Being safe on the internet (was Re: Here we go again - ISP DPI, but is it interception?)

Francis Davey fjmd1a at
Wed Aug 4 09:00:53 BST 2010

On 4 August 2010 08:57, Matthew Pemble <matthew at> wrote:
> Or is the point that people are becoming confused between URL truncation and
> a "Directory Traversal Attack", using the well-known '/../' syntax (just the
> same as, at the time, appending '.' to a .php URL often gave you the script
> source rather than the product)? Although Peter's pdf doesn't make it clear
> although other contemporaneous sources
> ( do mention the method.

Could be. I was careful not to comment on that particular case because
the details are so unclear. Peter's pdf is, as you say, short on
detail. Its the kind of thing that's easy to misreport I suspect.

Francis Davey

More information about the ukcrypto mailing list