RE: [ISN] Re: and 1.8 million

From: mea culpa (jerichoat_private)
Date: Tue Aug 18 1998 - 23:55:40 PDT

  • Next message: mea culpa: "Re: [ISN] Attackers blamed for 1.8 million in damages"

    Reply from Clem.Colmanat_private
    > text = Mr. Colman's
    text = mea_culpa
    > I know this is a moderated list, but I think that, based on what I have
    > seen, the conclusion you reach in your reply needs to be questioned.
    While moderated, I think I have shown that I post any intelligent
    discussion on any matter. Moderation != censorship
    As for my last comment about her lying to the feds, that is *easily*
    backed up. This is not the first. I host an entire web page dedicated to
    the crap this lady has pulled, which includes libel/slander against me,
    and lying to FBI agents in attempt to indict me on hacking servers I have
    never touched.
    I was asked by FBI agent Randy Zhuelke in San Antonio to take a polygraph
    about hacking a machine *solely* based on the fact that Carolyn Meinel
    told the agent I did it. They had no logs, no hints, and absolutely
    NOTHING else to base that on, and Randy told me as much once he learned
    more about Ms. Meinel.
    > >1.8 million eh? <snipped reasons why 1.8 million does not seem to be a
    > >reasonable figure>
    > It seems that your argument is based on the fact that the attacks have
    > caused Rt66 Internet 1.8 million dollars worth of damage.
    That is her claim, not mine. I heard that figure from people associated
    with the Happy Hacker mail list before she posted it to any list.
    > I believe the statement could imply that the 1.8 million dollars
    > includes damage done to those served by Rt66 Internet.  They may well be
    > suing Rt66 for lose of business, punitive damages as a result of system
    So an ISP foolishly leaves credit cards on an unsecure networked system,
    and they want to blame anyone other than themselves? How can you blame
    hackers for their poor decision?
    Consider that *these* hackers made the Credit Card compromise public info.
    RT66 and Carolyn Meinel have both admitted that they suffered root
    compromises *multiple* times before this last incident. That means at
    least two (i have heard the figure closer to eight) other attackers could
    have gotten the information. Did RT66 notify customers then, or hold their
    breath that massive credit card fraud wouldn't occur? They are negligent
    to say the least.. criminally negligent by some definitions.
    At least the customers know for sure the information was compromised this
    time. And finally.. if they are being sued, isn't that public information?
    If so, they should make it known to validate their 1.8 million dollar
    claim. Further.. to sue RT66 for damages, damages would have to be done,
    ie: credit card fraud. Has it been done? How much was done? Why are they
    holding RT66 liable when the credit card company has protection and
    insurance in place to stop it?
    I think there are a lot of questions that need to be answered to validate
    a claim of 1.8 million, and until those questions are answered, I disagree
    with their assessment.
    > downtime etc.  Also Rt66 has to factor in it's loss of goodwill...,
    > basically the loss of confidence by customers, which means they may
    > change ISP when their subscription term comes up.
    The credit card information was apparently sitting on the server before
    this attack. The only thing new to add to the picture is that it is now
    KNOWN that the information was compromised. Before this incident, the
    information could have been compromised and the customers would never
    know. Should that "goodwill" exist only because the customers were lied
    to? Roughly one month ago, Carolyn Meinel's credit card was placed on the
    web page to RT66 along with her full information. At that point, serious
    question should have been raised as to the action taken by RT66 in
    securing their systems, making customers aware, etc. A friend who has an
    account there told me nothing was done outwardly, that they tried to cover
    it up.
    > I'll happily concede I have no background on this matter, which might
    I'll unhappily concede I have over three years background in fighting with
    this lady.
    > provide some insight into the reasoning in the arguments presented.
    > Perhaps you could give me a pointer to what this is all about.
    Once my web server is up (hard drive crash), for the Carolyn Meinel Hall of Shame page.
    In case it isn't obvious, I have problems with a LOT of things she does.
    > Regards,
    > Clem Colman
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: New Dimensions International []

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:01:37 PDT