full-disclosure-uk May 2007 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: Re: [Full-disclosure] Month of ActiveX Bug

Re: [Full-disclosure] Month of ActiveX Bug

From: Felix von Leitner <felix-fulldisclosure_at_nospam>
Date: Fri May 04 2007 - 00:05:26 GMT
To: full-disclosure@lists.grok.org.uk

> Looks like this has turned into the Month of Officeocx bugs, since the
> first 3 are components sold in that package.

> <snore...>

So, where are you ActiveX bugs, then? Ever found anything? Ever? I think you couldn't find your way out of your garage, but that's just me.

Why don't you do a month of eweek bugs. We won't limit you at all. Any bug counts. Even XSS bugs in open source perl webmail apps. Anything? Do you have even ONE?

Didn't think so.

> Larry Seltzer
> eWEEK.com Security Center Editor
> [1]http://security.eweek.com/
> [2]http://blogs.eweek.com/cheap_hack/
> Contributing Editor, PC Magazine
> larryseltzer@ziffdavis.com

Yeah, man, that is, like, an impressive .sig, man. And your credentials are stunning. Stunning!1!!

Overall, your whole work is breathtaking. You just reported on Symantec's "ThreatCon" level going down from 2 to 1. Your mom must be so proud of you. It takes some serious training to do that.

And I can only imagine what a high point that /Gs idea of yours was, particularly when someone pointed you to the public blog entry in Michael Howard's blog that says they already have it. Lesser people would have googled before blogging, uh, writing a column about it, but not you.

Have you ever done anything in your life that could explain even half the ego you give us the privilege to be showered with here?


PS: Nothing personal, I hate all journalists who piss on other people's bug finding efforts, but then make money reporting on said bugs.

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/