Re: [Full-Disclosure] Re: iDEFENSE Labs Website Launch (iDEFENSE Labs)

From: Joachim Schipper (j.schipper_at_math.uu.nl)
Date: 02/18/05

  • Next message: class 101: "[Full-Disclosure] [HAT-SQUAD] 3com 3CDaemon FTP Unauthorized "USER" Remote BOverflow" 
    Date: Fri, 18 Feb 2005 16:47:34 +0100
To: full-disclosure@lists.netsys.com

    On Fri, Feb 18, 2005 at 07:53:29AM -0500, Edge, Ronald D wrote:
    > > Date: Thu, 17 Feb 2005 12:20:30 -0500
    > > From: "iDEFENSE Labs" <labs-no-reply@idefense.com>
    > > Subject: [Full-Disclosure] iDEFENSE Labs Website Launch
    > > To: <full-disclosure@lists.netsys.com>,
    > > <dailydave@lists.immunitysec.com>,
    > > <bugtraq@securityfocus.com>
    > > Message-ID:
    > > <FB24803D1DF2A34FA59FC157B77C970503E244C3@idserv04.idef.com>
    > > Content-Type: text/plain; charset="us-ascii"
    > >
    > > iDEFENSE Labs is pleased to announce the launch of our community site:
    > >
    > > http://labs.idefense.com
    >
    > Funny. All I get is a blank white page. Could it be you are expecting me
    > to trust your site, turn off all my defenses, turn on scripting, to view
    > the page? You're kidding right, this is just a joke to test participants
    > gullibility, right?
    >
    > Ron.

    To be fair, it can be circumvented by just reading the source. However,
    while Wetware/1.0 is a rather secure Javascript interpreter, it suffers
    from lack of speed.

    In short, I gave up when I got another blank page after finding their
    front page. Looks like the guys at iDEFENSE are not prepared for this
    kind of paranoia...
     
    Other than the fact it's not really accessible without enabling
    Javascript, it might be a fine site, though.

                    Joachim
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: class 101: "[Full-Disclosure] [HAT-SQUAD] 3com 3CDaemon FTP Unauthorized "USER" Remote BOverflow"