Phishing: Full or Responsible Disclosure?

Posted on Sunday May 16 2010 by hell if i know

Copyright © What The Hell? Security I’m on the horns of a dilemma. I’ve come up with a few phishing use cases not yet witnessed in the wild. Should I exercise full disclosure or responsible disclosure? That’s a completely nonsensical question of course. Who the hell would I report it to? Onguard Online? Phishtank? APWG?  [...]

Filed under: fraud, phishing, security | Leave a Comment »

Introducing the Official What The Hell? Security Glossary

Posted on Monday May 3 2010 by hell if i know

Do you know that browsers do not implement blacklists?  (Hint: They’re blocklists.) And that bribing your Certificate Authority is perfectly legal? Or that you must license the right to render your website’s URLs  with a background color of  green in browser address bars? And what the hell exactly are the Certificate Warnings from Hell? And the [...]

Filed under: certificate authorities, security | Leave a Comment »

Follow

Get every new post delivered to your Inbox.