Full Disclosure mailing list archives

About Vaibhav Pandey's stupidity and idiocy in web security


From: "Sachin Jindal" <technobuster () gmail com>
Date: Sun, 23 Sep 2007 11:48:18 +0530

Hi

I am a member of Hackers Library community of Orkut. One member of
Full Disclosure has called our community a member of idiots because of
Vaibhav Pandey's foolishness in wrongly analyzing an Orkut bug as
serious. I am not here to defend Vaibhav Pandey because no doubt he is
a fool who feels anything that requires net sniffing is a
vulnerability. I am here to defend HL community.

The full disclosure threads I am talking about are...

http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065651.html
(Fake claim by Vaibhav Pandey regarding Google  acknowledging a
vulnerability)

http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065911.html
(Save FD from idiots like Vaibhav Pandey doesn't know how to clone
cookies)

I want to clarify that HL community has nothing to do with Vaibhav
Pandey and does not acknowledge the lame claims of Vaibhav Pandey. In
fact some members of HL community objected the claims and ridiculed
him for boasting about discovering vulnerabilities without even the
knowledge of cloning cookies.

One member tried to explain him that if something requires
net-sniffing for exploitation, that can not be termed as serious
because many session management techniques are also susceptible to
net-sniffing. But Vaibhav Pandey couldn't learn anything and refuted
that it is very tough to clone cookies. Clearly Vaibhav Pandey doesn't
know a thing about web security and therefore should not be associated
with HL community in any way.  As a proof, one can see this thread:
http://www.orkut.com/CommMsgs.aspx?cmm=1162977&tid=2553634938994390060&na=2&nst=13

I request the members of FD to not attack an organization or community
merely because of a stupid claim by some of its member. Thank you.

And yeah, screw Aditya K Sood, screw Vaibhav Pandey. ;-)

- Sachin

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Current thread: