[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Apple IOS security issue pre-advisory record

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] Apple IOS security issue pre-advisory record
From: Gary Baribault <gary@xxxxxxxxxxxxx>
Date: Fri, 23 Mar 2012 16:41:20 -0400

I find it very unfortunate that 300 supposed security professionals
clicked on a hidden link like that without first checking what it was,
or if not simply ignoring it like I did!!!

Gary Baribault
Courriel: gary@xxxxxxxxxxxxx
GPG Key: 0x685430d1
Signature: 9E4D 1B7C CB9F 9239 11D9 71C3 6C35 C6B7 6854 30D1


On 03/23/2012 12:34 PM, john doe wrote:
> he he, good catch :)
> Anyway, it doesn't hurt anybody: it's just a vote.
> Well, let me explain. I'm a journalist (non IT, mainstream) preparing
> an article about different internet communities behaviors. I've posted
> similar messages talking about a security issue, pron pics, divx,
> software and breaking news in several famous boards accordingly to
> analyze the different related communities behaviors.
> Each one links to a vote for different video contests so that I can
> measure the hints.
> Good to notice: this message has generated about 300 votes in the
> first 15 minutes, making it the second score behind "divx" for now on.
>
> Thank you, and sorry for inconveniences (if any) !
>
> On Fri, Mar 23, 2012 at 1:59 PM, adam <adam@xxxxxxxxx
> <mailto:adam@xxxxxxxxx>> wrote:
>
>     That's pretty clever. But it doesn't work when people have tinyURL
>     previews enabled.
>
>     URL:
>     
> http://www.dailymotion.com/ajax/contest?*ajax_function=vote*&ajax_arg[]=41941248&ajax_arg[]=2223
>     
> <http://www.dailymotion.com/ajax/contest?ajax_function=vote&ajax_arg[]=41941248&ajax_arg[]=2223>
>
>
>     Response:
>     +:{"message":"Thank you","status":1}
>
>     On Fri, Mar 23, 2012 at 7:14 AM, john doe <ninjaobsessed@xxxxxxxxx
>     <mailto:ninjaobsessed@xxxxxxxxx>> wrote:
>
>         Advisory Disclosure MD5: e29e5501dc2ca4d5fc06855762b14393
>         Abstract <http://tinyurl.com/8xq2xcq>
>
>         Regards,
>         _______________________________________________
>         Full-Disclosure - We believe in it.
>         Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>         Hosted and sponsored by Secunia - http://secunia.com/
>
>
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Apple IOS security issue pre-advisory record
  - From: adam
- Re: [Full-disclosure] Apple IOS security issue pre-advisory record
  - From: Dave
- Re: [Full-disclosure] Apple IOS security issue pre-advisory record
  - From: Michal Zalewski

References:
- [Full-disclosure] Apple IOS security issue pre-advisory record
  - From: john doe
- Re: [Full-disclosure] Apple IOS security issue pre-advisory record
  - From: adam
- Re: [Full-disclosure] Apple IOS security issue pre-advisory record
  - From: john doe

Prev by Date: Re: [Full-disclosure] Apple IOS security issue pre-advisory record
Next by Date: Re: [Full-disclosure] Apple IOS security issue pre-advisory record
Previous by thread: Re: [Full-disclosure] Apple IOS security issue pre-advisory record
Next by thread: Re: [Full-disclosure] Apple IOS security issue pre-advisory record
Index(es):
- Date
- Thread