Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Apple IOS security issue pre-advisory record

From: Dave <mrx () propergander org uk>
Date: Sat, 24 Mar 2012 00:52:45 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 23/03/2012 23:26, Michal Zalewski wrote:

I find it very unfortunate that 300 supposed security professionals clicked
on a hidden link like that without first checking what it was, or if not
simply ignoring it like I did!!!


So how do you meaningfully "check what it is" without actually
requesting the document?

And what's the difference between that post and a hidden <img> or
<iframe> included on a less obvious website?

/mz


I am not an expert so please, for my education, correct me if I am wrong.
Is it not so much the request, but what the request is made with?
Would not requesting with wget mitigate any attack?

The source of the page and any scripts called by the page should be enough to ascertain whether the page is malicious 
or not.

Dave

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBT20a3bIvn8UFHWSmAQJEGQf/RxQPvQqCeoblnoMedzWkcxxQSrTg722g
oPSj02I+du/pX7YWBvX59435rpaPvVz4VIyS/uhrRqUXZYsJkry/1vmjTWv8boSm
NV5R8gP0Q3lDv8Xpqc4Agj9l5P5jX0lj7oLu5rUApRydsw+7byoDQXmrZ/qYnxFt
MkMd82RHqhKtKCogwlgLrjC4tCPG4v4ac4Y0LbHo9eeMAjS811JyQhngnBLyVHLj
5bdiJzdCmJgXaLDGC2jZm2DHBWATvAhtlW7Rk+/oFwPartQmAcIQ4vaX/KnOlIun
iafi4v5WhzfUG5DFTjDcQZc3dqPcrYH0diGUcxNQveNCqXwo303omA==
=5Li0
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: