| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 26 Mar 2012 11:51:18 -0600
From: Aaron Toponce <aaron.toponce@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Apple IOS security issue pre-advisory record
On Mon, Mar 26, 2012 at 05:29:28PM +0000, Thor (Hammer of God) wrote:
> Making a conclusion of community behavior, good or bad, based on some
> indication of a number of clicks on some link is non sequitur. I
> actually don't see any reason why one would be surprised by a "security
> community" following links anyway. I've got a VM specifically used for
> this type of thing, and I know many others do as well. Many probably
> *want* the link to be malicious so they can analyze and harvest any
> potential attack and see if it is new or interesting. There is no
> corollary to qualified behavior from some ambiguous report that "300
> security researchers who should have known better."
The link is also publicly accessible via the browser and via RSS:
http://seclists.org/fulldisclosure/2012/Mar/262
http://seclists.org/rss/fulldisclosure.rss
Assuming "300 security researchers" clicked a link is silly.
--
. o . o . o . . o o . . . o .
. . o . o o o . o . o o . . o
o o o . o . . o o o o . o o o
Content of type "application/pgp-signature" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists