Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Posting w/o checking facts
From: Harry Hoffman <hhoffman () ip-solutions net>
Date: Mon, 25 Oct 2004 23:43:39 -0400


Ok, I didn't think this needed to be said but why the hell are ppl posting exploits without doing any actual testing?

WTF is up with that. Umm, ok I can say that XYZ is a problem cause it "looks like it may be one".

NO, YOU CAN'T!!!! Or rather you can but then when everyone says your name while trying to hold back a snicker don't seem surprised.

If you think something is a problem then test it! If you can't test it than say so *clearly* in your post.

Making wild claims that a users' session can be hijacked or that you can force your way into the xyz system without testing makes you sound stupid (usually with good reason).

There have been at least three posts within the past couple of weeks that make claims that are questionable at best and certainly don't come with proof (or even anything that might closely resemble anything near proof).

My $0.02 cents (and I'm sure others will share one way or another) ;-)


Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
  • Posting w/o checking facts Harry Hoffman (Oct 26)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]