[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [lists] Re: [Full-disclosure] F-Secure to release XSS "potential dangers"
- To: <Valdis.Kletnieks@xxxxxx>, "'n3td3v'" <xploitable@xxxxxxxxx>
- Subject: RE: [lists] Re: [Full-disclosure] F-Secure to release XSS "potential dangers"
- From: "Curt Purdy" <purdy@xxxxxxxxxx>
- Date: Fri, 28 Jul 2006 07:12:22 -0400
Valdis.Kletnieks@xxxxxx wrote:
> >n3td3v said:
> >
> > This is highly irresponsible of F-Secure and they should be held
> > legally responsible if the information they release in relation to
> > their "Netscape hacked" blog entry is used maliciously.
>
> You might want to review what you've posted to lists
> regarding vulnerabilities,
> and ask yourself - if F-Secure gets held to some legal
> standard of liability.
> where do you end up yourself?
>
> I don't know who's going to end up the test case/poster child
> for vulnerability
> liability - but it's much more likely to be an individual
> that posts to
> this list and can't afford a lawyer than a corporation with
> deep pockets
> like F-Secure....
:) n3td3v's mouth is going to get her in trouble one of these days.
Curt Purdy CISSP, GSNA, GSEC, CNE, MCSE+I, CCDA
Information Security Officer
Information Systems Security
infosysec.net
443.846.4231
-------------
If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- former White House cybersecurity czar Richard Clarke
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/