Follow up to my post about my ex-ISP’s backdoor

It’s been roughly two months since Accidental backdoor by ISP. Dan Goodin has written this whole thing nicely for everyone to read.
ISP ejects whistle-blowing student
Don’t forget to digg it :p

  • KaiRoer

    Hi Sid,
    Congrats on The Register.
    I fully agree with full disclosure, but also following the governing rules of the security industry. However, that is a different discussion :)
    As to the case – the reactions of the ISP is only too common. They get pissed off, and starts shooting the messenger because they know not what to do. I have given them, and others, some tips on how to react to similar events in the future on my blog.
    Keep up the good work – now that you have learned that full disclosure is a truth with limits ;)

  • xyberpix
  • Dan Harris

    Sid as I posted on the original blog – If you need any support in terms of proof – I have a copy of an email sent on the 16th March 2006 to Brett Coles @ Be pointing this backdoor out to them.

    The statement Dana Pressman made last night on their official forum looks distinctly libellous to me.

  • Sid

    Dan Harris. if it comes to that I’ll be sure to contact you. You beat me by 11 months, damn. Oh well.

    Out of curiosity, what was their reply a year ago?

    It may very well be libellous, but personally I don’t care too much.

  • Dan Harris

    Sid – I got two reply’s from Brett … both completely missed the point! I will admit that in my email to him I didn’t explain the consequences that thoroughly, but is that my job as a customer?

    The first reply confirmed that he passed it to Shyam (their head of tech), the second contained this gem :

    “I have asked Shyam to reply to this email direct to me so I can give more info on this topic, however this information is between us at this point and no official response will be sent until Tuesday (as I am traveling back to UK at this point)”

    Needless to say I never heard another thing on the matter. That email was dated 17/3/06


  • Sid

    Thanks for that Dan, it’s nice to know.