lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: ib at clusterfsck.net (Isaak Bloodlore)
Subject: openssl exploit code (e-secure-it owned)

Quoting Arjen De Landgraaf (arjen.de.landgraaf@...ogic.co.nz):

> Interesting is that we have had many, many comments
> from readers of this list, and they are all very positive.
> In fact, you are the only negative.  Even more particular,
> your review is extremely negative. Makes me wonder why.

Well, then...

a) The "database" is in fact a link collection, right? I searched for
"wireless", and the result was: links to outdated (moved) Anti-Online
pages (that's John 'JP' Vranesevich, someone I'd usually avoid to
mention even in the same document with the word 'security') and a
number of maistream media articles. Some useful, some very badly
reserached and therefore either just plain wrong or, even worse,
dangerous when followed. ("Securing 802.11 Wireless Network, Click
here to find out more!  Use Win2K Routing and Remote Access and PPTP
or IPSec to tighten security").

b) The layout is, well, degustibus non est dispudandum, right?

c) FRAMES! One could argue, that links and w3m now render frames
reasonably well, but which self-respecting security professional would
fire up Mozilla or Galeon just to visit your site, while doing his or
her normal reserach in w3m or links?

[icoflder] ALERT CENTRE

                [icoflder] * RED ALERT *

                [icoflder] * RED ALERT -

                [icoflder] * VIRUS ALERT *

                [icoflder] * YELLOW ALERT *

                [icoflder] * YELLOW ALERT


                [icoflder] *Virus / Worm

/Trojan OUTBREAK UPDATE CENTRE*

                [icoflder] HOAX AND SCAM ALERT

                [icoflder] REGIONAL ALERTS

THis just shows me, that noone in your development and design team
ever made the effort of actually looking at the pages with lynx or any
other text based browser. Are there better websites? Well, not
necessarily, but that does not make yours nicer on the eyes, either.

d) No redactional sorting. You have GRC documents in your collection.

Regards,

  ib

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ