lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon Sep 12 21:32:56 2005
From: dufresne at winternet.com (Ron DuFresne)
Subject: Automated mass abuse of form mailers

On Mon, 12 Sep 2005, n3td3v wrote:

> You're missing the point, as i've tried to outline. This is an active
> project, and written code for such an outbreak is already within the
> hands of  *underground hacker communities*.
>
> If you look at my background posts, as posted earlier on the threat,
> you'll see the lead up.
>



Perhaps, and perhaps you danced about mine and missed them as well.  9 of
10 websites use off the freeshelf code, and most used dated code that was
never written with a mind towards secure.  So if folks are going to use
tools in existence rather then create their own hammers and drills they
should go for other then perhaps the first click in a google search and
find something that was coded with security in mind, rather then the first
link that likely pops up in a google search.  If the code is good that
they incorporate into their designs, then it kinda devalues the current
tools that nasty boys <and grils> are using, does it not?  If their tools
reply upon poorly written code, then replacing it with far better code
makes their efforts kinda nill, yes?

Thanks,

Ron DuFresne


> Thanks..
>
> On 9/12/05, Ron DuFresne <dufresne@...ternet.com> wrote:
> > On Mon, 12 Sep 2005, Michael Holzt wrote:
> >
> > > Automated mass abuse of form mailers
> > >
> >
> >        [smip]
> >
> >
> >
> > Nothing new really, this has been an issue for many years now.  And often
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

-- 
"Sometimes you get the blues because your baby leaves you. Sometimes you get'em
'cause she comes back." --B.B. King
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ