[Owasp-Malaysia] How do you disclose vulnerabilities ethically?

Albert Siow albert_siow at yahoo.com
Wed Mar 23 22:51:32 EDT 2011


If u can't resist your temptation and post non-OWASP related topic. It will set an acceptance rule for others to post something even more unrelated such as how to hack ur boss laptop, where to download latest movie, or best proton inspira hack in town because they can't resist to share as well. Then what is the difference between OWASP and lowyat forum?

Your intention and effort is appreciated but this is Open Web Application Security Project forum where we discuss about web application. Hope you understand this.

--- On Thu, 3/24/11, najmi.zabidi at gmail.com <najmi.zabidi at gmail.com> wrote:

> From: najmi.zabidi at gmail.com <najmi.zabidi at gmail.com>
> Subject: Re: [Owasp-Malaysia] How do you disclose vulnerabilities ethically?
> To: "Open Web Application Security Project (OWASP) Malaysia Local Chapter" <owasp-malaysia at lists.owasp.org>
> Date: Thursday, March 24, 2011, 10:02 AM
> i need to enroll some psychological
> disorder group.
> can't resist to post.
> 
> maybe i should unsubscribe, can't resist the temptation to
> post unrelated topic.
> 
> yeah, got blog too.
> but don't feel like i want to share.
> 
> 
> 
> On 3/24/11, Native19 <native19 at gmail.com>
> wrote:
> > haha najmi chill out come on be positive lar we just
> helping to make
> > sure the chapter has better content so that everyone
> has a gain from
> > it..i suggest putting up your own blog..i'll be a
> frequent reader cos
> > there is always interesting content from you :)
> >
> > On Thu, Mar 24, 2011 at 9:42 AM, najmi.zabidi at gmail.com
> > <najmi.zabidi at gmail.com>
> wrote:
> >> All right, will be dead silent.
> >> OWASP isn't my thing. SORRY!
> >>
> >>
> >>
> >> On Thu, Mar 24, 2011 at 9:38 AM, Native19 <native19 at gmail.com>
> wrote:
> >>> i got to agree with albert i suggest
> discussing something more web
> >>> related like this
> >>>
> >>> http://jeremiahgrossman.blogspot.com/2011/02/top-ten-web-hacking-techniques-of-2011.html
> >>>
> >>> thanks
> >>> native19
> >>>
> >>> On Thu, Mar 24, 2011 at 9:34 AM, Albert Siow
> <albert_siow at yahoo.com>
> >>> wrote:
> >>>> Guy,
> >>>>  This has been widely discussed in
> SecurityFocus forum, it won't be
> >>>> necessary to discuss here. Further more,
> this is NOT a Web Security
> >>>> Issue!
> >>>>
> >>>>
> >>>> --- On Thu, 3/24/11, najmi.zabidi at gmail.com
> <najmi.zabidi at gmail.com>
> >>>> wrote:
> >>>>
> >>>>> From: najmi.zabidi at gmail.com
> <najmi.zabidi at gmail.com>
> >>>>> Subject: [Owasp-Malaysia] How do you
> disclose vulnerabilities
> >>>>> ethically?
> >>>>> To: "owasp-malaysia" <owasp-malaysia at lists.owasp.org>
> >>>>> Date: Thursday, March 24, 2011, 8:57
> AM
> >>>>> Hi,
> >>>>>
> >>>>> This is recent SCADA vulnerabilities
> publicly disclosed
> >>>>>
> >>>>> Full-disclosure advisories and
> proof-of-concepts:
> >>>>>
> >>>>> http://seclists.org/bugtraq/2011/Mar/187
> >>>>>
> >>>>>
> >>>>> If you track down the thread, the
> emails later "discuss" on
> >>>>> public
> >>>>> disclosure without vendor being
> notified beforehand.
> >>>>>
> >>>>> De Raadt reponse:
> >>>>> http://seclists.org/bugtraq/2011/Mar/236
> >>>>>
> >>>>>
> >>>>> But I keep wonder why SCADA has to be
> connected through
> >>>>> Internet? Does
> >>>>> "Die Hard 4" not teach you anything?
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>> --
> >>>>> Join #ISOC [Internet Society] today
> and create connections
> >>>>> with
> >>>>> Internet Users around the world!
> >>>>>
> >>>>> Simplified Link: http://goo.gl/xmG90
> >>>>>
> _______________________________________________
> >>>>> Owasp-Malaysia mailing list
> >>>>> Owasp-Malaysia at lists.owasp.org
> >>>>> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
> >>>>>
> >>>>> OWASP Malaysia Wiki
> >>>>> http://www.owasp.my
> >>>>>
> >>>>> OWASP Malaysia Facebook
> >>>>> http://www.facebook.com/OWASP.Malaysia
> >>>>>
> >>>>> OWASP Malaysia Twitter #owaspmy
> >>>>> http://www.twitter.com/owaspmy
> >>>>>
> >>>>
> >>>>
> >>>>
> >>>>
> _______________________________________________
> >>>> Owasp-Malaysia mailing list
> >>>> Owasp-Malaysia at lists.owasp.org
> >>>> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
> >>>>
> >>>> OWASP Malaysia Wiki
> >>>> http://www.owasp.my
> >>>>
> >>>> OWASP Malaysia Facebook
> >>>> http://www.facebook.com/OWASP.Malaysia
> >>>>
> >>>> OWASP Malaysia Twitter #owaspmy
> >>>> http://www.twitter.com/owaspmy
> >>>>
> >>>
> _______________________________________________
> >>> Owasp-Malaysia mailing list
> >>> Owasp-Malaysia at lists.owasp.org
> >>> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
> >>>
> >>> OWASP Malaysia Wiki
> >>> http://www.owasp.my
> >>>
> >>> OWASP Malaysia Facebook
> >>> http://www.facebook.com/OWASP.Malaysia
> >>>
> >>> OWASP Malaysia Twitter #owaspmy
> >>> http://www.twitter.com/owaspmy
> >>>
> >>
> >>
> >>
> >> --
> >> Join #ISOC [Internet Society] today and create
> connections with
> >> Internet Users around the world!
> >>
> >> Simplified Link: http://goo.gl/xmG90
> >> _______________________________________________
> >> Owasp-Malaysia mailing list
> >> Owasp-Malaysia at lists.owasp.org
> >> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
> >>
> >> OWASP Malaysia Wiki
> >> http://www.owasp.my
> >>
> >> OWASP Malaysia Facebook
> >> http://www.facebook.com/OWASP.Malaysia
> >>
> >> OWASP Malaysia Twitter #owaspmy
> >> http://www.twitter.com/owaspmy
> >>
> > _______________________________________________
> > Owasp-Malaysia mailing list
> > Owasp-Malaysia at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/owasp-malaysia
> >
> > OWASP Malaysia Wiki
> > http://www.owasp.my
> >
> > OWASP Malaysia Facebook
> > http://www.facebook.com/OWASP.Malaysia
> >
> > OWASP Malaysia Twitter #owaspmy
> > http://www.twitter.com/owaspmy
> >
> 
> 
> -- 
> Join #ISOC [Internet Society] today and create connections
> with Internet
> Users around the world!
> 
> Simplified Link: http://goo.gl/xmG90
> _______________________________________________
> Owasp-Malaysia mailing list
> Owasp-Malaysia at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
> 
> OWASP Malaysia Wiki
> http://www.owasp.my
> 
> OWASP Malaysia Facebook
> http://www.facebook.com/OWASP.Malaysia
> 
> OWASP Malaysia Twitter #owaspmy
> http://www.twitter.com/owaspmy
> 


      


More information about the Owasp-Malaysia mailing list