[plug] ISPs storing plain-text passwords...
skribe
skribe at amber.com.au
Tue Aug 7 13:58:20 WST 2001
On Tue, 7 Aug 2001 13:46, Benjamin Keith wrote:
> It is not only in the user's interest to keep the account passwords secure,
> it is also the ISP's. A number of messages mentioned the financial impact
> of someone using your credit cards details to buy stuff or even your
> internet account for downloading lots of traffic. What about for launching
> (D)DOS attacks? or downloading child porn? (that's a black mark that
> nobody wants against their name) or warez? etc I'm sure every ISP would
> be embarrassed to have any of the above happening through their servers.
<Disclaimer>
IANAL.
</Discliamer>
The may be possible legal problems for the ISP if something illegal is done
through the account (d/ling child porn, DoS, etc as already mentioned). Even
if the user is the one responsible and is caught they may be able to claim
that it wasn't them by saying that others had access to the account. It may
be enough to raise a reasonable doubt.
Just a thought,
skribe
--
Public key information available at:
http://www.amber.com.au/~skribe/publickey.html
Key fingerprint = A855 9CA3 953B 5195 C518 12F2 0E05 DCCD 5A88 E8A4
Always leave room to add an explanation if it doesn't work out.
More information about the plug
mailing list