Hypothetically speaking

What is right? Is there right? Are you right?

Hypothetically speaking

Post by deldedome on Fri Apr 29, 2011 8:23 am
([msg=56767]see Hypothetically speaking[/msg])

If someone were to be poking around some known phishing sites and just happened to come across a 300-400 item long txt file full of email addresses and passwords. How would someone handle this list? Obviously this person would need to do the ethically right thing but how could they go about doing it? It’s not like if you just received an email telling you to change your password would you actually listen to it? What would you do in a similar situation?
deldedome
New User
New User
 
Posts: 1
Joined: Fri Apr 29, 2011 8:17 am
Blog: View Blog (0)


Re: Hypothetically speaking

Post by Goatboy on Fri Apr 29, 2011 2:08 pm
([msg=56772]see Re: Hypothetically speaking[/msg])

I would just use a fake email to alert the people on the list. Just tell them that you're an independent security tester (or online vigilante, whatever works) and you stumbled across this list. Tell them that you have done no harm, but that others may not be so kind. Include their password at the bottom so they know you're telling the truth, and hit send. After that, it's beyond your control whether or not they do anything.

It'd probably be best to script this out.
Assume that everything I say is or could be a lie.
1UHQ15HqBRZFykqx7mKHpYroxanLjJcUk
User avatar
Goatboy
Expert
Expert
 
Posts: 2822
Joined: Mon Jul 07, 2008 9:35 pm
Blog: View Blog (0)


Re: Hypothetically speaking

Post by D0u8l3J on Sun Jul 17, 2011 12:27 pm
([msg=59831]see Re: Hypothetically speaking[/msg])

I'd probably do something similiar and create an email with false information so I couldn't be targeted with any consequences, that or I would log into their email and send them a message to themselves saying it's from future them or something similiar (not exactly ethical, but still funny) and say what happened.
D0u8l3J
New User
New User
 
Posts: 2
Joined: Sun Jul 17, 2011 12:09 pm
Blog: View Blog (0)


Re: Hypothetically speaking

Post by Szayel on Thu Aug 16, 2012 8:42 pm
([msg=68787]see Re: Hypothetically speaking[/msg])

D0u8l3J wrote:I'd probably do something similiar and create an email with false information so I couldn't be targeted with any consequences, that or I would log into their email and send them a message to themselves saying it's from future them or something similiar (not exactly ethical, but still funny) and say what happened.

Haha, that sounds like a great idea.
"If you cannot win the game, if you cannot solve the puzzle, then you are just another loser." (Near from Death Note)
Michael:What are you doing?
Salander:I'm reading your notes.
Michael:They're encrypted.
Salander:Please. Have some coffee.
User avatar
Szayel
New User
New User
 
Posts: 31
Joined: Mon Jun 04, 2012 5:53 pm
Blog: View Blog (0)



Return to Ethics

Who is online

Users browsing this forum: No registered users and 0 guests