About 3 years ago there were a series of vulnerability research campaigns for various targets: the Month of Apple Bugs, the Month of PHP Bugs, the Month of Kernel Bugs...
Aviv Raff is a pen-testing veteran of the Month of Browser Bugs. Now he has proposed bringing the bug-month method into the modern era with...
July 2009 will be the Month of Twitter Bugs—this sounds like it will be heavy with cross-site scripting problems of the sort Raff has blogged on recently.
The bugs will focus on the Twitter API and third party sloppy use of it. Raff will warn these services in advance and give them time to fix their problems before he parades them in public. He adds that bugs of this sort are common on Web 2.0 mashup sites. Perhaps it takes something like this to raise awareness of a problem.
0 comments:
Post a Comment