lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 12 Jan 2010 19:17:46 -0500
From: Guy <full-disclosure@...lamatix.com>
To: sunjester <tripmonster@...il.com>, full-disclosure@...ts.grok.org.uk
Subject: Re: Google Maps XSS (currently unpatched)

On Tue, Jan 12, 2010 at 6:23 PM, sunjester <tripmonster@...il.com> wrote:
> No I am not confusing the two. People want to separate them but fail to
> notice they are both one in the same when you are "surfing the web". Being
> secluded from danger (behind a firewall) or being hidden from the view
> others (behind a firewall) sounds to similar for me to separate the two.
>
> Your security is your privacy, and yes your privacy is your security. You
> give them both up when viewing anything online, it's the price you should
> have to pay to keep the the internet "safe" for casual users.

sunjester,

First of all, "security" is a myth. One can presume they're "secure"
(or secluded) from danger sitting behind a firewall, but to do so is
just foolish.

Second, how exactly does a firewall prevent
(google|msn|twitter|facebook|take-your-pick) from archiving vital
information, such as: search query history, financial information,
surfing habits, buying habits, relationships, hobbies, interests, etc?
With that amount of data, how can you (or anyone) believe the
integrity of your privacy is uncompromised just because you're,
"(behind a firewall)"?

Finally, uuh - no... My security is my security, and my privacy is my
privacy. I do not "give up" either of them when viewing anything
online. I do, however, put them at risk.

And who are you tell me I should give up my privacy/security when
surfing the Internet because I owe something to the "casual" user[s]?
Casual users are typically the ones ruining the experience for the
rest of us, and I don't owe anyone of them sh-t. You really believe
everyone using the Internet should forfeit their privacy and security
because they owe you something? That's "the price YOU" might pay, but
not everyone would agree, firewall or not.

Guy

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ