Re: Apple IOS security issue pre-advisory record

[fulldisclosure () briaeros007 org]

Le 24.03.2012 06:42, john doe a écrit :
> Gentlemen, I must say that beyond the raw results the reactions are
> also very interesting because I think this actually IS what I called 
> "community behavior". Clics and votes are just one "reaction" type,
> and those clever and smart comments are another one. Maybe much more
> important to understand this corpus.
>  Indeed, this is the first test list to have started a smart debate
> around the subject and even if Im not a specialist Ill study those
> comments with attention.
>
> However, I have some questions.
>
> For this list I was advised by a "geek" (with no offense), for 
> example
> to write the topic and format the content. I was also very lucky
> because it appears that in the same time a real security advisory
> about Safari on IOS has been released, making this fake test more
> attractive (that was not expected).
>  My advisor told me that the high clics amount during the first
> minutes of publication is not very surprising because this list is
> followed by millions of readers, and a very few part are real 
> security
> pro or "aware" persons. Many others -the biggest part- are just 
> casual
> readers. Would you say this is correct ?
>
> My feeling is also that this community has what Id call a "scientist"
> profile: this means people that tend to always test, think and 
> discuss
> things. This would explain why the falsification was quickly
> discovered, explained to others and why a clever debate started.
>  I dont expect such a behavior on the other tests but maybe the
> "breaking news" one.
> Am I right on that ?
>
> My advisor also warned me about possible aggressive reactions but I
> dont see any so far. Was he right, or the fact that smart people
> started to comment at the first place is an explanation ? Is it
> correct to say that there is some kind of "respect", at least enough
> that when smart people are speaking, the useless ones keep quiet ?
>
> Whatever, this is very interesting and I must thank you all.
>
> Regards,


Hello,

I'm one those who clicked on it (and to make matters wors : after it 
was discover and discussed).

Why I click on it : it's a big thread and wanted to begin the reading 
with the first post ^^.

The fact that I run it on a noscript activated up to date firefox 
doesn't change the fact that I run it without too much attention and I'm 
the one to blame it.

So for the possible "aggressive reacions" : yes, but only about myself.

To be frank, the first things I was thinking after seeing what was the 
link was "well : owned like a newbie".

Cordially.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/