|
Full Disclosure
mailing list archives
Re: www.dia.mil
From: Adrian P. <unknown.pentester () gmail com>
Date: Wed, 29 Oct 2008 10:02:20 +0000
Welcome to the web!
1 website = content retrieved from dozens/hundreds of sites. Much more than what the browser's address bar shows ;)
Think of ad banners, analytics JS ("legit" spyware), static content served from high-speed embedded httpds, etc ...
And yes, there are security implications to this design problem.
-----Original Message-----
From: Valdis.Kletnieks () vt edu
Sent: 27 October 2008 17:22
To: Razi Shaban <razishaban () gmail com>
Cc: full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] www.dia.mil
On Mon, 27 Oct 2008 21:07:46 +0400, Razi Shaban said:
On Mon, Oct 27, 2008 at 7:59 PM, Bipin Gautam <bipin.gautam () gmail com> wrote:
A picture is worth a thousand words.
But whats so wrong about it?
:P
So what?
A US intelligence agency is basically betting the bank that statcounter.com,
a company apparently based in Ireland, doesn't get pwned or subverted.
Does that give you warm-n-fuzzies?
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
- Re: www.dia.mil, (continued)
Re: www.dia.mil Big R (Oct 27)
Re: www.dia.mil Adrian P . (Oct 29)
|
Intro
