http://neosmart.net/blog/2006/an-argument-for-full-disclosure/ Connecting Ideas Sat, 07 Nov 2009 18:31:11 +0000 http://wordpress.org/?v=2.8.5 hourly 1 http://neosmart.net/blog/2006/an-argument-for-full-disclosure/#comment-174450 Severe Gmail Security Vulnerability (Updated) — The NeoSmart Files Mon, 23 Jun 2008 19:17:33 +0000 http://neosmart.net/blog/archives/269#comment-174450 [...] we've previously mentioned, NeoSmart Technologies is a big proponent of Full Disclosure. We've contacted the security department at Google and will post their reply if/when it's [...] [...] we’ve previously mentioned, NeoSmart Technologies is a big proponent of Full Disclosure. We’ve contacted the security department at Google and will post their reply if/when it’s [...]

]]> http://neosmart.net/blog/2006/an-argument-for-full-disclosure/#comment-6766 :: Phishmarkt :: Tue, 31 Oct 2006 11:15:48 +0000 http://neosmart.net/blog/archives/269#comment-6766 [...] Allgemeine Links April 2004 T-hackDiese Beschreibung bezieht sich zwar primär auf anderer Sicherheitslücken, zeigt aber mit welchen Methoden betroffenen Unternehmen gegen die Entdecker vorgehen.Juli 06 Detecting, Analyzing, and Exploiting Intranet Applications using JavaScriptPaper, das beschreibt wie man JavaScript benutzen kann, um ein Netzwerk (LAN) hinter der Firewall weitgehend unbemerkt zu analysieren und die Daten unbermerkt zu versenden.Oktober 06 “Heise’s demonstration of the supposed vulnerabilities involved inserting a fake page into the online banking systems of the various banks using so-called frame spoofing attacks which exploit vulnerabilities that can exist in web pages that ‘frame’ content within a page.”Oktober 06 Full DisclosureAn Argument for Full Disclosure. [...]

]]> http://neosmart.net/blog/2006/an-argument-for-full-disclosure/#comment-6740 :: Phishmarket :: Mon, 30 Oct 2006 04:15:22 +0000 http://neosmart.net/blog/archives/269#comment-6740 [...] General Links April 2004 T-hackDiese Beschreibung bezieht sich zwar primär auf anderer Sicherheitslücken, zeigt aber mit welchen Methoden betroffenen Unternehmen gegen die Entdecker vorgehen.Juli 06 Detecting, Analyzing, and Exploiting Intranet Applications using JavaScriptPaper, das beschreibt wie man JavaScript benutzen kann, um ein Netzwerk (LAN) hinter der Firewall weitgehend unbemerkt zu analysieren und die Daten unbermerkt zu versenden.Oktober 06 “Heise’s demonstration of the supposed vulnerabilities involved inserting a fake page into the online banking systems of the various banks using so-called frame spoofing attacks which exploit vulnerabilities that can exist in web pages that ‘frame’ content within a page.”Oktober 06 Full DisclosureAn Argument for Full Disclosure. [...]

]]> http://neosmart.net/blog/2006/an-argument-for-full-disclosure/#comment-6324 An Argument for Full Disclosure Mon, 09 Oct 2006 17:51:24 +0000 http://neosmart.net/blog/archives/269#comment-6324 [...] RSS 1.0An Argument for Full DisclosureNeoSmart Technologies is a big proponent of Full Disclosure when dealing with security vulnerabilities. Many coders and general online denizens think that’s not a very nice thing to do – that it creates more harm than it helps; but if you look at the alternatives it becomes obvious that not only is Full Disclosure not an extreme view/course of action but rather the only real middle ground there is for dealing with 0-day flaws. Neo Smart, October 09, 2006 11:27 GMT+01http://neosmart.net/blog/archives/269Contact | Copyright © 1995 – 2006 by FIRST.org, Inc.View this page as a member  [...]

]]>