Reply from Clem.Colmanat_private > text = Mr. Colman's text = mea_culpa -- > I know this is a moderated list, but I think that, based on what I have > seen, the conclusion you reach in your reply needs to be questioned. While moderated, I think I have shown that I post any intelligent discussion on any matter. Moderation != censorship As for my last comment about her lying to the feds, that is *easily* backed up. This is not the first. I host an entire web page dedicated to the crap this lady has pulled, which includes libel/slander against me, and lying to FBI agents in attempt to indict me on hacking servers I have never touched. I was asked by FBI agent Randy Zhuelke in San Antonio to take a polygraph about hacking a machine *solely* based on the fact that Carolyn Meinel told the agent I did it. They had no logs, no hints, and absolutely NOTHING else to base that on, and Randy told me as much once he learned more about Ms. Meinel. > >1.8 million eh? <snipped reasons why 1.8 million does not seem to be a > >reasonable figure> > > It seems that your argument is based on the fact that the attacks have > caused Rt66 Internet 1.8 million dollars worth of damage. That is her claim, not mine. I heard that figure from people associated with the Happy Hacker mail list before she posted it to any list. > I believe the statement could imply that the 1.8 million dollars > includes damage done to those served by Rt66 Internet. They may well be > suing Rt66 for lose of business, punitive damages as a result of system So an ISP foolishly leaves credit cards on an unsecure networked system, and they want to blame anyone other than themselves? How can you blame hackers for their poor decision? Consider that *these* hackers made the Credit Card compromise public info. RT66 and Carolyn Meinel have both admitted that they suffered root compromises *multiple* times before this last incident. That means at least two (i have heard the figure closer to eight) other attackers could have gotten the information. Did RT66 notify customers then, or hold their breath that massive credit card fraud wouldn't occur? They are negligent to say the least.. criminally negligent by some definitions. At least the customers know for sure the information was compromised this time. And finally.. if they are being sued, isn't that public information? If so, they should make it known to validate their 1.8 million dollar claim. Further.. to sue RT66 for damages, damages would have to be done, ie: credit card fraud. Has it been done? How much was done? Why are they holding RT66 liable when the credit card company has protection and insurance in place to stop it? I think there are a lot of questions that need to be answered to validate a claim of 1.8 million, and until those questions are answered, I disagree with their assessment. > downtime etc. Also Rt66 has to factor in it's loss of goodwill..., > basically the loss of confidence by customers, which means they may > change ISP when their subscription term comes up. The credit card information was apparently sitting on the server before this attack. The only thing new to add to the picture is that it is now KNOWN that the information was compromised. Before this incident, the information could have been compromised and the customers would never know. Should that "goodwill" exist only because the customers were lied to? Roughly one month ago, Carolyn Meinel's credit card was placed on the web page to RT66 along with her full information. At that point, serious question should have been raised as to the action taken by RT66 in securing their systems, making customers aware, etc. A friend who has an account there told me nothing was done outwardly, that they tried to cover it up. > I'll happily concede I have no background on this matter, which might I'll unhappily concede I have over three years background in fighting with this lady. > provide some insight into the reasoning in the arguments presented. > Perhaps you could give me a pointer to what this is all about. Once my web server is up (hard drive crash), http://www.sekurity.org/~shame for the Carolyn Meinel Hall of Shame page. In case it isn't obvious, I have problems with a LOT of things she does. :) > Regards, > Clem Colman mea_culpa -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: New Dimensions International [www.newdimensions.net]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:01:37 PDT