lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 23 Mar 2012 15:50:00 -0500
From: adam <adam@...sy.net>
To: Gary Baribault <gary@...ibault.net>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Apple IOS security issue pre-advisory record

Gary/John: imagine how many more would have if I didn't send that reply.
I'm sure I skewed the results, even if only slightly, by doing that.

On Fri, Mar 23, 2012 at 3:41 PM, Gary Baribault <gary@...ibault.net> wrote:

>  I find it very unfortunate that 300 supposed security professionals
> clicked on a hidden link like that without first checking what it was, or
> if not simply ignoring it like I did!!!
>
> Gary Baribault
> Courriel: gary@...ibault.net
> GPG Key: 0x685430d1
> Signature: 9E4D 1B7C CB9F 9239 11D9 71C3 6C35 C6B7 6854 30D1
>
>
> On 03/23/2012 12:34 PM, john doe wrote:
>
> he he, good catch :)
> Anyway, it doesn't hurt anybody: it's just a vote.
> Well, let me explain. I'm a journalist (non IT, mainstream) preparing an
> article about different internet communities behaviors. I've posted similar
> messages talking about a security issue, pron pics, divx, software and
> breaking news in several famous boards accordingly to analyze the different
> related communities behaviors.
> Each one links to a vote for different video contests so that I can
> measure the hints.
> Good to notice: this message has generated about 300 votes in the first 15
> minutes, making it the second score behind "divx" for now on.
>
> Thank you, and sorry for inconveniences (if any) !
>
> On Fri, Mar 23, 2012 at 1:59 PM, adam <adam@...sy.net> wrote:
>
>> That's pretty clever. But it doesn't work when people have tinyURL
>> previews enabled.
>>
>>  URL:
>> http://www.dailymotion.com/ajax/contest?*ajax_function=vote*
>> &ajax_arg[]=41941248&ajax_arg[]=2223<http://www.dailymotion.com/ajax/contest?ajax_function=vote&ajax_arg[]=41941248&ajax_arg[]=2223>
>>
>>  Response:
>> +:{"message":"Thank you","status":1}
>>
>>  On Fri, Mar 23, 2012 at 7:14 AM, john doe <ninjaobsessed@...il.com>wrote:
>>
>>>  Advisory Disclosure MD5: e29e5501dc2ca4d5fc06855762b14393
>>> Abstract <http://tinyurl.com/8xq2xcq>
>>>
>>> Regards,
>>>  _______________________________________________
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>
>>
>>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ