kers -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 WTF? I mean, I saw this referenced on the ISC SANS Handlers Diary this morning (Thanks, Mark), but this is now on an entirely different level. Via Threat Level. [snip] A Department of Homeland Security mailing list that provides unclassified daily news reports on critical infrastructure information experienced a meltdown today when the list apparently got misconfigured and began routing any reply that someone sent to another person on the list to every subscriber on the list. The list was further configured to reveal the e-mail address of the senders so that the names and contact details of hundreds of list members -- including government workers in critical infrastructure positions -- were exposed. The mishap also revealed an interesting tidbit -- at least one member of the list works in some capacity with Iran's Ministry of Defense. [snip] More: http://blog.wired.com/27bstroke6/2007/10/dhs-mail-list-m.html - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFHBFuNq1pz9mNUZTMRAoL9AJ9Ru3mKxrYTqlQax/bZZoQPH8gtZgCfVBkv wJOt3iQpfV1GK6fYY93lJMY= =BUkz -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- WTF? DHS Mail List Meltdown Becomes Internet Party for Exposed Gov Wor kers Paul Ferguson (Oct 03)
- RE: WTF? DHS Mail List Meltdown Becomes Internet Party forExposed Gov Wor kers Alex Eckelberry (Oct 04)
- RE: WTF? DHS Mail List Meltdown Becomes Internet Party forExposed Gov Wor kers Jeffrey Sharpe (Oct 04)
- RE: WTF? DHS Mail List Meltdown Becomes Internet Party forExposed Gov Wor kers Alex Eckelberry (Oct 04)