Full Disclosure mailing list archives

Re: SECNICHE : Dwelling Security is On the Run

From: Aditya K Sood <zeroknock () secniche org>
Date: Sun, 17 Jun 2007 11:23:17 -0700

Michal Zalewski wrote:

On Tue, 12 Jun 2007 dcdave () att net wrote:

In an admittedly brief review of this page, I saw nothing useful or
informative to my career in information assurance.


Aditya has a history of using security mailing lists to advertise
his various security consulting projects (metaeye.org, etc) under the
guise of fairly bogus whitepapers and vulnerability reports:

http://portal.spidynamics.com/blogs/jeff/archive/2007/04/16/ASP.NET-encoding-shortcomings-_2800_review-of-MetaEye-analysis_2900_.aspx
http://www.webappsec.org/lists/websecurity/archive/2007-03/msg00079.html
http://www.webappsec.org/lists/websecurity/archive/2007-03/msg00115.html

As a rule, these claim to discuss cutting-edge attack techniques whilist
in fact describing something remarkably mundane (register_globals as
"Global Space Exploitation", form-based XSS as "Double Trap Attacks").

I would advise WEBSECURITY moderators to exercise... well, moderation in
approving his non-advisory posts:

http://www.webappsec.org/lists/websecurity/archive/2007-06/msg00010.html
http://www.webappsec.org/lists/websecurity/archive/2007-06/msg00019.html

/mz

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Hi all

              I dont know why Mr. Michael , such a good professional 
taking things in this way.
Upbringing to a new domain and releasing is a positive process. Rest I 
never use list
for something awful. Thats it.

I respect Michael for the work he had done. I have only one thing to say 
its not
necessary to have similar views and one sided perception of looking things.

The use of these words "aggrandizing" and "bogus" should not be done.

Thats it.

Regards
Zeroknock

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

SECNICHE : Dwelling Security is On the Run Aditya K Sood (Jun 11)
- <Possible follow-ups>
- Re: SECNICHE : Dwelling Security is On the Run dcdave (Jun 12)
  - Re: [WEB SECURITY] Re: SECNICHE : Dwelling Security is On the Run Thierry Zoller (Jun 12)
  - Re: [WEB SECURITY] Re: SECNICHE : Dwelling Security is On the Run Aditya K Sood (Jun 12)
  - Re: SECNICHE : Dwelling Security is On the Run Michal Zalewski (Jun 15)
    - Re: SECNICHE : Dwelling Security is On the Run Aditya K Sood (Jun 15)
    - Re: SECNICHE : Dwelling Security is On the Run Pranay Kanwar (Jun 16)
    - Re: SECNICHE : Dwelling Security is On the Run Aditya K Sood (Jun 16)
    - Re: SECNICHE : Dwelling Security is On the Run Pranay Kanwar (Jun 16)
    - Re: SECNICHE : Dwelling Security is On the Run Aditya K Sood (Jun 16)
    - Re: [WEB SECURITY] Re: SECNICHE : Dwelling Security is On the Run James Landis (Jun 16)
- Re: SECNICHE : Dwelling Security is On the Run Month of Random Hashes (Jun 16)