
Infosec duo cuffed after physically breaking into courthouse during pentest - IanSanders
https://www.theregister.co.uk/2019/09/13/pentest_arrest_coalfire/
======
ColinWright
From the end of the article:

> _Additionally, we cannot comment on this specific case as it is an active
> legal matter._

Companies and other organisations always say this, and it's true. However,
what I'd like to see is this:

Make a statement, then encrypt it with a public/private keypair. Keep the
private key, and then when the legal matters are resolved, provide the private
key so we can see what you wanted to say.

Even simpler, file the statement under an escrow agreement.

In the main, _I don 't believe they want to say anything._ More, for those of
you into logic: _I actively believe they want to say nothing._

I believe the "... legal proceedings ..." is too convenient, and we should
pressure organisations to make statements under suitable escrow conditions.
Good and honest organisations would welcome it.

