WebApp Sec mailing list archives
RE: [WEB SECURITY] Fundamental error in Corsaire's paper?
From: "Armag" <armag666 () mailhaven com>
Date: Fri, 28 Apr 2006 11:58:52 -0700
On Fri, 28 Apr 2006 21:01:34 +0200, "Amit Klein (AKsecurity)" <aksecurity () hotpop com> said:
On 28 Apr 2006 at 17:50, Martin O'Neal wrote:Hmmmm... - not too common, so it seems.Well, MS often tend to be the spanner in the ointment when it comes to standards compliance, but even if you accept all of those MS vagaries, this is still counter evidence to the blanket "There is no such thing as path security" statement. Granted, the practical worth of it today (with the browser issues in evidence) is limited. ;)OK, if that's the counter example, I can live with it ;-)
What is the final verdict, the original topic of this thread? The Corsaire article - is there a fundamental error in the recommendation part of it? -- Armag armag666 () mailhaven com -- http://www.fastmail.fm - Accessible with your email software or over the web ------------------------------------------------------------------------- Sponsored by: Watchfire Watchfire's AppScan is the industry's first and leading web application security testing suite, and the only solution to provide comprehensive remediation tasks at every level of the application. Change the way you think about application security testing - See for yourself. Download a Free Trial of AppScan 6.0 today! https://www.watchfire.com/securearea/appscansix.aspx?id=701300000007kaF --------------------------------------------------------------------------
Current thread:
- Re: WebScarab Fuzzer, (continued)
- Re: WebScarab Fuzzer Vlad (Jun 11)
- Re: WebScarab Fuzzer Rogan Dawes (Jun 11)
- RE: [WEB SECURITY] Fundamental error in Corsaire's paper? Martin O'Neal (Apr 27)
- RE: [WEB SECURITY] Fundamental error in Corsaire's paper? Amit Klein (AKsecurity) (Apr 27)
- Re: [WEB SECURITY] Fundamental error in Corsaire's paper? Dan Kuykendall (Apr 27)
- RE: [WEB SECURITY] Fundamental error in Corsaire's paper? Martin O'Neal (Apr 27)
- RE: [WEB SECURITY] Fundamental error in Corsaire's paper? Martin O'Neal (Apr 28)
- RE: [WEB SECURITY] Fundamental error in Corsaire's paper? Amit Klein (AKsecurity) (Apr 28)
- Re: [WEB SECURITY] Fundamental error in Corsaire's paper? Brian Eaton (Apr 28)
- RE: [WEB SECURITY] Fundamental error in Corsaire's paper? Amit Klein (AKsecurity) (Apr 28)
- RE: [WEB SECURITY] Fundamental error in Corsaire's paper? Armag (Apr 28)
- RE: [WEB SECURITY] Fundamental error in Corsaire's paper? Amit Klein (AKsecurity) (Apr 28)
- Re: [WEB SECURITY] Fundamental error in Corsaire's paper? Achim Hoffmann (Apr 30)
- RE: [WEB SECURITY] Fundamental error in Corsaire's paper? Armag (Apr 28)
- RE: [WEB SECURITY] Fundamental error in Corsaire's paper? Martin O'Neal (Apr 28)
- RE: [WEB SECURITY] Fundamental error in Corsaire's paper? Martin O'Neal (Apr 29)