Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

RE: [Bug Proofing Microsoft.com with Internet Explorer ** Part
From: "Andrew Aris" <andrew () dev bigfishinternet co uk>
Date: Wed, 17 Mar 2004 10:20:26 -0000

This is mainly the case because web design people dont really think about
security, because thats not their job. WEb designers are essentially graphic
designers who work in a specialised field. Their primary concerns are
appearence, usability, and site promotion.

-----Original Message-----
From: full-disclosure-admin () lists netsys com 
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of 
Random Letters
Sent: 17 March 2004 09:28
To: full-disclosure () lists netsys com
Subject: RE: [Full-disclosure] [Bug Proofing Microsoft.com 
with Internet Explorer ** Part

<opinion>

I think this demonstrates that the web design people haven't 
a clue about security. They're opening up their webserver to 
all sorts of potential expliots. If he can get some simple 
javascript to run then maybe other people can also do more 
sophisticated stuff.

Also, if they're that lax about security on their own 
machines, even their externally facing machines, then what 
does that say about the products they sell? They're supposed 
to be in the software business and stress in their marketing 
campaigns that their top concern is now security.

Is is hypocrisy or is it incompetence?

</opinion>

_________________________________________________________________
Use MSN Messenger to send music and pics to your friends 
http://www.msn.co.uk/messenger

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html





_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]