funsec mailing list archives
RE: mal blogs use, take #2
From: "Todd Towles" <toddtowles () brookshires com>
Date: Thu, 5 Jan 2006 13:54:37 -0600
It isn't going to stop for a long time I don't think XSS is everywhere as you know...and these sites have almost no reason to "secure up". These blogs and profile sites just want people to click on ads. Nothing more..that is there money. They don't mind closing the site for hours at a time...which Myspace does all the time. You get a free profile, get to keep in touch with friends and we use you to make money...I suggested SSL login to Myspace and I never heard anything back. No surprise. They could just use a pre-sign cert..lol
-----Original Message----- From: Gadi Evron [mailto:ge () linuxbox org] Sent: Thursday, January 05, 2006 1:50 PM To: Todd Towles Cc: Roland Dobbins; FunSec [List] Subject: Re: [funsec] mal blogs use, take #2 Todd Towles wrote:Sometimes very similar also happened on Xanga about a weekor two ago.It is a XSS self-spreading script (worm).So it is starting to gather speed... where it stops, nobody knows. Xanga: http://blogs.securiteam.com/index.php/archives/166 Gadi.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: MS Update coming today, (continued)
- Re: MS Update coming today Matthew Murphy (Jan 05)
- RE: MS Update coming today Larry Seltzer (Jan 05)
- RE: MS Update coming today Barrie Dempster (Jan 05)
- RE: MS Update coming today Randy Abrams (Jan 06)
- Re: MS Update coming today Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jan 05)
- Re[2]: MS Update coming today Pierre Vandevenne (Jan 05)
- RE: MS Update coming today Gary Funck (Jan 05)
- Re: MS Update coming today H D Moore (Jan 05)
- Re: mal blogs use, take #2 Gadi Evron (Jan 05)