Secure Coding mailing list archives
[WEB SECURITY] RE: blog post and open source vulnerabilities to blog about
From: arshan.dabirsiaghi at aspectsecurity.com (Arshan Dabirsiaghi)
Date: Tue, 16 Mar 2010 15:48:53 -0400
I'm not sure Matt was suggesting burning sharing 0days, but if he was, I think he should not be discouraged. I think disclosure preference should be something like a "protected class" within OWASP. Arshan From: McGovern, James F. (P+C Technology) [mailto:James.McGovern at thehartford.com] Sent: Tuesday, March 16, 2010 2:36 PM To: Matt Parsons; OWASPDallas at utdallas.edu Cc: websecurity at webappsec.org; SC-L at securecoding.org Subject: [WEB SECURITY] RE: [SC-L] blog post and open source vulnerabilities to blog about This doesn't feel like responsible disclosure and is not the way to announce weaknesses in software. It is best to deal with scenarios that have already been addressed. ________________________________ From: sc-l-bounces at securecoding.org [mailto:sc-l-bounces at securecoding.org] On Behalf Of Matt Parsons Sent: Tuesday, March 16, 2010 11:41 AM To: OWASPDallas at utdallas.edu Cc: websecurity at webappsec.org; SC-L at securecoding.org Subject: [SC-L] blog post and open source vulnerabilities to blog about Hello, I am working on a software security blog and I am trying to find open source vulnerabilities to present and share. Does anyone else have any open source vulnerabilities that they could share and talk about? I think this could be the best way to learn in the open source community about security. I have a few but I would like to blog about a different piece of code almost every day. God Bless. Matt http://parsonsisconsulting.blogspot.com/ Matt Parsons, MSM, CISSP 315-559-3588 Blackberry 817-294-3789 Home office "Do Good and Fear No Man" Fort Worth, Texas A.K.A The Keyboard Cowboy mailto:mparsons1980 at gmail.com http://www.parsonsisconsulting.com http://www.o2-ounceopen.com/o2-power-users/ http://www.linkedin.com/in/parsonsconsulting http://parsonsisconsulting.blogspot.com/ http://www.vimeo.com/8939668 ************************************************************ This communication, including attachments, is for the exclusive use of addressee and may contain proprietary, confidential and/or privileged information. If you are not the intended recipient, any use, copying, disclosure, dissemination or distribution is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this communication and destroy all copies. ************************************************************ -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://krvw.com/pipermail/sc-l/attachments/20100316/2ed0d977/attachment.htm> -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: image/jpeg Size: 1719 bytes Desc: image001.jpg URL: <http://krvw.com/pipermail/sc-l/attachments/20100316/2ed0d977/attachment.jpeg> -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: image/jpeg Size: 2000 bytes Desc: image002.jpg URL: <http://krvw.com/pipermail/sc-l/attachments/20100316/2ed0d977/attachment-0001.jpeg>
Current thread:
- blog post and open source vulnerabilities to blog about Matt Parsons (Mar 16)
- blog post and open source vulnerabilities to blog about Jon Rose (Mar 16)
- blog post and open source vulnerabilities to blog about McGovern, James F. (P+C Technology) (Mar 16)
- [WEB SECURITY] RE: blog post and open source vulnerabilities to blog about Arshan Dabirsiaghi (Mar 16)
- [WEB SECURITY] RE: blog post and open source vulnerabilities to blog about Matt Parsons (Mar 16)
- [WEB SECURITY] RE: blog post and open source vulnerabilities to blog about Steven M. Christey (Mar 18)
- [WEB SECURITY] RE: blog post and open source vulnerabilities to blog about Arshan Dabirsiaghi (Mar 16)
- blog post and open source vulnerabilities to blog about Greg Beeley (Mar 16)
- blog post and open source vulnerabilities to blog about Dan Cornell (Mar 17)