Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: IE
From: Will Image <xillwillx () yahoo com>
Date: Tue, 20 Jul 2004 01:22:32 -0700 (PDT)

never said i felt any safer, im just saying its one
more step towards security .. of security by
obsecurity has always been the prefered method ... 


--- nicolas vigier <boklm () mars-attacks org> wrote:
On Sun, 18 Jul 2004, Ill will wrote:

"user-agent contains very little _sensitive_ info"

user agents could be used for exploits.. like
redirecting the browser
to whatever exploit page  by the definition of
what browser is
connecting to it etc.. so it would be a  good idea
for some people to
conseal what type of browser is defined in the
headers

And you can feel safe with that ? Someone can put an
exploit on a page
without checking your browser before.
The real solution is to use a browser with no known
vulnerability (and
that's better if it didn't have a lot in the past),
not to try to hide


what you are using.

_______________________________________________
Full-Disclosure - We believe in it.
Charter:
http://lists.netsys.com/full-disclosure-charter.html




                
__________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail - 100MB free storage!
http://promotions.yahoo.com/new_mail 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault