Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Gmail Information Disclosure Vulnerability
From: Rudolf Polzer <divzero () gmail com>
Date: Mon, 5 Jul 2004 08:27:34 +0200

Gmail service is in Beta. You have no credibility posting this advisory. The correct channel to post such "bugs" is 
the Gmail contact link for "bug reports". 
If you weren't a script kiddie or scene whore, you would have known to hold information until such a time that Gmail 
became a public service.

Then he'd probably be regarded as a kiddie too... unless he has
reported the bug before. Keeping bugs secret and waiting until many
people use a product, then releasing the advisory is in two senses
contraproductive:

a) if you had disclosed the information to the author (here: Google)
before, the bug would most probably have been fixed
b) more people are affected by waiting

Posting it here while gmail is in beta stadium is not SO bad - but one
should also report it to gmail themselves.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]