The notion that this list is only for reporting bugs in software that isn't in beta is absurd. If there's a major vulnerablity in gaim or firefox I'd expect to hear about them on this list. (Both are in beta (firefox is alpha I think they like to say these days?)) If there is a large userbase using it that is vulnerable to a security concern then it should be on this list. That's what this list is about, making people aware and sharing new security vulnerabilities.
So stop shouting that (s)he's losing "credibility" in the "scene." In my eyes he gained a lot by actually classifying his neat little hack by saying it's got a really low severity. (And by finding a small hole in gmail, there's plenty of people looking and google has some great coders.) More "respected" security firms should take a leaf from his/her book and learn to mark severity of their discoveries correctly. (And really? The security "scene?" What is this too you, a little social teaparty?) ~D.J. Capelis~ Security and Cryptography Researcher --- System Outage <[EMAIL PROTECTED]> wrote: > Gmail service is in Beta. You have no > credibility posting this advisory. The correct > channel to post such "bugs" is the Gmail > contact link for "bug reports". > > If you weren't a script kiddie or scene whore, > you would have known to hold information until > such a time that Gmail became a public service. > > Then and only then would anyone take this > advisory seriously! > > You obviously have no understanding of the > "Beta" state of a development. The fact that a > team of developers are in the state of "Beta" > means that the developers are fully aware the > service may not be entirely secure and they > wish feedback via Google's own beta "bug > report" channels. > > All in all, this is a "beta bug report" and > nothing else. If you had waited until the Gmail > dev team declared gmail a public release, you > would have gained more respect in the security > community scene. > > Cheerio > __________________________________ Do you Yahoo!? New and Improved Yahoo! Mail - 100MB free storage! http://promotions.yahoo.com/new_mail _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html