lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 2 Jul 2004 02:52:52 -0000
From: "http-equiv@...ite.com" <1@...ware.com>
To: <bugtraq@...urityfocus.com>
Subject: RE:  RE:  SUPER SPOOF  DELUXE Re: [Full-Disclosure] Microsoft and Security




What an utterly pathetic scenario you present. Obviously you're 
blissfully unaware of the current security trend of site 
spoofing, 'phishing', url spoofing, DNS spoofing, zone spoofing 
and on and on and on.

and of course now very the latest 'security expert spoofing' !

 <!-- 

"Your subject makes it sound like this is a spoofing 
vulnerability"

You have to look at the prerequisite attack scenario. You are 
surfing to
some random site and out of nowhere it opens WellsFargo.com or
WindowsUpdate. At this point you are thinking one of 2 things, 
either 

"What the.. I didn't go to WindowsUpdate/WellsFargo .. Let me 
just close
that window .. Damn popups" 

or 

"Hey how nice, WindowsUpdate/WellsFargo magically appeared in 
front of
me and I didn't even intend to go there .. I was just surfing 
for porn
.. Let me hurridly download some stuff from there and give it my 
account
details"

 -->



-- 
http://www.malware.com









Powered by blists - more mailing lists