Drama queen<br><br><div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">From: n3td3v <<a href="mailto:xploitable@gmail.com">xploitable@gmail.com
</a>><br>Subject: [Full-disclosure] F-Secure to release XSS "potential dangers"<br>To: n3td3v <<a href="mailto:n3td3v@googlegroups.com">n3td3v@googlegroups.com</a>><br>Cc: <a href="mailto:full-disclosure@lists.grok.org.uk">
full-disclosure@lists.grok.org.uk</a><br>Message-ID:<br> <<a href="mailto:4b6ee9310607261206o7f502179r96998366f9959997@mail.gmail.com">4b6ee9310607261206o7f502179r96998366f9959997@mail.gmail.com</a>><br>Content-Type: text/plain; charset=ISO-8859-1; format=flowed
<br><br>[snip]Fortunately no one has tried to inject malcious code... yet.<br><br>We'll finish our draft with more on the potential dangers of XSS for<br>you soon.[/snip]<br><br>See:<br><br><a href="http://www.f-secure.com/weblog/">
http://www.f-secure.com/weblog/</a><br><br>It is a blog entry titled "Netscape hacked".<br><br>F-Secure to encourage Digg script kiddies to hack Netscape properly?<br><br>This is highly irresponsible of F-Secure and they should be held
<br>legally responsible if the information they release in relation to<br>their "Netscape hacked" blog entry is used maliciously.<br><br>F-Secure know the enemy of the Netscape web site are reading their blog:<br>
<br>See:<br><br><a href="http://www.digg.com/tech_news/Netscape_com_HACKED_2">http://www.digg.com/tech_news/Netscape_com_HACKED_2</a><br><br>Yet, F-Secure are going to release XSS information anyway, to better<br>assist those would-be Digg script kids who want to bring harm to the
<br>Netscape, Digg styled web site.<br><br>The only potential danger will be caused by F-Secure, if they go ahead<br>and release the XSS information they promise to release, in the<br>context of Netscape being hacked. It is the wrong context in which to
<br>be talking about releasing malicious XSS code examples. F-Secure will<br>be F-Secure I guess though. Time for important people in the security<br>industry to back me up on this one.<br><br>Thanks,<br><br>n3td3v<br><br>
</blockquote></div><br>