funsec mailing list archives
Re: Geeze, you would think THEY would know better!!!
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Mon, 23 Feb 2009 01:50:36 +1300
Jon Kibler wrote:
Okay, I admit that I am lazy. Rather than try to remember (or find in my ton of bookmarks) the home page with HP for the App Sec group that was used to be SpiDynamics, I still use the URL: http://www.spidynamics.com/ Well, that now gives the following error dump! I would think that if ANY group knew better than to expose the guts of their system when an error occurred, it would be HP's App Sec group!!
You're joking, right? These are the same folk who wrote a blog item (very good in what it covered) that included (desevered) comments about open redirectors as a tool the scammers were increasingly using. The post was by a self- described "Security Evangelist" and "expert in web application security". Sadly, the blog-ware they used had its own, trivially obvious to the most cursory of glances, open redirector to provide its "link to the poster's homepage" functionality. Some "web application security expert"... Regards, Nick FitzGerald _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Geeze, you would think THEY would know better!!! Jon Kibler (Feb 21)
- Re: Geeze, you would think THEY would know better!!! Nick FitzGerald (Feb 22)
- Re: Geeze, you would think THEY would know better!!! Hubbard, Dan (Feb 23)
- Re: Geeze, you would think THEY would know better!!! Nick FitzGerald (Feb 22)