from the par-for-the-course dept.
Julie188 writes "The McAfee.com website is full of security mistakes that could lead to cross-site scripting and other attacks, researchers said in a post on the Full Disclosure site on Monday. The holes with the site were found by the YGN Ethical Hacker Group, and reported to McAfee on Feb. 10, YGN says, before they were publicly disclosed to the security/hacking mailing list. Embarrassing? Yes, especially given that the company aggressively markets its own McAfee Secure service that is supposed to assure consumers that McAfee has scanned a website and found it to be safe."
"Your stupidity, Allen, is simply not up to par."
-- Dave Mack (mack@inco.UUCP)
-- Allen Gwinn (email@example.com), in alt.flame