lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: mail at blazde.co.uk (Roland Postle)
Subject: Fwd: Returned post for bugtraq@...urityfocus.com

> Obviously the bugtraq moderators cannot see any issues with obfuscated URL's that look like
> http://www.ebay.com%252f%40evil.site.goes.here.

If your only post to bugtraq was the second one you posted here last
night I can understand entirely why it was rejected. There's many
people who read bugtraq who aren't security experts and they can't
immediately see what the problem is unless you spell it out, and point
out what implications it has. Even here on Full Disclosure it seems we
had the benefit of your first post showing the URL progressively
obfuscated.

I agree completly that people should post details of rejected bugtraq
posts here tho. That's the thing about censorship, it's difficult to
know how strong it is, because you never usually see the censored
material.

- Blazde

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ