Selling cookie info to third-parties is a classic example of you can make money without doing evil.
RSS

Tour de Telegraaf

2007/09/15 filed under /personal
Telegraaf Building

Recently I discovered a XSS hole and got invited for a tour of the building ("de Telegraaf" is one of the major newspapers in the Netherlands; founded in 1893). Unfortunately the presses weren't pressing any papers when I was there, so I have to come back for that tour some day.

I did however get to see the data center of de Telegraaf. Not sure of what to expect, I went over there and was warmly welcomed. I got my official "thank you" for pointing out the hole (which got patched rather fast!). After a brief chat, I was allowed in the many halls packed with servers, backup tape robots and all the goodie blinking leds. I was surprised by the volume of servers and network connections (mostly fiber, of course).

All in all I had a great time walking through the data center, chatting with the technicians and have to conclude that the IT department of the Telegraaf took my discovery very well. The tour and friendliness have made me rethink my opinion of the newspaper. I still don't think it's a good newspaper, yet at least it's a nice bunch of folks! ;-)

TT , , ,
Posted by: B10m | permanent link | comments (4)

Comments

Brian wrote at 2007-09-16 05:44:

Wow, you can actually point out flaws in a companies website in your country and NOT go to jail? Hell, I'm afraid to even point out to a company that their wifi is wide open for fear of getting charges pressed against me.

Still, it's nice to see that they took it well and actually fixed the problem. There are at least a few decent folks out there on the intarweb it seems.

B10m wrote at 2007-09-16 12:38:

Well, as long as you simply point out the flaw without exploiting it (too much) and don't break stuff, companies usually are happy with it. De Telegraaf just went the extra mile by offering me the sightseeing tour.

BOK wrote at 2007-09-26 12:00:

What? No pics of their "blinken lights"??! Not even in one of your hidden directories...

B10m wrote at 2007-09-26 12:04:

Hehehe I decided not to take pics of their blinking lights. Find a hole, show it to them and you'll get invited too ;-)

Comments are closed for this story.
Trackbacks are closed for this story.
return-member