[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <004501c22b47$dc0e1ce0$0a00a8c0@violetclub>
From: mail at blazde.co.uk (Roland Postle)
Subject: Anonymous surfing my ass!
> Combine an incompetant programmer with a wanna-be incompetant researcher
> and what do you get? A stupid advisory.
>
> First of all, you "hacked your way out of" Anonymizer. Does this mean
> that you paid for their service, then managed to surf without being
> anonymous? Or, you managed to get their pay service for free?
I think if you at least clicked the advisory link (
http://spoor12.edup.tudelft.nl/SkyLined%20v4.2/?Advisories/Anonymous
surfing, NOT! ) it would help relieve some of your ignorance. What he's
reffering to is a getting script (usually javascript) through the filters
and executing on the 'anonymous' person's machine. If a site can do that
they can save cookies to the machine, thereby breaking the anonymity.
It's not really cross site scripting, though the techniques used to get it
through are similar. Right now 'cross site scripting' seems to be the buzz
word attached to any security breach involving scripts. Something we have to
live with I guess. Anyway, whatever it's called SkyLined seems to be the
l33test at it ;)
- Blazde
Powered by blists - more mailing lists