Full Disclosure mailing list archives
Re: Full-Disclosure Digest, Vol 17, Issue 48
From: "Mike M" <mkmaxx () gmail com>
Date: Mon, 24 Jul 2006 20:26:16 +0530
Drama queen..
Enough said. Although I can tell you what's going on here. XSS is suffering an identity crisis and a public relations disaster. There is a lack of high profile hacks with XSS now. We had the Myspace worm, although that was really a harmless proof of concept incident and no harm really came of it. What XSS really needs is a major incident to bring it back into the credibility ratings. [blah blah blah] yahoo [blah blah] google [blah.. is needed. I think it says more [blah blah blah] yahoo [blah blah] google [blah.. There should be stiff penalties within corporations. If programmers were told your dick would be chopped off if you let a product go live without penetration testing it first with an automated XSS auditing tool, then you can bet the XSS flaws would go away tomorrow. Ok, maybe just cut their pay for that month, not their dicks off, but you get the idea. [blah blah blah] yahoo [blah blah] google [blah.. [blah blah blah] yahoo [blah blah] google [blah.. The developer shrugs his shoulders and carries on coding. ..
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Full-Disclosure Digest, Vol 17, Issue 48 Mike M (Jul 24)