Virus.Org IT Security News and Information Portal. We offer the latest IT security news, updates, product reviews, books, and articles for all you IT security professionals out there. Enter and get the best IT security information on the Internet.

 
. Welcome to the Virus.Org Mailing List Archive  
.
.


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]


Re: [Dailydave] XSS=10000
.

  • To: Rauc <[EMAIL PROTECTED]>
  • Subject: Re: [Dailydave] XSS=10000
  • From: Nate Lawson <[EMAIL PROTECTED]>
  • Date: Fri, 12 Jun 2009 14:32:09 -0700
  • Cc: dailydave <[EMAIL PROTECTED]>
  • In-reply-to: <[EMAIL PROTECTED]>
  • References: <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
.
 
Rauc wrote:
>> I have to admit this is in the top 10 "hacking contest" fails of all
>> time. 
> 
> I am not sure that this is really a fail. For only $10k, he managed to
> get a penetration test that involved numbers of hackers. Sure the
> product failed to stand up, (Due to a really stupid bug) but the bug was
> found, and now it can be fixed.
> 
> We have seen that the world is willing to put up with claims of software
> being secure, even when it is not. Oracle's 'Unbreakable', Windows NT
> was 'Unstoppable', and a host of others.
> 
> Business executives will still choose a product such as this so called
> Strongmail, if it is marketed well. Additionally, if this company can
> show that it learns from it's mistakes, as Microsoft had for a time,
> they will be even better off.

Nobody is going to buy this webmail thing. That's not the company's
goal. The webmail app is a trojan to show off their phone authentication
service, which is what they are really trying to sell.

-- 
Nate
_______________________________________________
Dailydave mailing list
[EMAIL PROTECTED]
http://lists.immunitysec.com/mailman/listinfo/dailydave
 
.
.
 
Copyright (c) Virus.Org 1997-2006.
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.