Re: [Full-Disclosure] Browser bugs [DoS] ... where will you draw a line?

From: Heikki Toivonen (hjtoi_at_comcast.net)
Date: 04/09/04

  • Next message: Thomas Vincent: "Re: [Full-Disclosure] Trojan Horse for Mac OS X"
    To: full-disclosure@lists.netsys.com
    Date: Fri, 09 Apr 2004 10:43:19 -0700
    
    

    bipin gautam wrote:
    > Browser bugs [DoS] ... where will you draw a line?

    Browser DoS bugs don't get high priority because they are so easy to
    avoid. For example, if you go to a website that crashes your browser,
    hangs it, or launches 10,000 popup windows you can simply kill the
    browser and never go to that site again. Annoying, yes, but that's about it.

    DoS bugs that cause permanent damage are treated differently, of course.
    For example, I could imagine a bug that would corrupt some critical file
    and the browser would no longer start. Those bugs would be fixed fast,
    like traditional security vulnerabilities.

    -- 
       Heikki Toivonen
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html
    

  • Next message: Thomas Vincent: "Re: [Full-Disclosure] Trojan Horse for Mac OS X"