[WEB SECURITY] Troll post to the WASC list using my name

Arian J. Evans arian.evans at anachronic.com
Fri Jun 20 15:17:01 EDT 2008

I have received a deluge of email in the last
24 hours from WASC subscribers with the
same confusions:

(1) The post made to the WASC hashing
thread by "Evan Arians, CISSP" from a
gmail account IS NOT ME.

It is someone using a play on my name,
who also knows my disdain for generic certs.

For those of you new to mailing lists: this
is what we call a Troll.


(2) I took the Troll's bait because the hashing
thread was going insane and I thought it could
be killed with some "best practices" that are
cheap and easy to apply.

(3) My name is Arian J. Evans, not to be
confused with any other Arian Evans's you
may know. The only accounts I post from
are my own personal accounts from my
own unmaintained blog (anachronic) and
sometimes on behalf of gmail.

I do not post from business email accounts
to enable my colleagues full freedom to refute
or repudiate anything I state in public on my
own behalf.

Now. Stop emailing me about this. :)

Some of you need to sit back, relax, and
drink a little less coffee.

And for all of you laughing along with
this -- Cheers!

Next thing you know some of you will
be repudiating Scanless PCI!


Arian J. Evans.

When in doubt -- give 'er more gas.

Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn

More information about the websecurity mailing list