funsec mailing list archives
Re: [off-list] Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases
From: Valdis.Kletnieks () vt edu
Date: Wed, 27 Jun 2007 23:41:18 -0400
On Wed, 27 Jun 2007 22:01:33 CDT, Dennis Henderson said:
Can anyone explain how getting pnwed by a keylogger or a trojan is not their fault? Do we have to argue what "fault" is? I hope not, becuase that could take days... :)
Hmm.. there was a bunch of Italian websites serving up exploits pretty recently. Who's fault is it if you visit some presumably trustable and legitimate website that you've been visiting for *years*, and that morning they got hacked and send your copy of IE an exploit for a yet-unpatched vulnerability? Or even better - a 3rd party site that does banner ads and the like is the one that got hacked. So you visit www.snopes.com, and you find out the hard way that www.burstnet.com was pwned. Care to explain to me how *THAT* is the fault of any Joe Sixpack? Remember that if you say it's their fault, you *also* need to provide *workable* advice on how they were supposed to prevent it. Good luck explaining noscript.net to Joe Sixpack, let me know how that works out for you...
Does anyone have the balls to admit that they have been pwned thru no fault of their own? I would love to hear that story.
There's this security person by the name of Raven Adler. I suggest you ask her who's fault it was she got nailed by a MacOSX 0-day in front of everybody, and how things turned out when she went to talk to Apple about it...
Attachment:
_bin
Description:
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Fergie (Jun 27)
- Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases B.K. DeLong (Jun 27)
- Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Dennis Henderson (Jun 27)
- Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Blue Boar (Jun 27)
- Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Jim Murray (Jun 28)
- Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Gadi Evron (Jun 28)
- Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Nick FitzGerald (Jun 28)
- Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Bill Weiss (Jun 28)
- Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Dennis Henderson (Jun 28)
- Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Dennis Henderson (Jun 27)
- Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases B.K. DeLong (Jun 27)
- Re: [off-list] Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Dennis Henderson (Jun 27)
- Re: [off-list] Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Valdis . Kletnieks (Jun 27)
- Re: [off-list] Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Dennis Henderson (Jun 28)
- Re: [off-list] Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Valdis . Kletnieks (Jun 28)
- Re: [off-list] Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Dude VanWinkle (Jun 28)
- Re: [off-list] Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Dennis Henderson (Jun 28)
- Re: [off-list] Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Valdis . Kletnieks (Jun 28)