Hacker News new | past | comments | ask | show | jobs | submit login 

     If Chris wasn't going to post the info publically (ie, extort POF), 
     then he had nothing to worry about.
Considering that anybody can post that info anonymously and that the vulnerability used was there all along, if Chris is in fact innocent then he had plenty to worry about.



My understanding from reading the post is that the site owner would only publish Chris' private details if Chris published the private data, not someone else.


And how would the site owner know if it's Chris or not who published the data?


Chris may publish people's private details with his own name attached. It would be stupid but my expectations are low.

If, in a short period:

* Chris' personal account was used to crack the site

* Chris asked for money and was rejected

* Chris potentially threatened to leak the data

* The data was subsequently leaked anonymously

I'd say that there is also a good chance Chris was directly responsible.


Unfortunately on the web it is hard to establish the chronological order of things.

I.e. that data could have already been available to you if you paid the right price since 2 months ago.

Correlation is not causation, and we of all people should realize that.

I'm not defending Chris, it's just that Mark sounded like a jerk in that blog post and gave a more complicated explanation of the events than Chris; which means there's a good chance Mark got really defensive and blamed the person trying to help.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: