On 2/4/2014 6:36 PM, Mark Litchfield wrote: > On 2/4/2014 3:13 PM, security curmudgeon wrote: >> : > This is not the behavior of the site as of 48 hours ago. >> >> : Let me check. Normal registration should also be available ? Infact I >> : will remove the registration. >> : >> : The purpose of this whole registration in the first place was to allow >> : for future postings I am going to make later this week that would only >> : be available to registered users. Not necessarily vulnerabilities, but >> : useful "stuff" for pentesting. Also all registered users would be >> given >> : a 48 hours head start on any new vulnerabilities that I post in the >> : future. >> >> Which is great, but I strongly recommend you allow a site-specific >> registration for such purposes. Giving up one of the two dominant social >> media accounts for it is excessive.
> I should add, I am all for constructive criticism. But a public forum > is not really the place. Feel free to email me directly. Yes, it is. This is a security forum. Your authentication mechanism is a major security issue. The damn thing should get its own CVE. Think about it and you'll see the point. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
