[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Major Greek bank sites with SSL vulnerable to XSS and open redirects



On Mon, May 11, 2009 at 10:33 AM, Paul Schmehl <pschmehl_lists@xxxxxxxxx> wrote:
> --On May 10, 2009 1:08:51 PM -0500 James Matthews <nytrokiss@xxxxxxxxx>
> wrote:
>
> >
> > Why are these banks still using ASP? It's insecure by default!
>
> Everything is insecure by default.  There is no such thing as secure by
> default.  Those that assume there is are the first to be hacked.

cute (old) opinion, but fairly useless in practice.


> Paul Schmehl, If it isn't already
> obvious, my opinions are my own
> and not those of my employer.
> ******************************************
> WARNING: Check the headers before replying

--
silky

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/