[Owasp-Malaysia] How do you disclose vulnerabilities ethically?

Native19 native19 at gmail.com
Wed Mar 23 21:47:23 EDT 2011


haha najmi chill out come on be positive lar we just helping to make
sure the chapter has better content so that everyone has a gain from
it..i suggest putting up your own blog..i'll be a frequent reader cos
there is always interesting content from you :)

On Thu, Mar 24, 2011 at 9:42 AM, najmi.zabidi at gmail.com
<najmi.zabidi at gmail.com> wrote:
> All right, will be dead silent.
> OWASP isn't my thing. SORRY!
>
>
>
> On Thu, Mar 24, 2011 at 9:38 AM, Native19 <native19 at gmail.com> wrote:
>> i got to agree with albert i suggest discussing something more web
>> related like this
>>
>> http://jeremiahgrossman.blogspot.com/2011/02/top-ten-web-hacking-techniques-of-2011.html
>>
>> thanks
>> native19
>>
>> On Thu, Mar 24, 2011 at 9:34 AM, Albert Siow <albert_siow at yahoo.com> wrote:
>>> Guy,
>>>  This has been widely discussed in SecurityFocus forum, it won't be necessary to discuss here. Further more, this is NOT a Web Security Issue!
>>>
>>>
>>> --- On Thu, 3/24/11, najmi.zabidi at gmail.com <najmi.zabidi at gmail.com> wrote:
>>>
>>>> From: najmi.zabidi at gmail.com <najmi.zabidi at gmail.com>
>>>> Subject: [Owasp-Malaysia] How do you disclose vulnerabilities ethically?
>>>> To: "owasp-malaysia" <owasp-malaysia at lists.owasp.org>
>>>> Date: Thursday, March 24, 2011, 8:57 AM
>>>> Hi,
>>>>
>>>> This is recent SCADA vulnerabilities publicly disclosed
>>>>
>>>> Full-disclosure advisories and proof-of-concepts:
>>>>
>>>> http://seclists.org/bugtraq/2011/Mar/187
>>>>
>>>>
>>>> If you track down the thread, the emails later "discuss" on
>>>> public
>>>> disclosure without vendor being notified beforehand.
>>>>
>>>> De Raadt reponse:
>>>> http://seclists.org/bugtraq/2011/Mar/236
>>>>
>>>>
>>>> But I keep wonder why SCADA has to be connected through
>>>> Internet? Does
>>>> "Die Hard 4" not teach you anything?
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Join #ISOC [Internet Society] today and create connections
>>>> with
>>>> Internet Users around the world!
>>>>
>>>> Simplified Link: http://goo.gl/xmG90
>>>> _______________________________________________
>>>> Owasp-Malaysia mailing list
>>>> Owasp-Malaysia at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>>>>
>>>> OWASP Malaysia Wiki
>>>> http://www.owasp.my
>>>>
>>>> OWASP Malaysia Facebook
>>>> http://www.facebook.com/OWASP.Malaysia
>>>>
>>>> OWASP Malaysia Twitter #owaspmy
>>>> http://www.twitter.com/owaspmy
>>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> Owasp-Malaysia mailing list
>>> Owasp-Malaysia at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>>>
>>> OWASP Malaysia Wiki
>>> http://www.owasp.my
>>>
>>> OWASP Malaysia Facebook
>>> http://www.facebook.com/OWASP.Malaysia
>>>
>>> OWASP Malaysia Twitter #owaspmy
>>> http://www.twitter.com/owaspmy
>>>
>> _______________________________________________
>> Owasp-Malaysia mailing list
>> Owasp-Malaysia at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>>
>> OWASP Malaysia Wiki
>> http://www.owasp.my
>>
>> OWASP Malaysia Facebook
>> http://www.facebook.com/OWASP.Malaysia
>>
>> OWASP Malaysia Twitter #owaspmy
>> http://www.twitter.com/owaspmy
>>
>
>
>
> --
> Join #ISOC [Internet Society] today and create connections with
> Internet Users around the world!
>
> Simplified Link: http://goo.gl/xmG90
> _______________________________________________
> Owasp-Malaysia mailing list
> Owasp-Malaysia at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>
> OWASP Malaysia Wiki
> http://www.owasp.my
>
> OWASP Malaysia Facebook
> http://www.facebook.com/OWASP.Malaysia
>
> OWASP Malaysia Twitter #owaspmy
> http://www.twitter.com/owaspmy
>


More information about the Owasp-Malaysia mailing list