Full Disclosure mailing list archives
Re: www.dia.mil
From: Adrian P. <unknown.pentester () gmail com>
Date: Wed, 29 Oct 2008 10:02:20 +0000
Welcome to the web! 1 website = content retrieved from dozens/hundreds of sites. Much more than what the browser's address bar shows ;) Think of ad banners, analytics JS ("legit" spyware), static content served from high-speed embedded httpds, etc ... And yes, there are security implications to this design problem. -----Original Message----- From: Valdis.Kletnieks () vt edu Sent: 27 October 2008 17:22 To: Razi Shaban <razishaban () gmail com> Cc: full-disclosure () lists grok org uk Subject: Re: [Full-disclosure] www.dia.mil On Mon, 27 Oct 2008 21:07:46 +0400, Razi Shaban said:
On Mon, Oct 27, 2008 at 7:59 PM, Bipin Gautam <bipin.gautam () gmail com> wrote:A picture is worth a thousand words. But whats so wrong about it? :PSo what?
A US intelligence agency is basically betting the bank that statcounter.com, a company apparently based in Ireland, doesn't get pwned or subverted. Does that give you warm-n-fuzzies? _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: www.dia.mil, (continued)
- Re: www.dia.mil Gary E. Miller (Oct 27)
- Re: www.dia.mil Valdis . Kletnieks (Oct 27)
- Re: www.dia.mil Razi Shaban (Oct 27)
- Re: www.dia.mil Valdis . Kletnieks (Oct 27)
- Re: www.dia.mil Bipin Gautam (Oct 27)
- Re: www.dia.mil Gary E. Miller (Oct 27)
- Re: www.dia.mil Bipin Gautam (Oct 27)
- Re: www.dia.mil Jorrit Kronjee (Oct 30)
- Re: www.dia.mil nocfed (Oct 30)
- Re: www.dia.mil Viktor Larionov (Oct 29)