On Mon, Mar 26, 2012 at 05:29:28PM +0000, Thor (Hammer of God) wrote:
> Making a conclusion of community behavior, good or bad, based on some
> indication of a number of clicks on some link is non sequitur. I
> actually don't see any reason why one would be surprised by a "security
> community" following links anyway. I've got a VM specifically used for
> this type of thing, and I know many others do as well. Many probably
> *want* the link to be malicious so they can analyze and harvest any
> potential attack and see if it is new or interesting. There is no
> corollary to qualified behavior from some ambiguous report that "300
> security researchers who should have known better."
The link is also publicly accessible via the browser and via RSS:
http://seclists.org/fulldisclosure/2012/Mar/262
http://seclists.org/rss/fulldisclosure.rss
Assuming "300 security researchers" clicked a link is silly.
--
. o . o . o . . o o . . . o .
. . o . o o o . o . o o . . o
o o o . o . . o o o o . o o o
Attachment:
pgpMLvRSTXZp3.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/