1994-02-08 - Re: A serious question of ethics

Header Data

From: Tom Allard <m1tca00@FRB.GOV>
To: cypherpunks@toad.com
Message Hash: 500c7e384971c05615b6820e29ab76b1bcc7b30ae1aeeb9bb04755862acf160c
Message ID: <9402081742.AA26012@mass6.FRB.GOV>
Reply To: <9402071839.AA15102@pmantis.berkeley.edu>
UTC Datetime: 1994-02-08 17:46:47 UTC
Raw Date: Tue, 8 Feb 94 09:46:47 PST

Raw message

From: Tom Allard <m1tca00@FRB.GOV>
Date: Tue, 8 Feb 94 09:46:47 PST
To: cypherpunks@toad.com
Subject: Re: A serious question of ethics
In-Reply-To: <9402071839.AA15102@pmantis.berkeley.edu>
Message-ID: <9402081742.AA26012@mass6.FRB.GOV>
MIME-Version: 1.0
Content-Type: text/plain



- --------
nobody@pmantis.berkeley.edu wrote:

> Does that mean that I no longer should report the open system (I don't 
> dare telnet there to find out if it is the same one)?

> Also, and I'm purely curious, what actually became of my anonymous 
> report, and do I need to be worried about SS agents in dark sunglasses 
> coming to my home and dragging me away?  (Truely worried and scared)

I work on the Federal Reserve *Board*'s Research Network.  This network
is hidden behind a firewall, and won't even let you finger (much less telnet)
into.

I sent your message to the network administrator, Janice Shack-Marquez
(m1jsm00@frb.gov).  Obtw, Libby Flanagan has fled to the private sector
(lf@nwu.edu) where vendors can now give her coffee cups with filling out
forms.

Janice (quickly) got at least three people looking into the problem.
Bob Drzyzgula (m1rcd00@frb.gov) found a machine that perfectly matched the
problems you described.  Bob contacted them, and they seem to have corrected
the problem.

Don't worry about black hats, though.  If anything gets investigated, it outta be
the district bank.

I *would* like to know the IP address you had connected to to verify that
we're talking about the same machine.  You can use the remailers, and encrypt
to my public key (available on the servers, key ID C744CD).  

All the "cool" secrets (wire transfers and the like) don't get anywhere NEAR
the internet.  The Federal Reserve System has a separate (yes, encrypted)
network for sharing data.  The Federal Reserve Banks are all "private"
companies, and several offer various other services (such as economic
bulletin boards and the like).  The Federal Reserve *Board* has Research
network (where I am) used to prepare statistical releases and act as a data
service for the Chairman & Governors.  The Board does not offer any services
to the internet (we should, but that's a long story).  The point of all this
is that you didn't really find anything very sensitive, although we do
appreciate closing gaping holes like that.

rgds-- TA  (tallard@frb.gov)
[awaiting approval of new disclaimer]
pgp fingerprint: 10 49 F5 24 F1 D9 A7 D6  DE 14 25 C8 C0 E2 57 9D

              

-----BEGIN PGP SIGNATURE-----
Version: 2.3a

iQCVAgUBLVekwaAudFplx0TNAQHOdAP/WqSUic8PwvEuCkdOBSPZVlxJFwTlYXr8
0lLhnJDgs8+tUPp0Vd9Atc7nsvQM3mZ56xOIWED21KBcBRpaNlUG4E6bT9QrKKDi
dwfR/sHHysdpHx9yB2xlpunlkeBw2jMDEm5YbusgZNHbVpt7AaixcqKVyRrL2wJM
aNaFwEBJFOM=
=gME3
-----END PGP SIGNATURE-----





Thread