http://www.mikeandrews.com/2008/01/13/diminutive-xss-worm-contest/ Fri, 09 Apr 2010 12:01:55 -0700 http://wordpress.org/?v=2.9.2 hourly 1 http://www.mikeandrews.com/2008/01/13/diminutive-xss-worm-contest/comment-page-1/#comment-1 Wanted: More Penn & Teller’s | Mike Andrews Wed, 16 Jan 2008 07:01:49 +0000 http://www.mikeandrews.com/2008/01/13/diminutive-xss-worm-contest/#comment-1 [...] Writing about RSnake’s XSS Worm Contest reminded me of an email conversation we had a while back where the topic of discussion was how to some people "hacks" can look a lot like magic.  Just like performing magic, most hacks (discovered vulnerabilities, findings from penetration testing, security breaches, etc) are based very much off the of skill and knowledge of the "performer", but once the techniques/methods/secrets are revealed, the actual hack might not be all that impressive, and (possibly) easy to repeat. [...] [...] Writing about RSnake’s XSS Worm Contest reminded me of an email conversation we had a while back where the topic of discussion was how to some people "hacks" can look a lot like magic.  Just like performing magic, most hacks (discovered vulnerabilities, findings from penetration testing, security breaches, etc) are based very much off the of skill and knowledge of the "performer", but once the techniques/methods/secrets are revealed, the actual hack might not be all that impressive, and (possibly) easy to repeat. [...]

]]>