Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Nominate Dan Kaminsky for Most Overhyped Bug Pwnie Award
From: mcwidget <mcwidget () gmail com>
Date: Wed, 23 Jul 2008 13:39:39 +0100

Hi Sandy Vagina,

Looks like they did a U-turn after realising how over hyped the bug
actually is.


So the Cat's out of the bag and the bug's public.


Still think this deserves a nomination?

Hype.  Excessive, exaggerated publicity, to give more attention than it

Given how easy it appears to be to redirect a client to a malicious web
server, is this publicity excessive?  It's clearly had the most publicity
but I don't think it's that clean cut.

This is an awkward one as Mom and Pop web surfers sitting at home are the
ones that are vulnerable here if they're redirected and phished, yet they
cannot patch this and easily protect themselves through their normal methods
such as Windows Update or IE7's phishing filter (correct me if I'm wrong
here but I think this will report the site as OK) - they're relying on other
people patching this.  In their shoes, I'd be screaming for publicity for
this to make sure other people are patching to keep me protected.
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]