Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



WebApp Sec: RE: Felony For Refreshing A Web Page

RE: Felony For Refreshing A Web Page

From: Ebeling, Jr., Herman Frederick <hfebelingjr_at_lycos.com>
Date: Sat, 7 Jan 2006 22:24:42 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ----Original Message----
From: Jason Coombs [mailto:jasonc_at_science.org]
Sent: Saturday, 07 January, 2006 10:19
To: exon; zeno_at_cgisecurity.net
Cc: websecurity_at_securityfocus.com; webappsec_at_securityfocus.com
Subject: Re: Felony For Refreshing A Web Page

:: It's official. Americans are crazy.
:
: Although your sentiment is appreciated it's more likely a sign of a change of
expectation that
: society is adopting across-the-board, perhaps just a political swing and perhaps more
lasting in
: its implications.
:
: The rules are now simple: when you find a weakness in society, you are expected to do
one of the
: following but never both:
:
: 1. Report the vulnerability to the appropriate authority or peer group being careful
never to
: make use of your knowledge of the weakness in any way but still spreading awareness of
the
: vulnerability and hoping that everyone else obeys the rules and acts in accordance with
the
: principles of responsible disclosure.
:
: 2. Run away and hide, staying away from anything that even resembles the vulnerability,
unless
: there is computer forensic evidence that you discovered the vulnerability, in which case
you
: must opt for #1 above or else you can and will be prosecuted for wrongdoing based solely
on some
: person's so-called 'expert' opinion.
:
: Following these two simple rules will keep you out of harms way when other people fail
to follow
: these rules, and ensure that you always appear trustworthy and law-abiding.
:
: Regards,
:
: Jason Coombs
: jasonc_at_science.org

Jason,

        The sad thing is that even IF someone were to follow your two "rules" there will ALWAYS
be someone else who will try
to blame them for something. . .

Herman
Live Long and Prosper
 ___________________ _-_
 \==============_=_/ ____.---'---`---.____
             \_ \ \----._________.----/
               \ \ / / `-_-'
           __,--`.`-'..'-_
          /____ ||-
               `--.____,-'

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3

iQA/AwUBQ8B5/B/i52nbE9vTEQLpCgCgp6fV4i8Gv0ReQBa2hvYc1GOmJ9EAnjh0
fI4N0ZP5xcoYZahfIPLHVHQZ
=aRdL
-----END PGP SIGNATURE-----

-------------------------------------------------------------------------------
Watchfire's AppScan is the industry's first and leading web application
security testing suite, and the only solution to provide comprehensive
remediation tasks at every level of the application. See for yourself.
Download AppScan 6.0 today.

https://www.watchfire.com/securearea/appscansix.aspx?id=701300000003Ssh
-------------------------------------------------------------------------------
Received on Jan 08 2006

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]