[Infowarrior] - [attrition] rant: Vulnerability Research Labs - Most Worthless Advisories Award, 2012

Richard Forno rforno at infowarrior.org
Wed May 23 13:55:01 CDT 2012


http://attrition.org/security/rants/vulnerability-lab/

Wed May 23 01:24:30 CDT 2012
By Jericho

Vulnerability research advisories come in all shapes and styles. Some companies release brief summaries with no technical details as part of their responsible disclosure policy. Some security researchers will release incredibly detailed reports full of technical details and all of the information one could need regarding the issue. In at least one case, we find the weirdest combination of lengthy advisories that offer up the least amount of information possible.

The following advisory from Vulnerability Research Labs (vulnerability-lab.com) is not necessarily the worst, but it is indicative of their advisories. The most troubling part is that the group obviously spends a lot of time writing them, but it doesn't appear they spend much time actually researching or reading their own advisories. Oh, and they also don't understand how text advisories and HTML works.

[...]


http://attrition.org/security/rants/vulnerability-lab/


---
Just because i'm near the punchbowl doesn't mean I'm also drinking from it.



More information about the Infowarrior mailing list