[plug] ISPs storing plain-text passwords...

skribe skribe at amber.com.au
Tue Aug 7 13:58:20 WST 2001


On Tue,  7 Aug 2001 13:46, Benjamin Keith wrote:

> It is not only in the user's interest to keep the account passwords secure,
> it is also the ISP's.  A number of messages mentioned the financial impact
> of someone using your credit cards details to buy stuff or even your
> internet account for downloading lots of traffic.  What about for launching
> (D)DOS attacks?  or downloading child porn?  (that's a black mark that
> nobody wants against their name) or warez?  etc   I'm sure every ISP would
> be embarrassed to have any of the above happening through their servers.

<Disclaimer> 
IANAL.
</Discliamer>

The may be possible legal problems for the ISP if something illegal is done 
through the account (d/ling child porn, DoS, etc as already mentioned).  Even 
if the user is the one responsible and is caught they may be able to claim 
that it wasn't them by saying that others had access to the account.  It may 
be enough to raise a reasonable doubt.

Just a thought,

skribe
-- 
Public key information available at:
http://www.amber.com.au/~skribe/publickey.html
Key fingerprint = A855 9CA3 953B 5195 C518  12F2 0E05 DCCD 5A88 E8A4 

Always leave room to add an explanation if it doesn't work out.



More information about the plug mailing list