Virus scanners
Amit's most recent post contained some badness, which triggered some
anti-virus systems to delete the post and try to post to the main
webappsec address. If you do not have a copy of Amit's post, then you
will need to find it the hard way as it's a fantastic paper and you
should read it. Use your favorite search engine:
"Exploiting the XmlHttpRequest object in IE" part II
If your virus scanner replies to mail lists, it is incorrectly
configured. Virus scanners should *never* send out a bounce to mail
lists. Lame virus scanners compound the effect of a virus' traffic
DDoS through an (unintentional but well meaning) amplification
attack. Please fix your virus scanners now. I will not be approving
any of these "notices" and they WILL bounce in a week's time.
Advance notice of slowness
I am attending OWASP EU next week as a speaker. This means a 30+ hour
flight as I'm about as far away from the conference as you can get
without starting to fly back the other way. Therefore, don't expect
much in the way of moderation next weekend, nor June 5-7 when I
return back to Australia, and moderation may be patchy in between.
On a shameless plug note, I'll be blogging like crazy whilst I'm
away, so if you like to read about cool junkets^H^H^H^H^H^H events
you should attend, you can do so here:
http://www.greebo.net/
thanks,
Andrew
- application/pkcs7-signature attachment: smime_p7s
Received on May 21 2006
Intro
