lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 4 May 2007 02:05:26 +0200
From: Felix von Leitner <felix-fulldisclosure@...e.de>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Month of ActiveX Bug

>    Looks like this has turned into the Month of Officeocx bugs, since the
>    first 3 are components sold in that package.

>    <snore...>

So, where are you ActiveX bugs, then?  Ever found anything?  Ever?
I think you couldn't find your way out of your garage, but that's just
me.

Why don't you do a month of eweek bugs.  We won't limit you at all.  Any
bug counts.  Even XSS bugs in open source perl webmail apps.  Anything?
Do you have even ONE?

Didn't think so.

>    Larry Seltzer
>    eWEEK.com Security Center Editor
>    [1]http://security.eweek.com/
>    [2]http://blogs.eweek.com/cheap_hack/
>    Contributing Editor, PC Magazine
>    larryseltzer@...fdavis.com

Yeah, man, that is, like, an impressive .sig, man.
And your credentials are stunning.  Stunning!1!!

Overall, your whole work is breathtaking.  You just reported on
Symantec's "ThreatCon" level going down from 2 to 1.  Your mom must be
so proud of you.  It takes some serious training to do that.

And I can only imagine what a high point that /Gs idea of yours was,
particularly when someone pointed you to the public blog entry in
Michael Howard's blog that says they already have it.  Lesser people
would have googled before blogging, uh, writing a column about it, but
not you.

Have you ever done anything in your life that could explain even half
the ego you give us the privilege to be showered with here?

Felix

PS: Nothing personal, I hate all journalists who piss on other people's
bug finding efforts, but then make money reporting on said bugs.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ