On Mon, Mar 26, 2012 at 05:29:28PM +0000, Thor (Hammer of God) wrote: > Making a conclusion of community behavior, good or bad, based on some > indication of a number of clicks on some link is non sequitur. I > actually don't see any reason why one would be surprised by a "security > community" following links anyway. I've got a VM specifically used for > this type of thing, and I know many others do as well. Many probably > *want* the link to be malicious so they can analyze and harvest any > potential attack and see if it is new or interesting. There is no > corollary to qualified behavior from some ambiguous report that "300 > security researchers who should have known better." The link is also publicly accessible via the browser and via RSS: http://seclists.org/fulldisclosure/2012/Mar/262 http://seclists.org/rss/fulldisclosure.rss Assuming "300 security researchers" clicked a link is silly. -- . o . o . o . . o o . . . o . . . o . o o o . o . o o . . o o o o . o . . o o o o . o o o
Attachment:
pgpMLvRSTXZp3.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/