Grow up, really. On Mon, Mar 2, 2009 at 11:41 PM, Valdis' Mustache < [email protected]> wrote:
> I would like to point out that I have been able to create a "hung" > state in the Firefox browser by opening 30 simultaneous tabs pointed > at http://www.welcometointernet.org/lawnmower/ and adding a 31st tab > viewing http://www.hotrussianbrides.com. > > Also, I am not amused. > > > Your humble servant, > Ze Mustache von Kletnieks > > On Mon, Mar 2, 2009 at 10:29 PM, <[email protected]> wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > Dear Nick, > > > > You and Thierry Loller are wrong. > > > > - -bm > > > > On Mon, 02 Mar 2009 21:28:17 -0500 Nick FitzGerald <n...@virus- > > l.demon.co.uk> wrote: > >>Chris Evans to Thierry Zoller: > >> > >>> > Example > >>> > If a chrome tab can be crashed arbritarely (remotely) it is a > >>DoS attack > >>> > but with ridiculy low impact to the end-user as it only > >>crashes the tab > >>> > it was subjected to, and not the whole browser or operation > >>system. > >>> > But the fact remains that this was the impact of a DoS > >>condition, > >>> > the tab crashes arbritarily. > >>> > >>> Eh? If you visit www.evil.com and your tab crashes, that's no > >>> different from www.evil.com closing its own tab with Javascript. > >> > >>But what if www.evil.com has run an injection attack of some kind > >>(SQL, > >>XSS in blog comments, etc, etc) against www.stupid.com? > >> > >>Visitors to stupid.com then suffer a DoS... > >> > >>Yes, stupid.com should run their site better, fix their myriad XSS > >>holes, > >>etc, etc. > >> > >>But this is the Internet, so this "software flaw" can be leveraged > >>as > >>security vulnerability. > >> > >>I'm with Thierry on this... > >> > >> > >>Regards, > >> > >>Nick FitzGerald > >> > >> > >>_______________________________________________ > >>Full-Disclosure - We believe in it. > >>Charter: http://lists.grok.org.uk/full-disclosure-charter.html > >>Hosted and sponsored by Secunia - http://secunia.com/ > > -----BEGIN PGP SIGNATURE----- > > Charset: UTF8 > > Version: Hush 3.0 > > Note: This signature can be verified at https://www.hushtools.com/verify > > > > wpwEAQMCAAYFAkmso8YACgkQhNp8gzZx3sj93AP/a+oFmgLbU2Elo0livpG3c6Qvh8+0 > > b69LocD4LJmaR3NR4H7AHZYJiqm1TegwdTvtgY4sZd0lXi5EKZYTJMl9tj2Pd53fxXFm > > 7eK5yf6oRGggrdOLyDjRkMV3bVnOppwXviMHdk8quxx8sDRxA99ZlKKUA40RXFa5eAhp > > UpXIZ1s= > > =zgqd > > -----END PGP SIGNATURE----- > > > > -- > > Become a medical transcriptionist at home, at your own pace. > > > http://tagline.hushmail.com/fc/BLSrjkqfMmg6RbMKs4GE43pzNkcKJRWafc7cDXj4iASDyccuLtQA2i9f1le/ > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
