(Junk) email of Doom: How the software your infosec & legal team requires you to run will give up your secret sauce. Alternate How I would have popped RSA and most of the Fortune 500. presented at Baythreat 2011

by Jason Craig,

Tags: Security

Summary : "Vendors sell (and organizations buy) crappy software. Some of these
are security solutions. These can end up compromising your
organizations in ways one doesn't normally anticipate.
Big companies have unique problems that require unique
solutions. They sue and they get sued and the cost of e-discovery can
be quite high on both sides of the suit. Software is purchased and
implemented by companies to save money and time and provide
semi-automated solutions in this space. I'll show how, through a
combination of design and implementation problems, this software can
compromise a company with a single junk email through it's rich array
of poorly written and configured features."