Full Disclosure mailing list archives

Re: What the f*** is going on?

From: Michal Zalewski <lcamtuf () coredump cx>
Date: Tue, 22 Feb 2011 09:11:30 -0800

I mean, if these are the security industry's geniuses, why, what would the
writers of Stuxnet be?


...seriously?

Disclosing how their epic story simply involved SQLi, well, what about the
guys discovering 0days in native code?


Totally. I have long postulated that perl -e '{print "A"x1000}' is
considerably more l33t than <script>alert(1)</script> or ' OR '1' ==
'1.

I don't understand the point you are getting at. I think that the more
interesting aspect of this story are the egregious practices revealed
in that write-up (and elsewhere):

http://lcamtuf.blogspot.com/2011/02/world-of-hbgary.html

/mz

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

What the f*** is going on? Pietro de Medici (Feb 22)
- Re: What the f*** is going on? Michal Zalewski (Feb 22)
  - Re: What the f*** is going on? root (Feb 22)
  - Re: What the f*** is going on? Charles Morris (Feb 22)
    - Re: What the f*** is going on? Michal Zalewski (Feb 22)
    - Re: What the f*** is going on? Chris Evans (Feb 22)
    - Re: What the f*** is going on? Michele Orru (Feb 23)
    - Re: What the f*** is going on? Chris Evans (Feb 24)
    - Re: What the f*** is going on? Fredrick Diggle (Feb 24)
    - Re: What the f*** is going on? jf (Feb 22)
    - Re: What the f*** is going on? Pietro de Medici (Feb 23)
  - Re: What the f*** is going on? jf (Feb 22)

(Thread continues...)