Greetings!
> I believe Germany passed a law about exploits and/or "security
> tools".[...] I *believe* it is taken pretty seriously in
> Germany though.
Of course it's taken seriously here in Germany.
We take EVERYTHING seriously.
;-)
The law (ยง202c StGB) and its application already have b
Real people can die if you move the right electrons attached to say life
support systems in buildings, water treatment plants, hydro electric dams, and
power stations. Real people will be affected if you manipulate electrons
associated with banking, investing and finance.
Mark
Mark Brunner
True, s/ware is different from a gun. I mostly meant it tongue in cheek.
But I can't help but wonder, what with the increase of people learning to
code (mind you, there's a diff between hobby and serious, I accept that),
and the whole Internet of Things, and the fact that most modern hardware
(nucl
After a dozen-ish years of Nikto and some other tools, it's not been a
problem for me either.
However, it doesn't have to be illegal for someone to sue you, or include
you in a court case, which can ruin your day and possibly cost you money
regardless of right or wrong. Having disclaimers and a l
I believe Germany passed a law about exploits and/or "security tools". Also
in the UK, some of the amendments to the CMA has a statement about
distributing "articles" which some believe also includes software. I don't
know of any case in the UK though where someone has gotten into trouble
with this
Hi Paula,
SOHO router security is quite bad. This is far from an isolated ping
injection as most home routers don't bother to sanitize input going to
ping functionality. It is common enough that I have begun just
referring to it as ping injection.
FYI - For tracking purposes, the CVE I had assig
There is a serious flaw at TxTag.org, the Texas Department of
Transportation's toll road account management system. This flaw exposes
personal information for the (as of December 31) 1.2 million drivers with
active TxTags, including names, full mailing addresses, email addresses,
phone numbers, and
==
Privacy-Preserving IR: When Information Retrieval Meets Privacy and
Security (*PIR Workshop 2014*)
http://cs-sys-1.uis.georgetown.edu/~sz303/sigir2014-pir-workshop/
At *SIGIR* *2014*, July 11 2014, Gold Coast, Australia
Software is SO different to a gun... you can't really compare them.
Real people will die in most cases when a gun is misused, only
electrons are disturbed (in the great majority of cases) if you misuse
a hacking tool.
On Fri, Apr 4, 2014 at 3:50 PM, Not EcksKaySeeDee
wrote:
> Re: Use of a disclai
Hi. As w3af's project leader I've not received any legal threats over
the seven years this project has been alive.
Only a couple of months ago, and just to be sure, I added this
disclaimer which users need to accept to run the tool.
DISCLAIMER = """Usage of w3af for sending any traffic to a targe
If I recall correctly, version 1 of metasploit actually had exploits for
*live* sites (a bank) and things, so that is obviously an issue. I don't
even think you will find a copy of the first version of metasploit (does HD
have one locked up somewhere, who knows).
Currently, metasploit is a hammer.
Greetings
I am a security researcher who is working on a project in my free time,
without going into details - the project will end with a powerful tool
being publicly released.
Obviously most cyber security tools have the potential for abuse. What sort
of legal hurdles (if any) do you need to ov
=[Alligator Security Team - Security Advisory]
Reflected Cross-Site Scripting within the ASUS RT-AC68U Managing Web Interface
Author: Joaquim Brasil de Oliveira < palulabrasil () gmail com >
< twitter.com/palulabr >
=
=[Alligator Security Team - Security Advisory]
Remote Command Execution within the ASUS RT-AC68U Managing Web Interface
Author: Joaquim Brasil de Oliveira < palulabrasil () gmail com >
< twitter.com/palulabr >
=[Table
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Phrack Security Advisory 2014-001
=
Topic: Paper leak on release timeout
Version:Phrack-current:affected from 2014-04-04 onwards
Phrack 1985-
Hi all,
Several XMPP server implementations that support application-layer
compression (XEP-0138) suffer from an uncontrolled resource consumption
vulnerability (CWE-400). This vulnerability can be remotely exploited by
attackers to mount Denial-of-Service attacks by sending
highly-compresse
Much of the infosec industry is perpetuating lies. It may have started
with good reason but now it's a huge mess. And those lies have become
part of the culture, the education, and the laws. It's a huge scam.
"We have many new infosec professionals joining the workforce every
year who have been sc
17 matches
Mail list logo