funsec mailing list archives
Re: Bad idea. Bad.
From: Valdis.Kletnieks () vt edu
Date: Wed, 22 Feb 2006 17:36:57 -0500
On Wed, 22 Feb 2006 16:26:18 CST, Todd Towles said:
Valdis wrote:"JavaScript" as an example of a sandbagged executable. This crew just blew their credibility. ;)Then that credibility disppears on the second sentence of a 25+ page abstract PDF. http://www.ravenwhite.com/files/activecookies_--_2_Feb_06.pdf
A quick perusal indicates that they didn't consider the case of a phish setting its own active cookie that would authenticate the phish website. Of course, I zipped through it, so maybe I missed it....
Attachment:
_bin
Description:
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- RE: Bad idea. Bad. Todd Towles (Feb 22)
- Re: Bad idea. Bad. Valdis . Kletnieks (Feb 22)
- <Possible follow-ups>
- RE: Bad idea. Bad. Todd Towles (Feb 22)