Re: [SPAM] Re: Ektron CMS TakeOver Part (2) - PaylPal-Forward.com demonstration

[Mark Litchfield <mark () securatary com>]

On 2/4/2014 3:13 PM, security curmudgeon wrote:
> : > This is not the behavior of the site as of 48 hours ago.
>
> : Let me check.  Normal registration should also be available ? Infact I
> : will remove the registration.
> :
> : The purpose of this whole registration in the first place was to allow
> : for future postings I am going to make later this week that would only
> : be available to registered users.  Not necessarily vulnerabilities, but
> : useful "stuff" for pentesting.  Also all registered users would be given
> : a 48 hours head start on any new vulnerabilities that I post in the
> : future.
>
> Which is great, but I strongly recommend you allow a site-specific
> registration for such purposes. Giving up one of the two dominant social
> media accounts for it is excessive.
Whilst you may be correct, Securatary is working toward the reason why 
it exists in the first place - Crowd Sourcing - 
http://www.securatary.com/PPPs/Pentester-Info.  With this in mind, 
making user registration an easy and no hassle process was the reason to 
include these social log in features as an OPTION.  Since March last 
year I have been trying to get investment to get it up and running but 
no such luck as of yet.

Anyway, that is the reason for these log in options.  Using these are at 
the users discretion so I see no need to pull them down and to be 
honest, its my website, I would not dream of telling you (strongly 
recommend) what to do with yours.

Thanks

Mark

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/