WebApp Sec mailing list archives
limits of end-user "testing"
From: Jeff Robertson <jeff.robertson () digitalinsight com>
Date: Wed, 16 Nov 2005 10:19:15 -0500
People occasionally ask me if I can help them figure out if the online banking site they use is secure. I tell them not unless the bank hires me to do so. Is there *anything* that an end user can do in the way of checking for the Top 10 type of problems, that would be considered "fair use" (I know.. copyright law term, not really applicable here) or "self-defense" rather than malicious? For purposes of simplicity and relevance to my current location, lets assume that both the user, the website, and the company that owns the site are all in the U.S.
Current thread:
- limits of end-user "testing" Jeff Robertson (Nov 17)
- Re: limits of end-user "testing" Andrew van der Stock (Nov 17)
- Re: limits of end-user "testing" Kurt Seifried (Nov 17)
- Re: limits of end-user "testing" Andrew van der Stock (Nov 17)
- Re: limits of end-user "testing" Javier Fernandez-Sanguino (Nov 22)
- Re: limits of end-user "testing" Daniel (Nov 27)
- Re: limits of end-user "testing" Kurt Seifried (Nov 17)
- Re: limits of end-user "testing" Javier Fernandez-Sanguino (Nov 22)
- Re: limits of end-user "testing" Andrew van der Stock (Nov 17)
- <Possible follow-ups>
- RE: limits of end-user "testing" Luke Fraser (Nov 17)
- Re: limits of end-user "testing" byte_jump (Nov 17)