[Owasp-board] Proposed policy on unauthorized hacking at conferences

Eoin eoin.keary at owasp.org
Sat Oct 27 16:11:25 UTC 2012


Yes sounds good.

Eoin Keary
Owasp Global Board
+353 87 977 2988


On 26 Oct 2012, at 09:57, Mark Bristow <mark.bristow at owasp.org> wrote:

> GCC,
> 
> See below.  I would think its self explanatory but apparently not.
> 
> I'd like to propose the following new policy:
> 
> Any attendee discovered conducting unauthorized access (physical or electronic) at an OWASP hosted event will be immediately asked to leave without refund.  The victim of the unauthorized access will be notified and the matter referred to to board for consideration further action.
> 
> -Mark
> 
> Sent from my wireless device
> 
> Begin forwarded message:
> 
>> From: "gregory.disney" <gregory.disney at owasp.org>
>> Date: October 25, 2012, 11:58:42 PM EDT
>> To: owasp-leaders at lists.owasp.org, OWASP AppSec USA <appsecusa at owasp.org>
>> Subject: [Owasp-leaders] Connect to Hyatt router at appsec
>> 
>> ESSID: Hyatt
>> http://207.238.37.130/superclick/hsia_accept.php
>> just click the link and run
>> There is no real authentication on the server, tisk tisk for zero security on a Debian server. 
>> OWASP Zap found this exploit in 10 mins
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20121027/1a46f312/attachment.html>


More information about the Owasp-board mailing list