Re: [Full-Disclosure] Browser bugs [DoS] ... where will you draw a line?
From: Heikki Toivonen (hjtoi_at_comcast.net)
To: email@example.com Date: Fri, 09 Apr 2004 10:43:19 -0700
bipin gautam wrote:
> Browser bugs [DoS] ... where will you draw a line?
Browser DoS bugs don't get high priority because they are so easy to
avoid. For example, if you go to a website that crashes your browser,
hangs it, or launches 10,000 popup windows you can simply kill the
browser and never go to that site again. Annoying, yes, but that's about it.
DoS bugs that cause permanent damage are treated differently, of course.
For example, I could imagine a bug that would corrupt some critical file
and the browser would no longer start. Those bugs would be fixed fast,
like traditional security vulnerabilities.
-- Heikki Toivonen _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html