Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: RE: Informing Companies about security vulnerabilities...

From: <jay.tomas () infosecguru com>
Date: Thu, 5 Oct 2006 13:59:49 -0400
Ok, I think we have completely exasperated this topic.

2 Camps.

1 Camp - illegal or unethical to assess a site without permission.
2 Camp- Is not illegal , public facing, law won pursue anyway. Get a good Lawyer.

Lets pick a new topic and move on...

Jay

----- Original Message -----
From: Michael Scheidell
To: pen-test () securityfocus com
Sent: Thu, 5 Oct 2006 02:11:16 -0400
Subject: RE: Informing Companies about security vulnerabilities...


-----Original Message-----
From: listbounce () securityfocus com 
[mailto:listbounce () securityfocus com] On Behalf Of Joseph McCray
Sent: Wednesday, October 04, 2006 3:07 AM
To: pen-test () securityfocus com
Subject: Informing Companies about security vulnerabilities...


This probably won't sound like that big of a deal, but it 
still bothered me so I figured I'd ask the list. I was 
teaching a Web Application Security class last week and we 
were performing simple XXS, SQL Injection, etc on the 
vulnerable web apps I use for class.



So, what's the pool up to now?  I have $50 on two weeks before the FBI
closes down the school, takes all the computers in the school, executes
a search warrant for every students computer, and the bright boy
teaching the class spends thousands of dollars trying to explain to a
Judge (that reads the newspaper about hacks on banks) that what he did
was not hacking.

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------



------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: