Re: XSS=10000

[Rauc <rauc () mastergeek com>]

> I have to admit this is in the top 10 "hacking contest" fails of all
> time. 

I am not sure that this is really a fail. For only $10k, he managed to
get a penetration test that involved numbers of hackers. Sure the
product failed to stand up, (Due to a really stupid bug) but the bug was
found, and now it can be fixed.

We have seen that the world is willing to put up with claims of software
being secure, even when it is not. Oracle's 'Unbreakable', Windows NT
was 'Unstoppable', and a host of others.

Business executives will still choose a product such as this so called
Strongmail, if it is marketed well. Additionally, if this company can
show that it learns from it's mistakes, as Microsoft had for a time,
they will be even better off.

--Rauc

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave