![]() ![]() |
gehenna: There've been lots of cases of people finding out how secure a site or company network is, and then telling the company/site about it if it's found to be insecure - then the person gets prosecuted for hacking, etc. So if it were me I probably wouldn't tell anyone unless I had a vested interest in it. Maybe i'd do it anonymously, I dunno really.
True, but this research isn't actually about finding out about how secure a site is, it's about finding out which site has been already compromised, which then tries to compromise the browser (IE6)/PC running in a virtual machine. Plus, it's probably really hard to 'hack' into a website using an automated script. Judging from the article, they are just browsing websites and waiting to see what happens to the VM.
![]() ![]() |