Re: [Full-disclosure] Major Greek bank sites with SSL vulnerable to XSS and open redirects

On Mon, May 11, 2009 at 10:33 AM, Paul Schmehl <pschmehl_lists@tx.rr.com> wrote:
> --On May 10, 2009 1:08:51 PM -0500 James Matthews <nytrokiss@gmail.com>
> wrote:
>
> >
> > Why are these banks still using ASP? It's insecure by default!
>
> Everything is insecure by default.  There is no such thing as secure by
> default.  Those that assume there is are the first to be hacked.

cute (old) opinion, but fairly useless in practice.

> Paul Schmehl, If it isn't already
> obvious, my opinions are my own
> and not those of my employer.
> ******************************************
> WARNING: Check the headers before replying
-- silky _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

• This message: [ Message body ]
• Next message: Valdis.Kletnieks_at_nospam: "Re: [Full-disclosure] Major Greek bank sites with SSL vulnerable to XSS and open redirects"
• Previous message: Paul Schmehl: "Re: [Full-disclosure] Major Greek bank sites with SSL vulnerable to XSS and open redirects"
• In reply to: Paul Schmehl: "Re: [Full-disclosure] Major Greek bank sites with SSL vulnerable to XSS and open redirects"
• Next in thread: Valdis.Kletnieks_at_nospam: "Re: [Full-disclosure] Major Greek bank sites with SSL vulnerable to XSS and open redirects"
• Reply: Valdis.Kletnieks_at_nospam: "Re: [Full-disclosure] Major Greek bank sites with SSL vulnerable to XSS and open redirects"

• Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]