mrkitty - Slashdot User

Comment Democratic society without religion? (Score 4, Interesting) 1142

by mrkitty on Thursday October 18, 2012 @11:21AM (#41693979) Attached to: Ask Richard Dawkins About Evolution, Religion, and Science Education

Do you believe a democratic society can exist which has no form of religion in its laws, or within government?

Comment Cross-site Scripting FAQ (Score 1) 56

by mrkitty on Wednesday September 21, 2011 @05:30PM (#37473692) Attached to: Adobe Pushes Emergency Flash Player Security Fix

Cross-site Scripting FAQ http://www.cgisecurity.com/xss-faq.html

Comment Known in 2008 and blogged (Score 2) 133

by mrkitty on Wednesday January 26, 2011 @12:49PM (#35010732) Attached to: Abusing HTTP Status Codes To Expose Private Info

http://jeremiahgrossman.blogspot.com/2008/03/login-detection-whose-problem-is-it.html

Comment The Cross-site Scripting (XSS) FAQ (Score 4, Informative) 102

by mrkitty on Monday October 04, 2010 @12:12PM (#33785632) Attached to: Geolocation XSS Tracker Proof of Concept

The XSS FAQ
http://www.cgisecurity.com/xss-faq.html

Comment The Cross-site Scripting FAQ and Resources (Score 1) 214

by mrkitty on Tuesday April 13, 2010 @11:46AM (#31834040) Attached to: Apache Foundation Attacked, Passwords Stolen

XSS FAQ
http://www.cgisecurity.com/xss-faq.html

WASC Threat Classification - Cross-site Scripting
http://projects.webappsec.org/Cross-Site+Scripting

Comment Sounds like the cause could be (Score 1) 135

by mrkitty on Thursday January 07, 2010 @05:00PM (#30688198) Attached to: Hotmailers Hawking Hoax Hunan Half-Offs

A CSRF vulnerability?

Nmap 5.00 Released, With Many Improvements 73

Posted by timothy on Thursday July 16, 2009 @02:50PM from the ok-now-release-another-nsfw-introduction dept.

iago-vL writes "The long-awaited Nmap Security Scanner version 5.00 was just released (download)! This marks the most important release since 1997, and is a huge step in Nmap's evolution from a simple port scanner to an all-around security and networking tool suite. Significant performance improvements were made, and dozens of scripts were added. For example, Nmap can now log into Windows and perform local checks (PDF), including Conficker detection. New tools included in 5.00 are Ncat, a modern reimplementation of Netcat (with IPv6, SSL, NAT traversal, port redirection, and more!), and Ndiff, for quickly comparing scan results. Other tools are in the works for future releases, but we're still waiting for them to add email and ftp clients so we can finally get off Emacs!"

Comment More info (Score 0) 288

by mrkitty on Saturday July 11, 2009 @11:41AM (#28661033) Attached to: ImageShack Hacked, Security Groups Threatened

@ http://www.cgisecurity.com/2009/07/antisec-hackers-replace-all-imageshack-images.html

Comment Additional coverager (Score 1) 5

by mrkitty on Friday July 10, 2009 @10:50PM (#28657561) Attached to: ImageShack Hacked!

At http://www.cgisecurity.com/2009/07/antisec-hackers-replace-all-imageshack-images.html

Submission + - ImageShack Hacked! (mashable.com) 5

Submitted by

revjtanton

on Friday July 10, 2009 @10:18PM

revjtanton writes: "Tonight a group calling themselves "Anti-Sec" hacked ImageShack and replaced many of the site's hosted images with one of their own detailing their manifesto. The group's grievance is against full-disclosure. They simply want the practice in security cirlces to end, and they've promised to cause mayhem and destruction if it doesn't.

These guys/gals are taking direct aim against a sect of the IT industry who is already armed to fight them...but they also already know that. It should be interesting to see how this plays out, whether you agree with them or not."

Comment The XSS FAQ (Score 2, Informative) 160

by mrkitty on Monday June 29, 2009 @05:33PM (#28521015) Attached to: New Firefox Standard Aims to Combat Cross-Site Scripting

The Cross-site Scripting (XSS) FAQ http://www.cgisecurity.com/xss-faq.html

Comment The XSS FAQ (Score 2, Informative) 145

by mrkitty on Sunday April 12, 2009 @11:45AM (#27549249) Attached to: Twitter Gets Slammed By the StalkDaily XSS Worm

The Cross-site Scripting FAQ http://www.cgisecurity.com/xss-faq.html

Comment VAX VMS (Score 3, Interesting) 562

by mrkitty on Thursday March 26, 2009 @01:06PM (#27345137) Attached to: 10 OSes We Left Behind

What, no VAX VMS or OpenVMS? People still use it in healthcare systems even though it came out around 1978. How I miss the good old days in the 1990's using a vax/vms in high school and UUCP'ing to send mail out of the building, and using our student BBS authored in DCL.

Comment Cross-site scripting FAQ (Score 1) 182

by mrkitty on Monday December 22, 2008 @09:02PM (#26207749) Attached to: Security Flaws In Aussie Net Filter Exposed

http://www.cgisecurity.org/xss-faq.html

Gmail Reveals the Names of All Users 438

Posted by samzenpus on Wednesday July 16, 2008 @06:05PM from the not-so-anonymous-now dept.

ihatespam writes "Have you ever wanted to know the name of admin@gmail.com? Now you can. Through a bug in Google calendars the names of all registered Gmail accounts are now readily available. All you need to find out the names of any gmail address is a Google calendar account yourself. Depending on your view this ranges from a harmless "feature" to a rather serious privacy violation. According to some reports, spammers are already exploiting this "feature"/bug to send personalized spam messages."

Slashdot Top Deals