| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 9 Sep 2007 14:13:25 +0530 From: LSNN <lamesecuritynews@...il.com> To: full-disclosure@...ts.grok.org.uk Subject: LSNN: Aditya releases lame documents; FD vulnerable MR. LAME ASS OF THE MONTH RELEASES NEW MATERIALS The lame ass of the month, Aditya K Sood has released two documents of the talks he delivered on Xfocus Xcon conference and OWASP Live 0 conference day. [1.1] The security community has usually found Aditya K Sood's documents to be lame and useless. Aditya K Sood also does not occur in any security list where vulnerabilities are verified before pusblishing. [1.2] OSVDB/CVE has a policy of tagging such vulnerabilities as Myth/Fake but they have ignored Aditya because they believe the vulnerabilities to be so lame that it can not create any potential confusion. [1.3] Finally, some frustrated soul in Full Disclosure awarded Aditya K Sood with the title of "Lame Ass of the Month". [1.4] Since then, Aditya seems to have been on a self-imposed exile from full disclosure. [1.1] http://www.webappsec.org/lists/websecurity/archive/2007-09/msg00032.html [1.2] http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065295.html [1.3] http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065296.html [1.4] http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065573.html A VULNERABILITY FOUND IN FULL DISCLOSURE MAILING LIST A vulnerability very common in many unmoderated forums also affects Full Disclosure mailing list. Any troll (like us) can can set rolling a long and winding discussion on lame topics which increases the SNR (signal to noise ratio) of the forum. A very recent example is the thread with the subject "Came across this site" [2.1] posted by Scott. Fortunately, Shyaam pointed out that it was a "Useless thread once again".The lame thread still got 4 lame replies. This vulnerability is common in many unmoderated forums. There are many open source project forums which are known to be less affected by this vulnerability because in such forums the users and programmers are driven by a common goal, sense of responsibility and common-sense. [2.1] http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065664.html ----- We are Lame Security News Network (LSNN) If you believe in a free and open news service for security researchers, please volunteer by sending us lame news and articles on security. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists