[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Apple IOS security issue pre-advisory record



On Mon, Mar 26, 2012 at 05:29:28PM +0000, Thor (Hammer of God) wrote:
> Making a conclusion of community behavior, good or bad, based on some
> indication of a number of clicks on some link is non sequitur.   I
> actually don't see any reason why one would be surprised by a "security
> community" following links anyway.  I've got a VM specifically used for
> this type of thing, and I know many others do as well.  Many probably
> *want* the link to be malicious so they can analyze and harvest any
> potential attack and see if it is new or interesting.   There is no
> corollary to qualified behavior from some ambiguous report that "300
> security researchers who should have known better."

The link is also publicly accessible via the browser and via RSS:

    http://seclists.org/fulldisclosure/2012/Mar/262
    http://seclists.org/rss/fulldisclosure.rss

Assuming "300 security researchers" clicked a link is silly.

--
. o .   o . o   . . o   o . .   . o .
. . o   . o o   o . o   . o o   . . o
o o o   . o .   . o o   o o .   o o o

Attachment: pgpMLvRSTXZp3.pgp
Description: PGP signature

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/