omg.wtf.bbq.

because arshan’s too cheap to license OneNote

Browsing Posts tagged phishing

browsers will accept strangely formed URLs and this could be used to bypass security checks

Unchecked redirect vulnerabilities are annoying to fix for our customers. Sometimes the developers need to link to a constantly changing selection of partners and they always have to support different redirect URLs for testing, integration, and production. Sometimes these redirect mechanisms span different applications even though they live on the same domain, too. Given the [...]

Robert Hansen’s gripe with Google is easy to understand. Unchecked redirects are a phisher’s dream vulnerability. What would be Google’s motivation to not fix such a blatant vulnerability? Well, there’s only a few reasons why someone would choose to purposely not fix a vulnerability: 1. they don’t care about security 2. they don’t know how [...]