funsec mailing list archives

Re: Bad idea. Bad.

From: Valdis.Kletnieks () vt edu
Date: Wed, 22 Feb 2006 17:36:57 -0500

On Wed, 22 Feb 2006 16:26:18 CST, Todd Towles said:

 
Valdis wrote:

"JavaScript" as an example of a sandbagged executable.

This crew just blew their credibility. ;)


Then that credibility disppears on the second sentence of a 25+ page
abstract PDF.

http://www.ravenwhite.com/files/activecookies_--_2_Feb_06.pdf


A quick perusal indicates that they didn't consider the case of
a phish setting its own active cookie that would authenticate the phish
website.  Of course, I zipped through it, so maybe I missed it....

Attachment: _bin
Description:

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

RE: Bad idea. Bad. Todd Towles (Feb 22)
- Re: Bad idea. Bad. Valdis . Kletnieks (Feb 22)
- <Possible follow-ups>
- RE: Bad idea. Bad. Todd Towles (Feb 22)