Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Is Firefox JavaScript flawed ?
From: "Pink Hat" <pinkhat.h4x0r () gmail com>
Date: Tue, 10 Oct 2006 20:34:07 -0700

On 10/10/06, darkcube <darkcube () datavibe net> wrote:

it doesn't take much skill to be a security professional nowadays, or to
find most vulnerabilities, or to disclose them, or even to patch them.

You are only partially right there.  But I'll give it to you.

the skill lies in avoiding detection while actively exploiting these
vulnerabilities for fun and profit. if one can do so while
actively maintaining the facade of a 'security professional' and holding
down a serious paycheck, more power to him.

Agreed, but use your so called zero day against the wrong target and
you will get caught.  Unfortunately, the majority of so called
professionals, wouldn't detect a 10 inch black cock in their ass let
alone detect an unknown attack.

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]