Printable View
Zigar..................that article was interesting. Thanks.
I guess I'm feeling a little better after reading it since I did notify the company in a very timely manner. I didn't hack. Plain and simple. I wasn't out looking to do damage.
As of this morning the site was still unsecured. I called the biggest bigwig of the company this morning. (I have his direct line and he answered his phone.) Hopefully they will just be grateful and leave me alone.
Time will tell!
Maybe the answer to the ethic questions is related to the medical maxim "first, do no harm"
Anyone remember the 911 vs. phrack battle? There is a perfect example for you. Basically pharck posted a listing from phone company dealling with the 911 system. They were taken to court becaue of it being "propiritary information" They ended up winning the case, because you could dl the information from a public location set up by said phone company. I am not going to take the time to find the links, but I am sure google has something on it.
anonymous ftp is public, unless they state otherwise. in order for a company to prosecute anonymous ftp access they must have a warning posted on entry. instead of "welcome too...", it should say something like "for corp use only, all others must leave" unautherized acces forbidden, or some such silly ****.
if their foolish enough to post sensitive materiel in a public place, oh well. if they also allow write access, people ARE going to use it to cache their shady **** on.
If you feel compelled to tell someone of security problems, USE AN ANOMYLIZER. you can get busted. unless of course your looking to make the news and have people notice you.
Souleman..........thanks for that info. It's nice to know that there is an existing case out there. I'll see what I come up with on Google.
The site is now secure. IT Director now trying to cover his behind!
I came upon the site after installing an FTP client and their site was listed in the program.
According to ZDNet.........around 99,000 other people downloaded the program too. 99k from just one site........
Needless to say, they are now looking at their logs.
Hopefully this is the end of the story for me.