lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CA+4ruq-Rmb++keMxQURT5A72p0C9jgcxpqb_LNP5BDs-iRR-6g@mail.gmail.com>
Date: Sat, 24 Mar 2012 05:42:10 +0000
From: john doe <ninjaobsessed@...il.com>
To: rackow@....gov
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Apple IOS security issue pre-advisory record

Gentlemen, I must say that beyond the raw results the reactions are also
very interesting because I think this actually IS what I called  "community
behavior". Clics and votes are just one "reaction" type, and those clever
and smart comments are another one. Maybe much more important to understand
this corpus.
Indeed, this is the first test list to have started a smart debate around
the subject and even if I'm not a specialist I'll study those comments with
attention.

However, I have some questions.

For this list I was advised by a "geek" (with no offense), for example to
write the topic and format the content. I was also very lucky because it
appears that in the same time a real security advisory about Safari on IOS
has been released, making this fake test more attractive (that was not
expected).
My advisor told me that the high clics amount during the first minutes of
publication is not very surprising because this list is followed by
millions of readers, and a very few part are real security pro or "aware"
persons. Many others -the biggest part- are just casual readers. Would you
say this is correct ?

My feeling is also that this community has what I'd call a "scientist"
profile: this means people that tend to always test, think and discuss
things. This would explain why the falsification was quickly discovered,
explained to others and why a clever debate started.
I don't expect such a behavior on the other tests but maybe the "breaking
news" one.
Am I right on that ?

My advisor also warned me about possible aggressive reactions but I don't
see any so far. Was he right, or the fact that smart people started to
comment at the first place is an explanation ? Is it correct to say that
there is some kind of "respect", at least enough that when smart people are
speaking, the useless ones keep quiet ?

Whatever, this is very interesting and I must thank you all.

Regards,

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ