mailing list archives
Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award
From: mcwidget <mcwidget () gmail com>
Date: Wed, 23 Jul 2008 13:39:39 +0100
Hi Sandy Vagina,
Looks like they did a U-turn after realising how over hyped the bug
So the Cat's out of the bag and the bug's public.
Still think this deserves a nomination?
Hype. Excessive, exaggerated publicity, to give more attention than it
Given how easy it appears to be to redirect a client to a malicious web
server, is this publicity excessive? It's clearly had the most publicity
but I don't think it's that clean cut.
This is an awkward one as Mom and Pop web surfers sitting at home are the
ones that are vulnerable here if they're redirected and phished, yet they
cannot patch this and easily protect themselves through their normal methods
such as Windows Update or IE7's phishing filter (correct me if I'm wrong
here but I think this will report the site as OK) - they're relying on other
people patching this. In their shoes, I'd be screaming for publicity for
this to make sure other people are patching to keep me protected.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/