Mailing List Archive: Full Disclosure: Full-Disclosure

Meet Kurt Greenbaum, Director of Social Media, St. Louis Post-Dispatch, Reports commenter to employer.

Full Disclosure full-disclosure RSS feed

Index | Next | Previous | View Threaded

sahalderf at ymail

Nov 19, 2009, 12:38 PM

Post #1 of 9 (869 views)
Permalink

Meet Kurt Greenbaum, Director of Social Media, St. Louis Post-Dispatch, Reports commenter to employer.

I smell a lawsuit coming on for our friend Greenbaum.

"ReadWriteWeb has an article up today discussing an incident in which a school employee lost his job after leaving a comment on the website of the St. Louis Post-Dispatch newspaper. After the school employee responded to the newspaper's poll of 'the strangest thing you've ever eaten' with a feline-inspired vulgarity, Kurt Greenbaum, the site's director of social media, tracked down the commenter's identity through his IP address and reported him to school officials. When confronted, the school employee resigned from his job."

http://yro.slashdot.org/story/09/11/19/0526239/Vulgar-Comment-On-Newspaper-Site-Costs-Man-His-Job

The comment in question:

"I have eaten many different animals (or at least parts of them), including rattlesnake, crocodile, alligator, iguana, turtle, and many different molluscs, arthropods, echinoids, and whatnot from sea or river. I have also eaten squirrel, bear, dog, and cat. So, I can say I have eaten pussy, and you can interpret or misinterpret it any way you want. Oh, and woof-woof, too."

Chilling free speech? It must invade the privacy of the poster to call his place of work over a comment like this.

What Greenbaum did was against the privacy policy of the site:

"We will not share individual user information with third parties unless the user has specifically approved the release of that information"

So should people who run newspaper blogs call up the place of work to report they said an innuendo about cats?

http://igreenbaum.com

I'll be the first to say it. Kurt Greenbaum is a miraculous hypocrite who's career has basically been ruined.

He may as well be like Chris Hansen and expose pedophiles. http://www.youtube.com/watch?v=8CgUXWIOLLw

__________________________________________________
Do You Yahoo!?
Sie sind Spam leid? Yahoo! Mail verfügt über einen herausragenden Schutz gegen Massenmails.
http://mail.yahoo.com

michael.holstein at csuohio

Nov 19, 2009, 2:02 PM

Post #2 of 9 (835 views)
Permalink

Re: Meet Kurt Greenbaum, Director of Social Media, St. Louis Post-Dispatch, Reports commenter to employer. [In reply to]

>
> What Greenbaum did was against the privacy policy of the site:
>

You seem to be missing the part where the comment was removed (several
times) and re-posted.

From : http://www.stltoday.com/help/privacy-policy

"..to protect against misuse or unauthorized use of our web sites"

Cheers,

Michael Holstein
Cleveland State University

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

mrx at propergander

Nov 19, 2009, 2:23 PM

Post #3 of 9 (828 views)
Permalink

Re: Meet Kurt Greenbaum, Director of Social Media, St. Louis Post-Dispatch, Reports commenter to employer. [In reply to]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Michael Holstein wrote:
>> What Greenbaum did was against the privacy policy of the site:
>>
>
> You seem to be missing the part where the comment was removed (several
> times) and re-posted.
>
> From : http://www.stltoday.com/help/privacy-policy
>
> "..to protect against misuse or unauthorized use of our web sites"
>
>
> Cheers,
>
> Michael Holstein
> Cleveland State University

So what? Ban the IP address. Admittedly a childish comment but the site is hardly one that is frequented by children.
imho Mr K. Greenbaum should be fired and sued.

And Mr Holstein you seem to be using your quote above out of context...

Compliance with Legal Process
We may disclose personal information if we or one of our affiliated companies is required by law to disclose personal information, or if we
believe in good faith that such action is necessary to comply with a law or some legal process, to protect or defend our rights and property, to
protect against misuse or unauthorized use of our web sites or to protect the personal safety or property of our users or the public.

INAL, however I ask where is the legal process in this matter?

regards
mrx

- --
I am not an expert, I have much to learn, I make mistakes.
My words are just opinions which may or may not reflect the truth.
Be kind to others, yet trust no one.

http://www.propergander.org.uk
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSwXFRrIvn8UFHWSmAQIwtwf/VNGjwG1wW7wd2BlUYf1XiQyG+DnjUGwQ
GLrHcda/hGBw912diOjSGfVEe3jZSgfrK3SAH2lIrRfMK/I+n6IJxzKOks41Ojmo
14DsWiuc/58aAF1Y0heK94Wm1jfzIqMx9GjR7iKLKKAW94YULyCh90xRgwIToNeO
WsxT0wP+f5XvZubCpXPVRGQV42XW1kg84t5dzPZXkjiii5dL6hSF7XBOLOrBejry
EMw+Eh3RUy1Jm4pjlzOwOUhm0BlHdYwzf+GPNs7X+wCE975gZ6K5P8T+UdvJP7nT
qL/jC7S8qNyVi2SBlURKLRaJm50GYv/dY9QDFLwWklcflymw67fMkw==
=tE1f
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

yirimyah at gmail

Nov 19, 2009, 3:56 PM

Post #4 of 9 (833 views)
Permalink

Re: Meet Kurt Greenbaum, Director of Social Media, St. Louis Post-Dispatch, Reports commenter to employer. [In reply to]

They're ORs, unfortunately. The language is unclear but it seems to be one
of those infernal boilerplate pieces of shit that basically invalidate the
assurances as to privacy.

You could still probably press the suit. "Unauthorised use" has recently
been defined and redefined, it's an evolving piece of law and if you have
the resources to get a jury trial they'll *want* to find in favor of the
plaintiff, which is more important than you might expect.

2009/11/20 mrx <mrx [at] propergander>

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Michael Holstein wrote:
> >> What Greenbaum did was against the privacy policy of the site:
> >>
> >
> > You seem to be missing the part where the comment was removed (several
> > times) and re-posted.
> >
> > From : http://www.stltoday.com/help/privacy-policy
> >
> > "..to protect against misuse or unauthorized use of our web sites"
> >
> >
> > Cheers,
> >
> > Michael Holstein
> > Cleveland State University
>
>
> So what? Ban the IP address. Admittedly a childish comment but the site is
> hardly one that is frequented by children.
> imho Mr K. Greenbaum should be fired and sued.
>
> And Mr Holstein you seem to be using your quote above out of context...
>
> Compliance with Legal Process
> We may disclose personal information if we or one of our affiliated
> companies is required by law to disclose personal information, or if we
> believe in good faith that such action is necessary to comply with a law or
> some legal process, to protect or defend our rights and property, to
> protect against misuse or unauthorized use of our web sites or to protect
> the personal safety or property of our users or the public.
>
> INAL, however I ask where is the legal process in this matter?
>
>
> regards
> mrx
>
> - --
> I am not an expert, I have much to learn, I make mistakes.
> My words are just opinions which may or may not reflect the truth.
> Be kind to others, yet trust no one.
>
> http://www.propergander.org.uk
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.2 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iQEVAwUBSwXFRrIvn8UFHWSmAQIwtwf/VNGjwG1wW7wd2BlUYf1XiQyG+DnjUGwQ
> GLrHcda/hGBw912diOjSGfVEe3jZSgfrK3SAH2lIrRfMK/I+n6IJxzKOks41Ojmo
> 14DsWiuc/58aAF1Y0heK94Wm1jfzIqMx9GjR7iKLKKAW94YULyCh90xRgwIToNeO
> WsxT0wP+f5XvZubCpXPVRGQV42XW1kg84t5dzPZXkjiii5dL6hSF7XBOLOrBejry
> EMw+Eh3RUy1Jm4pjlzOwOUhm0BlHdYwzf+GPNs7X+wCE975gZ6K5P8T+UdvJP7nT
> qL/jC7S8qNyVi2SBlURKLRaJm50GYv/dY9QDFLwWklcflymw67fMkw==
> =tE1f
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

mrx at propergander

Nov 19, 2009, 4:16 PM

Post #5 of 9 (830 views)
Permalink

Re: Meet Kurt Greenbaum, Director of Social Media, St. Louis Post-Dispatch, Reports commenter to employer. [In reply to]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

No problem regarding the personal post, I have made the same mistake myself.

I also see what you mean regarding the language of the privacy statement.
"unauthorised use" could be interpreted as any use that has not been given explicit approval before the fact.

Weasel words imho.

And Mr Holstein if this was the point you were trying to make, I accept it.

regards
mrx

dramacrat wrote:
> Sorry, forgot to reply-to-all.

> 2009/11/20 dramacrat <yirimyah [at] gmail>
>
>> They're ORs, unfortunately. The language is unclear but it seems to be one
>> of those infernal boilerplate pieces of shit that basically invalidate the
>> assurances as to privacy.
>>
>> You could still probably press the suit. "Unauthorised use" has recently
>> been defined and redefined, it's an evolving piece of law and if you have
>> the resources to get a jury trial they'll *want* to find in favor of the
>> plaintiff, which is more important than you might expect.
>>
>> 2009/11/20 mrx <mrx [at] propergander>
>>
>> -----BEGIN PGP SIGNED MESSAGE-----
>>> Hash: SHA1
>>>
>>> Michael Holstein wrote:
>>>>> What Greenbaum did was against the privacy policy of the site:
>>>>>
>>>> You seem to be missing the part where the comment was removed (several
>>>> times) and re-posted.
>>>>
>>>> From : http://www.stltoday.com/help/privacy-policy
>>>>
>>>> "..to protect against misuse or unauthorized use of our web sites"
>>>>
>>>>
>>>> Cheers,
>>>>
>>>> Michael Holstein
>>>> Cleveland State University
>>>
>>> So what? Ban the IP address. Admittedly a childish comment but the site is
>>> hardly one that is frequented by children.
>>> imho Mr K. Greenbaum should be fired and sued.
>>>
>>> And Mr Holstein you seem to be using your quote above out of context...
>>>
>>> Compliance with Legal Process
>>> We may disclose personal information if we or one of our affiliated
>>> companies is required by law to disclose personal information, or if we
>>> believe in good faith that such action is necessary to comply with a law
>>> or some legal process, to protect or defend our rights and property, to
>>> protect against misuse or unauthorized use of our web sites or to protect
>>> the personal safety or property of our users or the public.
>>>
>>> INAL, however I ask where is the legal process in this matter?
>>>
>>>
>>> regards
>>> mrx
>>>
>>> - --
>>> I am not an expert, I have much to learn, I make mistakes.
>>> My words are just opinions which may or may not reflect the truth.
>>> Be kind to others, yet trust no one.
>>>
>>> http://www.propergander.org.uk
>>> -----BEGIN PGP SIGNATURE-----
>>> Version: GnuPG v1.4.2 (MingW32)
>>> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>>>
>>> iQEVAwUBSwXFRrIvn8UFHWSmAQIwtwf/VNGjwG1wW7wd2BlUYf1XiQyG+DnjUGwQ
>>> GLrHcda/hGBw912diOjSGfVEe3jZSgfrK3SAH2lIrRfMK/I+n6IJxzKOks41Ojmo
>>> 14DsWiuc/58aAF1Y0heK94Wm1jfzIqMx9GjR7iKLKKAW94YULyCh90xRgwIToNeO
>>> WsxT0wP+f5XvZubCpXPVRGQV42XW1kg84t5dzPZXkjiii5dL6hSF7XBOLOrBejry
>>> EMw+Eh3RUy1Jm4pjlzOwOUhm0BlHdYwzf+GPNs7X+wCE975gZ6K5P8T+UdvJP7nT
>>> qL/jC7S8qNyVi2SBlURKLRaJm50GYv/dY9QDFLwWklcflymw67fMkw==
>>> =tE1f
>>> -----END PGP SIGNATURE-----
>>>
>>> _______________________________________________
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>
>>
>

- --
I am not an expert, I have much to learn, I make mistakes.
My words are just opinions which may or may not reflect the truth.
Be kind to others, yet trust no one.

http://www.propergander.org.uk
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSwXfxbIvn8UFHWSmAQL9SQgAvu4cN5dby3AUGPtYyX0NnHvVUEdEeJ6Y
yvbKgi5/VOT9uqAnoRWRABLwJh3dcrCpzKA9gjSWpyalqU/YzEQvfB/iFI1QQmZg
9u6N/mZgGkAW1WYeM54AnawrYW8a+2sF1c1QWBhX0gYRGNctOs/Gi7ObvndDb57Q
k4CAp537TqXLzbUwzPkoqNBoaDhBCa4CEkONvFYJtVbUTwmry8gH55tWXI48Fz6/
vWaw9XY5SDUmxz1QYnfji0YKg3OR2YPfdxKxRATdFba4iZa8S3AiOgxZ/OXDNewh
aeILmusBEeCjG+2Wx//EB6lTf5xr9sr7CMHziG+PZ/EsW/GctyNw1A==
=WZoJ
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

netinfinity.securitylab at gmail

Nov 19, 2009, 4:42 PM

Post #6 of 9 (826 views)
Permalink

Re: Meet Kurt Greenbaum, Director of Social Media, St. Louis Post-Dispatch, Reports commenter to employer. [In reply to]

Mr. Kurt Greenbaum made a mistake. Privacy violated, because there
are other mechanism's like baninig the IP, email or whatever is
necessary to submit the post. If this fails then you should conntact
the ISP of the "spammer" based on the IP.

--
netinfinity

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

sahalderf at ymail

Nov 19, 2009, 6:25 PM

Post #7 of 9 (810 views)
Permalink

Re: Meet Kurt Greenbaum, Director of Social Media, St. Louis Post-Dispatch, Reports commenter to employer. [In reply to]

Feel free to share your feelings with Greenbaum's boss:

Kevin Mowbray
Phone: 314-340-8970
E-mail: kmowbray [at] post-dispatch

--- mrx <mrx [at] propergander> schrieb am Fr, 20.11.2009:

Von: mrx <mrx [at] propergander>
Betreff: Re: [Full-disclosure] Meet Kurt Greenbaum, Director of Social Media, St. Louis Post-Dispatch, Reports commenter to employer.
An: full-disclosure [at] lists
Datum: Freitag, 20. November 2009, 0:16

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

No problem regarding the personal post, I have made the same mistake myself.

I also see what you mean regarding the language of the privacy statement.
"unauthorised use" could be interpreted as any use that has not been given explicit approval before the fact.

Weasel words imho.

And Mr Holstein if this was the point you were trying to make, I accept it.

regards
mrx

dramacrat wrote:
> Sorry, forgot to reply-to-all.

> 2009/11/20 dramacrat <yirimyah [at] gmail>
>
>> They're ORs, unfortunately. The language is unclear but it seems to be one
>> of those infernal boilerplate pieces of shit that basically invalidate the
>> assurances as to privacy.
>>
>> You could still probably press the suit. "Unauthorised use" has recently
>> been defined and redefined, it's an evolving piece of law and if you have
>> the resources to get a jury trial they'll *want* to find in favor of the
>> plaintiff, which is more important than you might expect.
>>
>> 2009/11/20 mrx <mrx [at] propergander>
>>
>> -----BEGIN PGP SIGNED MESSAGE-----
>>> Hash: SHA1
>>>
>>> Michael Holstein wrote:
>>>>> What Greenbaum did was against the privacy policy of the site:
>>>>>
>>>> You seem to be missing the part where the comment was removed (several
>>>> times) and re-posted.
>>>>
>>>> From : http://www.stltoday.com/help/privacy-policy
>>>>
>>>> "..to protect against misuse or unauthorized use of our web sites"
>>>>
>>>>
>>>> Cheers,
>>>>
>>>> Michael Holstein
>>>> Cleveland State University
>>>
>>> So what? Ban the IP address. Admittedly a childish comment but the site is
>>> hardly one that is frequented by children.
>>> imho Mr K. Greenbaum should be fired and sued.
>>>
>>> And Mr Holstein you seem to be using your quote above out of context...
>>>
>>> Compliance with Legal Process
>>> We may disclose personal information if we or one of our affiliated
>>> companies is required by law to disclose personal information, or if we
>>> believe in good faith that such action is necessary to comply with a law
>>> or some legal process, to protect or defend our rights and property, to
>>> protect against misuse or unauthorized use of our web sites or to protect
>>> the personal safety or property of our users or the public.
>>>
>>> INAL, however I ask where is the legal process in this matter?
>>>
>>>
>>> regards
>>> mrx
>>>
>>> - --
>>> I am not an expert, I have much to learn, I make mistakes.
>>> My words are just opinions which may or may not reflect the truth.
>>> Be kind to others, yet trust no one.
>>>
>>> http://www.propergander.org.uk
>>> -----BEGIN PGP SIGNATURE-----
>>> Version: GnuPG v1.4.2 (MingW32)
>>> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>>>
>>> iQEVAwUBSwXFRrIvn8UFHWSmAQIwtwf/VNGjwG1wW7wd2BlUYf1XiQyG+DnjUGwQ
>>> GLrHcda/hGBw912diOjSGfVEe3jZSgfrK3SAH2lIrRfMK/I+n6IJxzKOks41Ojmo
>>> 14DsWiuc/58aAF1Y0heK94Wm1jfzIqMx9GjR7iKLKKAW94YULyCh90xRgwIToNeO
>>> WsxT0wP+f5XvZubCpXPVRGQV42XW1kg84t5dzPZXkjiii5dL6hSF7XBOLOrBejry
>>> EMw+Eh3RUy1Jm4pjlzOwOUhm0BlHdYwzf+GPNs7X+wCE975gZ6K5P8T+UdvJP7nT
>>> qL/jC7S8qNyVi2SBlURKLRaJm50GYv/dY9QDFLwWklcflymw67fMkw==
>>> =tE1f
>>> -----END PGP SIGNATURE-----
>>>
>>> _______________________________________________
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>
>>
>

- --
I am not an expert, I have much to learn, I make mistakes.
My words are just opinions which may or may not reflect the truth.
Be kind to others, yet trust no one.

http://www.propergander.org.uk
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSwXfxbIvn8UFHWSmAQL9SQgAvu4cN5dby3AUGPtYyX0NnHvVUEdEeJ6Y
yvbKgi5/VOT9uqAnoRWRABLwJh3dcrCpzKA9gjSWpyalqU/YzEQvfB/iFI1QQmZg
9u6N/mZgGkAW1WYeM54AnawrYW8a+2sF1c1QWBhX0gYRGNctOs/Gi7ObvndDb57Q
k4CAp537TqXLzbUwzPkoqNBoaDhBCa4CEkONvFYJtVbUTwmry8gH55tWXI48Fz6/
vWaw9XY5SDUmxz1QYnfji0YKg3OR2YPfdxKxRATdFba4iZa8S3AiOgxZ/OXDNewh
aeILmusBEeCjG+2Wx//EB6lTf5xr9sr7CMHziG+PZ/EsW/GctyNw1A==
=WZoJ
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

__________________________________________________
Do You Yahoo!?
Sie sind Spam leid? Yahoo! Mail verfügt über einen herausragenden Schutz gegen Massenmails.
http://mail.yahoo.com

Valdis.Kletnieks at vt

Nov 20, 2009, 6:11 AM

Post #8 of 9 (798 views)
Permalink

Re: Meet Kurt Greenbaum, Director of Social Media, St. Louis Post-Dispatch, Reports commenter to employer. [In reply to]

On Fri, 20 Nov 2009 01:42:08 +0100, netinfinity said:

> necessary to submit the post. If this fails then you should conntact
> the ISP of the "spammer" based on the IP.

Unfortunately, that's exactly what *did* happen. Although for *home*
users, the 'ISP' is the person to complain to, for organizations that run
their own networks (like many businesses and schools, etc) the proper place
to complain is the network management of that organization. He contacted
the admins of the school's network, and said "One of your users is being
a bozo". The admin found the user and it resulted in the user resigning.

(Remember - in this case, contacting the school's network provider would
*not* have found the user, because the network provider just provides
a connection and bandwidth. Any login records/etc are at the *school*,
not the provider).

michael.holstein at csuohio

Nov 20, 2009, 1:38 PM

Post #9 of 9 (789 views)
Permalink

Re: Meet Kurt Greenbaum, Director of Social Media, St. Louis Post-Dispatch, Reports commenter to employer. [In reply to]

> (Remember - in this case, contacting the school's network provider would
> *not* have found the user, because the network provider just provides
> a connection and bandwidth. Any login records/etc are at the *school*,
> not the provider).
>

Vladis .. not sure about that school since it was K12, but in both your
case and mine .. we *are* the ISP (insofar as we have our own ASN and
valid info on whois).

If K12 is done there like I've seen in a lot of other places, they
probably have a consortium that provides connectivity and each
institution has a CIDR block within the consortium's AS .. and I'm sure
the school had some web-nazi appliance that made it a few-clicks of a
mouse to figure out "whodunit".

Also .. as to the legal matters .. the instructor in question would have
been in a much better position if he'd been fired rather than resigning.
Granted, he probably quit because he knew he *would* be fired .. but
it's hard to argue "unlawful termination" when you quit on your own
(IANAL, etc.).

Cheers,

Michael Holstein
Cleveland State University

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads