| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200402062118.i16LIG7W021335@turing-police.cc.vt.edu> From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu) Subject: Re: home land tracker software On Fri, 06 Feb 2004 15:42:32 EST, gabriel rosenkoetter <gr@...ipsed.net> said: > I might be scared if it seemed like they had any data useful data, but > since it's not clear exactly what data they'd have anyway (knowing > that my name exists doesn't take more than Google, and you can get > way more than that with whois(1)). Geezuz H. F**king.. An alledged infosec list, and nobody twigs to the fact that there are at least 4 sets of data: 1) The data that the website is going to show to Joe Random Tourist. 2) The data that the website is going to show to Joe Random Tourist with a Referer: pointing to slashdot.org 3) The data that the website is going to show to an authenticated user. 4) The data that the website is going to show to a hacker. These are probably all different, and we're only seeing reports for (1) and maybe (2). -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 226 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040206/683e7d56/attachment.bin
Powered by blists - more mailing lists