---Reply on mail from Adam Rothschild about Exodus Customer Security
FYI-
"There was something with one of our customers, however it was a customer machine, and as such, we aren't at liberty to discuss the issue unless they specifically allow us to." - quoth Exodus
So, in other words, they can't discuss abuse issues with the victim, unless the *offender* (client) gives them permission to? I'll sleep much better tonight knowing this.
I dont have much of a problem with this policy, if law enforcement calls, they will proly give out the info, if joe blow calls and claims to be a victim, they have a hard time to prove that joe blow is really a victim, so they either have to spend payroll $$ on people proving that joe really is a victim, OR give out info to joe when he may not be a victim (thus increasing exposure to their customer).. It wouldnt be that difficult to fake some logs to get info on a certain customer for whatever reason.. If they have this policy, it protect exodus from libaility, espically if one of their clients got broken into and an attack was launched from there (how many companies would see a fall in their stock or a loss of consumer confidence if the fact they got broken into was made public??) It seems to be known that in this instance people were breaking into boxes and using those boxes as launching pads, what is to say that the exodus box wasnt also a launching pad? to say that the offender was the client, may be a bit harsh.. I think I am done ranting for now :) -- Bret McDanel http://www.rehost.com Realistic Technologies, Inc. 973-514-1144 These opinions are mine, and may not be the same as my employer