lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 6 Jan 2009 16:36:09 +0200
From: "Avraham Schneider" <avri.schneider@...il.com>
To: "Gary Wilson" <dragon@...gons.org.uk>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: FD / lists.grok.org - bad SSL cert

On Tue, Jan 6, 2009 at 12:04 PM, Gary Wilson <dragon@...gons.org.uk> wrote:
>
> On Mon, January 5, 2009 19:01, James Matthews wrote:
>> SSL certs cost money. This one works the same. etc..
>>
>
> Well whilst I agree the self generated ones or whatever work well, I find
> it amusing that a _security_ based list is using one, and then expects
> people in the security industry to blindly accept or add exceptions for it
> - my irony alarm is going overtime at that one.  I certainly wouldn't add
> an exception, as it's not a trusted website to me.  I'm sure others would
> see it the same.
What's the worst case? Someone sniffing your unsub request?
It's not like an e-commerce website. I don't see why FD should even
have SSL in the first place.

I would guess the webmaster simply added SSL to allow those who have
port 80 to full-disclosure (containing malicious code) filtered...

I think you are over-dramatizing 'the irony'.

>
> Doesn't matter now, as I'm unsubbed via the mail method, because FD just
> has too much noise-signal these days.
>
>
>
> --
>   /           Gary Wilson, aka dragon/dragonlord/dragonv480            \
>  .'(_.------.  e: dragon@...thernscum.org.uk MSN: dragonv480   .------._)`.
> <   _       | FB: http://profile.to/gary_wilson_horse_dentist/ |       _   >
>  `.( `------'     w: http://volvo480.northernscum.org.uk       `------' ).'
>   \                w: http://www.northernscum.org.uk                   /
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ