Full Disclosure mailing list archives

Re: www.dia.mil

From: Valdis.Kletnieks () vt edu
Date: Mon, 27 Oct 2008 14:13:01 -0400

On Mon, 27 Oct 2008 21:33:19 +0400, Razi Shaban said:

Yes, they're including a remote javascript. Then again, tens if not
hundreds of thousands of other websites include the very same script.
If statcounter's servers aren't very secure, they would have already
been compromised.


One would *hope* that a major country's spook agencies kept themselves to a
*slightly* higher security standard than Sixpack Joe's Website and
Bait-n-Tackle Emporium.  The risk/benefit analysis for the average .com and
the average .spook are a bit different.

On the other hand, look at the voting machines the US gov't has
contracted. They have a tendency to screw up with technology, making
this one of their lesser problems (if you want to consider it a
problem at all).


A totally separate problem, but one that's not in DIA's jurisdiction.

Attachment: _bin
Description:

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

www.dia.mil Bipin Gautam (Oct 27)
- Re: www.dia.mil Razi Shaban (Oct 27)
  - Re: www.dia.mil Gary E. Miller (Oct 27)
  - Re: www.dia.mil Valdis . Kletnieks (Oct 27)
    - Re: www.dia.mil Razi Shaban (Oct 27)
    - Re: www.dia.mil Valdis . Kletnieks (Oct 27)
    - Re: www.dia.mil Bipin Gautam (Oct 27)
    - Re: www.dia.mil Gary E. Miller (Oct 27)
    - Re: www.dia.mil Bipin Gautam (Oct 27)
    - Re: www.dia.mil Jorrit Kronjee (Oct 30)
    - Re: www.dia.mil nocfed (Oct 30)
- <Possible follow-ups>
- Re: www.dia.mil Big R (Oct 27)
- Re: www.dia.mil Adrian P . (Oct 29)
  - Re: www.dia.mil Viktor Larionov (Oct 29)