Sep 07 2007
By now I guess that no one has missed out on the embassy password hack that was pulled off by Swedish individual. I’m saying individual since I don’t believe in the way how the entire affair was handled or should I say miss handled? Based on what the Swedish IT tabloid press has written about this case there where several attempt to contact a few embassies but they didn’t have any interest of taking up a dialogue…. D’Oh! Come one! Why wasn’t there a more formal attempt to contact the embassies via the Swedish Ministry for Foreign Affairs? Why where there no attempt to document and publish the vulnerability via any of the major vulnerability lists available? Also when reading other comments about this story, the majority, at least in Sweden is quite negative on how the information gained was handled. They should! Next time it could be information from any of the major Swedish (or any other countries for that matter) companies that get leaked out this way to proof ones points about a security flaw.
Deranged security? Yes, it sure is! But, who has the most deranged mind when it comes to ethics and moral on how to handle with sensitive information?