Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Vista
The Sad Tale of a Security Whistleblower
Mark Rasch, 2003-08-18

Federal prosecutors in California went too far when they put a man in prison for disclosing a website security hole to the people at risk from it.

Comments Mode:
(shrug) - he had it coming. 2003-08-18
Penguinisto (6 replies)
(shrug) - he had it coming. 2003-08-18
Anonymous (1 replies)
(shrug) - he had it coming. 2003-08-18
Beelezubb (4 replies)
(shrug) - he had it coming. 2003-08-18
Anonymous (2 replies)
(shrug) - he had it coming. 2003-08-19
Anonymous
no good deed goes unpunished 2003-08-20
Anton Sherwood (1 replies)
no good deed goes unpunished 2003-08-25
Anonymous
(shrug) - he had it coming. 2003-08-18
CyCOtiC (2 replies)
(shrug) - he had it coming. 2003-08-19
Beelezubb
(shrug) - he had it coming. 2003-08-19
Anonymous (1 replies)
(shrug) - he had it coming. 2003-08-19
Anonymous
(shrug) - he had it coming. 2003-08-19
Mark D. Rasch (1 replies)
ah - that should've been included in the article, then... 2003-08-21
Penguinisto (1 replies)
Posting to BugTraq does not get you off the hook... 2003-08-26
Anonymous
(beelezubb!) - he had it coming. 2003-08-19
scamerone
Re: (shrug) - he had it coming. 2003-08-18
Anonymous (1 replies)
So you think that disclosure of a vulnerability is the same as breaking into a house? I really don't see the connection.

A better analogy would be seeing that a gate was always unlocked in a gated community and after trying to get the management to fix it, sending letters to all of the residents.

That doesn't create the vulnerability, it doesn't require breaking in, and it seems defendable even if it was done because you didn't like the management of the gated community.

And after your analogy you say that you would have taken almost the same course of action. So would you "have it coming"? By disclosing that method of "attack" do you expect to go to jail?

(shrug) - some people are just clueless.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/179/21559#21559
Re: (shrug) - he had it coming. 2003-08-19
Anonymous (1 replies)
he had it coming? I don't think so!. 2003-08-19
Jack.R.Abbit
(shrug) - he had it coming. 2003-08-19
Anonymous (2 replies)
Analogies 2003-08-19
SCamerone (1 replies)
Analogies 2003-08-19
Anonymous-Jerk (2 replies)
Analogies 2003-08-20
Drg (1 replies)
Analogies 2003-08-26
Anonymous
Analogies 2003-08-27
SCamerone
"Free Speech"? Puh-leeze. 2003-08-21
Penguinisto (1 replies)
"Free Speech"? Puh-leeze. 2003-08-21
Anonymous
(shrug) - he had it coming. 2003-08-20
Anonymous (1 replies)
(shrug) - he had it coming. 2003-08-21
Penguinisto
(shrug) - he had it coming. 2003-08-26
Anonymous
Re: (shrug) - he had it coming. 2008-02-12
Anonymous
The Sad Tale of a Security Whistleblower 2003-08-18
Anonymous (5 replies)
The Sad Tale of a Security Whistleblower 2003-08-18
Anonymous (2 replies)
The Sad Tale of a Security Whistleblower 2003-08-19
Anonymous
The Sad Tale of a Security Whistleblower - Wakeup 2003-08-19
Anonymous (1 replies)
The Sad Tale of a Security Whistleblower - Wakeup 2003-08-29
Anonymous
The Sad Tale of a Security Whistleblower 2003-08-18
APS
The Sad Tale of a Security Whistleblower 2003-08-18
Anonymous (2 replies)
The Sad Tale of a Security Whistleblower 2003-08-19
Anonymous
The Sad Tale of a Security Whistleblower 2003-08-19
Anonymous
The Sad Tale of a Security Whistleblower 2003-08-19
Anonymous
The Sad Tale of a Security Whistleblower 2003-08-19
Brian
The Sad Tale of a Security Whistleblower 2003-08-18
Anonymous (1 replies)
The Sad Tale of a Security Whistleblower 2003-08-18
Anonymous (2 replies)
The Sad Tale of a Security Whistleblower 2003-08-19
Anonymous
The Sad Tale of a Security Whistleblower 2003-08-19
Anonymous (1 replies)
The Sad Tale of a Security Whistleblower 2003-08-20
Drg (1 replies)
The Sad Tale of a Security Whistleblower 2003-08-22
Anonymous
The good, the bad and the ugly. 2003-08-18
Mabrick (2 replies)
The good, the bad and the ugly. 2003-08-18
Elc0chin0 (1 replies)
The good, the bad and the ugly. 2003-08-22
Anonymous
The good, the bad and the ugly. 2003-08-19
Anonymous (1 replies)
The good, the bad and the ugly. 2003-08-25
Tomdaq
The Sad Tale of a Security Whistleblower 2003-08-18
Anonymous
The Sad Tale of a Security Whistleblower 2003-08-18
Anonymous
The Sad Tale of a Security Whistleblower 2003-08-18
TomV
The Sad Tale of a Security Whistleblower 2003-08-18
Anonymous (8 replies)
The Sad Tale of a Security Whistleblower 2003-08-18
Chris Humphries (3 replies)
The Sad Tale of a Security Whistleblower 2003-08-19
The Big Mac
The Sad Tale of a Security Whistleblower 2003-08-19
Judith (1 replies)
The Sad Tale of a Security Whistleblower 2003-08-20
Elc0chin0
The Sad Tale of a Security Whistleblower 2003-08-21
Morosoph
The Sad Tale of a Security Whistleblower 2003-08-18
Anonymous
The Sad Tale of a Security Whistleblower 2003-08-18
Steve.
The Sad Tale of a Security Whistleblower 2003-08-18
Anonymous
The Sad Tale of Unthinking Knee-Jerking 2003-08-18
Anonymous
The Sad Tale of a Security Whistleblower 2003-08-18
Anonymous
The Sad Tale of a Security Whistleblower 2003-08-18
Anonymous
The Sad Tale of a Security Whistleblower 2003-08-21
Anonymous
The Sad Tale of a Security Whistleblower 2003-08-18
Bob Radvanovsky (3 replies)
The Sad Tale of a Security Whistleblower 2003-08-18
Anonymous (1 replies)
The Sad Tale of a Security Whistleblower 2003-08-20
Leif Ericksen
The Sad Tale of a Security Whistleblower 2003-08-19
Elc0chin0 (2 replies)
The Sad Tale of a Security Whistleblower 2003-08-19
Bob Radvanovsky
The Sad Tale of a Security Whistleblower 2003-08-20
Anonymous
The Sad Tale of a Security Whistleblower 2003-08-20
Leif Ericksen
The Sad Tale of a Security Whistleblower 2003-08-18
John Poindexter (1 replies)
The Sad Tale of a Security Whistleblower 2003-08-19
Elc0chin0
The Sad Tale of a Security Whistleblower 2003-08-18
Anonymous (1 replies)
The Sad Tale of a Security Whistleblower 2003-08-18
Anonymous
The Sad Tale of a Security Whistleblower 2003-08-18
Anonymous (1 replies)
The Sad Tale of a Security Whistleblower 2003-08-19
jofny
The Sad Tale of a Security Whistleblower 2003-08-18
Old Grue
He did the right thing. 2003-08-18
Anonymous
It might have been better to talk to the press. 2003-08-18
Anonymous (2 replies)
It might have been better to talk to the press. 2003-08-19
Anonymous
It might have been better to talk to the press. 2003-08-19
Bob Radvanovsky (1 replies)
It might have been better to talk to the press. 2003-08-19
Elc0chin0
The Sad Tale of a Security Whistleblower 2003-08-19
Ashamed US Citizen
The Sad Tale of a Security Whistleblower 2003-08-19
Anonymous
Bill Gates deserves jail 2003-08-19
Anonymous
The Sad Tale of a Security Whistleblower 2003-08-19
Anonymous
The Sad Tale of a Security Whistleblower 2003-08-19
aXe-2-gRiND
The Sad Tale of a Security Whistleblower 2003-08-19
Anonymous
I was there when this happened 2003-08-19
Anonymous (3 replies)
it seems you were also at slashdot 2003-08-20
Anonymous
I was there when this happened 2003-08-20
Drg
I was there when this happened 2003-08-27
SCamerone
The Sad Tale of a Security Whistleblower 2003-08-19
Anonymous
The Sad Tale of a Security Whistleblower 2003-08-19
Jerry Westrick
The Sad Tale of a Security Whistleblower 2003-08-19
Anonymous
Idiot 2003-08-19
Anonymous (1 replies)
Idiot 2003-08-19
Elc0chin0
How To Properly Send Security Flaw Alerts 2003-08-19
Anonymous
Read it yourself. 2003-08-19
Anonymous
The Sad Tale of a Security Whistleblower or How to cover your corporate @$$ when sweeping a problem under the rug 2003-08-19
Ashaman (1 replies)
The Sad Tale of a Security Whistleblower or How to cover your corporate @$$ when sweeping a problem under the rug 2003-08-19
Elc0chin0 (1 replies)
The Sad Tale of a Security Whistleblower or How to cover your corporate @$$ when sweeping a problem under the rug 2003-08-19
Ashaman (1 replies)
The Sad Tale of a Security Whistleblower or How to cover your corporate @$$ when sweeping a problem under the rug 2003-08-20
Elc0chin0
Just where he has got the email addresses from? 2003-08-19
Anonymous (1 replies)
Just where he has got the email addresses from? 2003-08-19
Anonymous (3 replies)
Just where he has got the email addresses from? 2003-08-20
Anonymous
Just where he has got the email addresses from? 2003-08-20
Anonymous
Just where he has got the email addresses from? 2003-08-20
Anonymous
As the saying goes... 2003-08-19
Anonymous
The Sad Tale of a Security Whistleblower 2003-08-19
blacklight
The Sad Tale of a Security Whistleblower 2003-08-19
Anonymous
Rebel Without a Cause 2003-08-19
The Resonating Oscillator (3 replies)
Rebel Without a Cause 2003-08-20
Anonymous
Rebel Without a Cause 2003-08-20
Anonymous
Rebel Without a Cause 2003-08-20
Elc0chin0
The Government has gone too far. 2003-08-19
GWB (1 replies)
The Government has gone too far. 2003-08-19
Anonymous
The Sad Tale of a Security Whistleblower 2003-08-19
Anonymous (2 replies)
The Sad Tale of a Security Whistleblower 2003-08-20
Anonymous
The Sad Tale of a Security Whistleblower 2003-08-20
Bob Radvanovsky
Much thanks to a brave individual!! 2003-08-20
Gary
What about Cali's New Law? 2003-08-20
Nick Jacobsen (1 replies)
What about Cali's New Law? 2003-08-21
Mark D. Rasch (1 replies)
What about Cali's New Law? 2003-08-22
Elc0chin0
Discrepancies 2003-08-20
Kat (1 replies)
Discrepancies 2003-08-21
Elc0chin0
Why does Mark Rasch lie about his past jobs? 2003-08-20
One who knows (2 replies)
Why does Mark Rasch lie about his past jobs? 2003-08-24
Anonymous
Why does Mark Rasch lie about his past jobs? 2003-08-25
At The Bow's End
The Sad Tale of a Security Whistleblower 2003-08-20
Drg
Oh, BTW, your zipper is open 2003-08-22
Anonymous
The Sad Tale of a Security Whistleblower 2003-08-22
Anonymous
The Sad Tale of a Security Whistleblower 2003-08-22
Anonymous (1 replies)
Factual References 2003-08-26
Mark D. Rasch (1 replies)
Factual References 2003-08-26
Bob Radvanovsky
The Sad Tale of a Security Whistleblower 2003-08-22
Anonymous
The Sad Tale of a Security Whistleblower 2003-08-23
Anonymous
The Sad Tale of a Security Whistleblower 2003-08-25
Anonymous
The Sad Tale of a Security Whistleblower 2003-08-26
Robert H
The Sad Tale of a Security Whistleblower 2003-08-28
Anonymous
Fine 2003-08-28
agent1
Blame Hollywood! 2003-08-28
Anonymous







 

Privacy Statement
Copyright 2008, SecurityFocus