So if I disclose all your bank password, would that make me immune ? I agree in part, but it is a problem. If as a delivery dude, I find your key under the front door mat, can I make a 1000 copies and drop them off all over the city with your address to teach you to be safer ? I am genuinely asking, I don't have the answer. If I simply return your key, and you keep putting it under the mat, then what do I do.
That's not what he meant; If you disclose the vulnerability that exposes his passwords, you're immune. If you exploit the vulnerability and disclose the passwords than you're not immune from the action of disclosing data improperly. You don't have to disclose the passwords to prove the vulnerability. In your little example, the vulnerability would be the key under the front door mat. The exploit would be using that key and/or making copies of the key. Proper disclosure would dictate that you notify him that his key is under the front door mat and give him time to respond and remedy the situation after a period of time (say 30 days) if he ignores the vulnerability or the vulnerability is remedied, than disclose the vulnerability. Improper disclosure would be letting the public at large know the day you found the key; you don't need to make copies of the key to prove or disclose the vulnerability.. it adds nothing and just makes you a dick. In the reality of this case; the guy didn't disclose any customer data to the public at large (at least from what I gather), and he stated that he will delete any data resulting from the breach and would even allow the company to verify as such. Following the whole "Disclosure Guarantees Immunity" philosophy this guy should be in the clear. Data access is going to occur at times in vulnerability research, what you do with that data is what should determine whether you get immunity or not.
The Space Station is in a Low Earth Orbit (LEO) and will fall to the Earth without its regular altitude boosts
The ISS is in LEO because NASA was INCAPABLE of building a space shuttle that could achieve higher orbit! Because it had to have WINGS so it could land with secret military payloads at designated airfields in the continental USA.
So the AMERICANS crippled the INTERNATIONAL Space Station. It should have been in higher orbit to start with then it would last longer, but NO the Americans had to have it their way. Hopefuly the Chinese won't make the same dumb mistakes.
Nobody said the other partners had to take NASA's money... they were free to build a space station on their own. Don't bitch when the biggest financial and technical partner mandates its way; especially when the next closest partner barely surpassed 1/10th of the AMERICAN cost on the project.
Interesting that this is not a NASA announcement...
Despite the fact that most American news media refer to it as 'The NASA Space Station" It is, in fact, not exclusively a NASA space station. Its correct title is "ISS" which stands for "International Space Station".
NASA is just one partner of many on this project.
What american news media refer to it as 'The NASA Space Station'? I'm curiously interested, as I have never seen it referred as such.
THIS IS A DEPARTMENT OF DEFENSE COMPUTER SYSTEM. This computer system, including all related equipment, networks and network devices (specifically including Internet access), are provided only for authorized U.S. Government use. DoD computer systems may be monitored for all lawful purposes, including to ensure that their use is authorized, for management of the system, to facilitate protection against unauthorized access, and to verify security procedures, survivability and operational security. Monitoring includes active attacks by authorized DoD entities to test or verify the security of the system. During monitoring, information may be examined, recorded, copied and used for authorized purposes. All information, including personal information, placed on or sent over this system may be monitored. Use of this DoD computer system, authorized or unauthorized, constitutes consent to monitoring of this system. Unauthorized use may subject you to criminal prosecution. Evidence of unauthorized use collected during monitoring may be used for administrative, criminal or adverse action. Use of this system constitutes consent to monitoring for these purposes.
I think it's fairly safe to say that people already know their stuff is being monitored...
And this article wasn't talking about the space shuttle. In fact the word "shuttle" doesn't exist in either the summary or the article.
Really? Damn.. i guess I just imagined reading this line:
Ordinarily, this plasma absorbs and reflects radio waves at communications frequencies, leading to a few tense minutes during the re-entry of manned vehicles such as the shuttle.
Truly simple systems... require infinite testing. -- Norman Augustine