Skip to content

搞英语 → 看世界

翻译英文优质信息和名人推特

Menu
  • 首页
  • 独立博客
  • 专业媒体
  • 名人推特
  • 邮件列表
  • 关于本站
  • Product Hunt
  • Visual Capitalist
  • Elon Musk
Menu

违规披露一波三折:这就是它如此困难的原因

Posted on 2022-04-15

违规披露一波三折:这就是它如此困难的原因

多年来,我一直在感叹自己花了多少时间试图向受影响的公司披露数据泄露事件。到目前为止,这是处理Have I Been Pwned (HIBP) 违规行为中最耗时的一项活动,坦率地说,这是我能想象到的最吃力不讨好的任务。查找联系方式很困难。得到回应很难。没有一个组织会自动假设您正试图从他们那里获得现金是很难的。太难了,事实上,我想我会端到端记录这个过程并公开分享,以帮助证明这个过程是多么痛苦。

很久以前,我在“太难”的篮子中提交了(所谓的)Avvo 违规行为,直到上周看到这条推文后,我脑海中才响起了一个遥远的钟声:

@troyhunt看起来@avvo违反了他们的用户列表——我在我的 Avvo 特定地址上收到了那些“你被黑了”的诈骗电子邮件。没有密码,所以我猜他们是散列的。

— pḧÿzömë (@phyzome) 2022 年 4 月 4 日

预感这不会是一个简单的过程,我开始录制并开始我通常的披露过程。它失败了——完全失败了——但至少现在我对我所做的一切、我联系过的人以及我什至接触过的人都有一个完整的了解,但仍然无济于事。这是整个事情:

现在可以在 HIBP 中搜索 Avvo 数据泄露事件。到我发出通知时,他们去了 20,183 个人监控他们的帐户,还有 9,637 个人监控电子邮件地址受到影响的域。如果将来出现,我会用任何进一步的相关信息更新这篇文章。

原文: https://www.troyhunt.com/breach-disclosure-blow-by-blow-heres-why-its-so-hard/

本站文章系自动翻译,站长会周期检查,如果有不当内容,请点此留言,非常感谢。
  • Bob Nystrom (1)
  • Joel on Software (1)
  • John Resig (1)
  • Matt Might's blog (3)
  • News Letter (163)
  • Philip Walton (1)
  • Pivotal (1)
  • Scott Hanselman's Blog (2)
  • Tom's blog (1)
  • 英文媒体 (32,455)
    • Ars Technica (2,091)
    • Daily Infographic (244)
    • Engadget (5,161)
    • Enonomist (77)
    • FlowingData (225)
    • Hacker News (773)
    • Hacker News Daily (277)
    • Hacker Noon (125)
    • Harvard Health (138)
    • KK – Cool Tools (178)
    • KK – Recomendo (227)
    • Make Use Of (158)
    • NASA Astronomy Picture (233)
    • Product Hunt (6,501)
    • Psyche (202)
    • Quanta Magazine (169)
    • Science current issue (445)
    • Sidebar (910)
    • Singularity HUB (248)
    • TechCrunch (8,068)
    • The Practical Developer (99)
    • The Verge (5,574)
    • Visual Capitalist (332)
  • 英文推特 (15,564)
    • Bill Gates (302)
    • Brett Winton (1,091)
    • Cathie Wood (264)
    • Durov's Channel (25)
    • Elon Musk (4,495)
    • GeekWire (2,654)
    • Hunter Walk (47)
    • Mark Gurman (939)
    • Naval (647)
    • Parag Agrawal (52)
    • Ray Dalio (915)
    • Riccardo Mori (14)
    • Steph Smith (1,940)
    • Tim Cook (158)
    • Vitalik Buterin (2,021)
  • 英文独立博客 (3,341)
    • A learning a day (291)
    • A Smart Bear (2)
    • AddyOsmani.com (10)
    • Adwyat Krishna (29)
    • Ahmad Shadeed (2)
    • Alex Turek (1)
    • All Poetry (1)
    • All That is Solid (48)
    • André Staltz (2)
    • arxivblog (33)
    • Astral Codex Ten (15)
    • Atoms vs Bits (24)
    • AVC (34)
    • Basic Apple Guy (37)
    • Ben Thompson (13)
    • Benedict Evans (7)
    • Blog – storytelling with data (34)
    • Built For Mars (10)
    • Caleb Porzio (1)
    • Cameron Sun (1)
    • Christian Heilmann (32)
    • Christopher C (3)
    • Chun Tian (binghe) (1)
    • Codrops (12)
    • Cold Takes (14)
    • Dan Luu (1)
    • Daniel Lemire's blog (42)
    • David Amos (18)
    • David Perell (6)
    • David Walsh Blog (31)
    • Derek Sivers (20)
    • Desvl (13)
    • Devon's Site (5)
    • Digital Inspiration (26)
    • DKB Blog (4)
    • Douglas Vaghetti (12)
    • dropsafe (52)
    • DSHR (36)
    • Dunk (5)
    • DYNOMIGHT (36)
    • eagereyes (5)
    • Endless Metrics (135)
    • Entitled Opinions (8)
    • Exception Not Found (5)
    • Experimental History (17)
    • Farnam Street (5)
    • Fed Guy (10)
    • Felix Krause (3)
    • Florent Crivello (2)
    • Free Mind (6)
    • Full Stack Economics (40)
    • Funny JS (2)
    • Future A16Z (47)
    • Glassnode Insights (48)
    • Human Who Codes (2)
    • Infographics – Cool Infographics (10)
    • Information is Beautiful (10)
    • Irrational Exuberance (34)
    • Jacob Kaplan-Moss (13)
    • Jakob Greenfeld (40)
    • James Sinclair (3)
    • Jason Fried (17)
    • Jeff Kaufman (157)
    • John's internet house (16)
    • Johnny Rodgers (4)
    • Julia Evans (19)
    • Julian.com (2)
    • Kalzumeus (1)
    • Kevin Cox (10)
    • Kevin Norman (3)
    • KK – The Technium (50)
    • Krishna (6)
    • Lee Robinson (5)
    • Lines and Colors (41)
    • Lyn Alden – Investment Strategy (3)
    • Martin Fowler (22)
    • More To That (10)
    • Morgan Housel (67)
    • My Super Secret Diary (28)
    • Naval Blog (2)
    • Neckar's New Money (69)
    • Nick Whitaker (4)
    • Nicky's New Shtuff (1)
    • nutcroft (8)
    • Paul Graham (2)
    • Paul Graham: Essays (2)
    • Penguin Random House (49)
    • Phoenix's island (1)
    • Prof Galloway (31)
    • Python Weekly (25)
    • Rachel (31)
    • Real Life (34)
    • Sasha (45)
    • Science & technology (114)
    • Sébastien Dubois (6)
    • Secretum Secretorum (10)
    • Seth's Blog (113)
    • Shu Ding (3)
    • SignalFire (8)
    • Simon Willison's Weblog (115)
    • Simons Foundation (76)
    • SLIME MOLD TIME MOLD (19)
    • Slyar Home (8)
    • Spencer Greenberg (9)
    • Stay SaaSy (8)
    • Stephen Malina (4)
    • Stephen Wolfram Writings (2)
    • Strange Loop Canon (20)
    • Stratechery (9)
    • Tech Notes (10)
    • The Commonplace (29)
    • The Generalist (2)
    • The Intrinsic Perspective (28)
    • The Latest in Hearing Health | HeardThat (7)
    • The Mad Ned Memo (2)
    • The Rabbit Hole (25)
    • TLDR Newsletter (81)
    • Tomasz Tunguz (85)
    • Tony Kulesa (2)
    • Troy Hunt (50)
    • Tychlog (1)
    • Uncharted Territories (46)
    • Visualising Data (9)
    • Weichen Liu (20)
    • What's New (51)
    • Works in Progress (1)
    • Workspaces (32)
    • Writing (7)
    • Xe's Blog (29)
    • xkcd.com (104)
    • Yihui Xie (11)
    • Zoran Jambor (11)
©2023 搞英语 → 看世界 | Design: Newspaperly WordPress Theme