Re: [Full-Disclosure] (no subject)
Date: Fri Dec 05 2003 - 20:18:54 CST
On Sat, 06 Dec 2003 11:00:35 +1300, Nick FitzGerald <nick@virus-l.demon.co.uk> said:
> First, some genius (or committee thereof) decided that putting
> "userinfo" data into URLs would be a good idea. This was decided
> despite it generally being agreed -- as the URL RFC authors note _in
> the RFC_ -- to be a bad thing from a security perspective...
I'm sure the guys at 61.252.126.191 don't give a flying fornicate in a rolling
donut about how it's a bad thing from a security perspective, seeing how the
PTR for that IP is somewhere in KRNIC.NET controlled space.
Or are we now holding scammers to a higher standard of security than the
actual site admins? :)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- application/pgp-signature attachment: stored
This archive was generated by hypermail 2.1.8 : Fri Dec 05 2003 - 21:01:01 CST
