Re: [Full-disclosure] [funsec] Internet attacks against Georgian web s ites
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 There's no need as n3td3v got see-throught powa + thight pants On Mon, 18 Aug 2008 02:23:36 +0200 William McAfee sec- [EMAIL PROTECTED] wrote: Would you mind elaborating on your actual evidence? All I see is logic, but I do not see much hard fact. I'm not agreeing, I'm not disagreeing. I'm just asking for clarification. On Mon, 2008-08-18 at 01:08 +0100, n3td3v wrote: By the way, Russian sites have been hacked as well. So why is everyone only talking about the Georgian sites and infrastructure? If Russian sites and infrastructure is down as well that means the Georgian government has hacked them, doesn't it Or does it? Or is the whole thing just a false flag by the U.S government underworld to infulence McCain and Obama as they are potentially coming in to the white house? It seems to me that there is bias towards Russia in the security community and that people don't really care if Russia was hacked, because the community seem to have already chosen who they like and who they are going to support and who they are going to point blame at. I don't think westerners have ever liked Russia, so as soon as something like this happens, folks straight away are bias towards Russia. You've got to remember this could easily be a false flag cyber attack to setup Russia to make them look bad while ramping up cyber security as a national security agenda as Marcus Sachs http://www.youtube.com/watch?v=FSUPTZVlkyU says in the Youtube video. The reasons for a false flag cyber attack is there, the evidence has been put in front of you by n3td3v. This isn't just some false flag conspiracy, there are plausible reasons why this could be a false flag. In the video Marcus Sachs asked the audience for ways we could make cyber security a national security agenda, false flagging something like the Georgian and Russian websites and infrastructure is not a way the government underworld might make cyber security a national security agenda? I call a false flag, and I find it suspicious that people are only talking about the Georgian websites and infrastructure being cyber attacked and not the Russian stuff as well. I would be interested in what answers the audience gave to Marcus Sachs, but thats not in the video unfortunately. All the best, n3td3v ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified at https://www.hushtools.com/verify wpwEAQMCAAYFAkipOsAACgkQFDPTJDb6CslMrAP+MLrr3GWUd/fN1yp8pbReJ0y/fHpt OwBVolTaGO074JpAMKm91c20/EdlnkUZXtJhu3C2oPGQFNwmcrIkv/Swn64Vqz4GdsNY PxFlLBnF5VdG/R5f03i/4vr7+wxbELBh9apPNhKcR8pymd0E1gdClg9+VGnhSDqe9fNz TKqkbf8= =1mrT -END PGP SIGNATURE- -- Don't leave everything up in the air. Click here for great quotes on flight insurance! http://tagline.hushmail.com/fc/Ioyw6h4ethS67i0iU8P5AvwzT1kCYC46p1UbQtxLq0CqcbkxAWAD6g/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [funsec] Internet attacks against Georgian web s ites
http://www.afcyber.af.mil/news/story.asp?id=123110806 seems the cybercommand is not ramping up.. On Mon, Aug 18, 2008 at 5:02 AM, [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 There's no need as n3td3v got see-throught powa + thight pants On Mon, 18 Aug 2008 02:23:36 +0200 William McAfee sec- [EMAIL PROTECTED] wrote: Would you mind elaborating on your actual evidence? All I see is logic, but I do not see much hard fact. I'm not agreeing, I'm not disagreeing. I'm just asking for clarification. On Mon, 2008-08-18 at 01:08 +0100, n3td3v wrote: By the way, Russian sites have been hacked as well. So why is everyone only talking about the Georgian sites and infrastructure? If Russian sites and infrastructure is down as well that means the Georgian government has hacked them, doesn't it Or does it? Or is the whole thing just a false flag by the U.S government underworld to infulence McCain and Obama as they are potentially coming in to the white house? It seems to me that there is bias towards Russia in the security community and that people don't really care if Russia was hacked, because the community seem to have already chosen who they like and who they are going to support and who they are going to point blame at. I don't think westerners have ever liked Russia, so as soon as something like this happens, folks straight away are bias towards Russia. You've got to remember this could easily be a false flag cyber attack to setup Russia to make them look bad while ramping up cyber security as a national security agenda as Marcus Sachs http://www.youtube.com/watch?v=FSUPTZVlkyU says in the Youtube video. The reasons for a false flag cyber attack is there, the evidence has been put in front of you by n3td3v. This isn't just some false flag conspiracy, there are plausible reasons why this could be a false flag. In the video Marcus Sachs asked the audience for ways we could make cyber security a national security agenda, false flagging something like the Georgian and Russian websites and infrastructure is not a way the government underworld might make cyber security a national security agenda? I call a false flag, and I find it suspicious that people are only talking about the Georgian websites and infrastructure being cyber attacked and not the Russian stuff as well. I would be interested in what answers the audience gave to Marcus Sachs, but thats not in the video unfortunately. All the best, n3td3v ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified at https://www.hushtools.com/verify wpwEAQMCAAYFAkipOsAACgkQFDPTJDb6CslMrAP+MLrr3GWUd/fN1yp8pbReJ0y/fHpt OwBVolTaGO074JpAMKm91c20/EdlnkUZXtJhu3C2oPGQFNwmcrIkv/Swn64Vqz4GdsNY PxFlLBnF5VdG/R5f03i/4vr7+wxbELBh9apPNhKcR8pymd0E1gdClg9+VGnhSDqe9fNz TKqkbf8= =1mrT -END PGP SIGNATURE- -- Don't leave everything up in the air. Click here for great quotes on flight insurance! http://tagline.hushmail.com/fc/Ioyw6h4ethS67i0iU8P5AvwzT1kCYC46p1UbQtxLq0CqcbkxAWAD6g/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [funsec] Internet attacks against Georgian web s ites
On Mon, 18 Aug 2008 08:43:11 EDT, Peter Dawson said: seems the cybercommand is not ramping up.. A few years ago, the US Dept of Defense admitted that they had an Office of Disinformation dedicated to feeding bogus info to our enemies. Of course, there was a public outrage for some reason. The only official announcement that the Office ever released was a press release that they were disbanding due to the public outrage... pgpzmbQrZwq6D.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [funsec] Internet attacks against Georgian web s ites
On Mon, Aug 18, 2008 at 5:43 AM, Peter Dawson [EMAIL PROTECTED] wrote: http://www.afcyber.af.mil/news/story.asp?id=123110806 seems the cybercommand is not ramping up.. after demonstrating the many ways they (mis)handle information [0] it would have been amusing had they been able to continue. and given the other services reluctance to take second seat behind afcyber, all navy/nsa had to do was point a red team in their general direction for a few minutes... heh 0. http://securitycritics.org/column/1/1/2008/2/3/ ... no opsec indeed http://humorcontrol.org/usaf/photo/21/no-opsec.jpg ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [funsec] Internet attacks against Georgian web s ites
I have to say, the DoD would be crazy not to ramp up AFCYBER. What reason on or off Earth do they have to intentionally not protect themselves against attack on the network front? It's crazy to leave yourself vulnerable like that, much less not have a method of offensive strike. It's like a country just now deciding to have an Air Force and then out of the blue saying 'Nope, sorry, nevermind.' On Mon, 2008-08-18 at 11:39 -0400, [EMAIL PROTECTED] wrote: On Mon, 18 Aug 2008 08:43:11 EDT, Peter Dawson said: seems the cybercommand is not ramping up.. A few years ago, the US Dept of Defense admitted that they had an Office of Disinformation dedicated to feeding bogus info to our enemies. Of course, there was a public outrage for some reason. The only official announcement that the Office ever released was a press release that they were disbanding due to the public outrage... ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [funsec] Internet attacks against Georgian web s ites
Wouldn't their press release indicate that they are actually keeping the unit intact? After all, it IS the Office of Disinformation. William McAfee wrote: I have to say, the DoD would be crazy not to ramp up AFCYBER. What reason on or off Earth do they have to intentionally not protect themselves against attack on the network front? It's crazy to leave yourself vulnerable like that, much less not have a method of offensive strike. It's like a country just now deciding to have an Air Force and then out of the blue saying 'Nope, sorry, nevermind.' On Mon, 2008-08-18 at 11:39 -0400, [EMAIL PROTECTED] wrote: On Mon, 18 Aug 2008 08:43:11 EDT, Peter Dawson said: seems the cybercommand is not ramping up.. A few years ago, the US Dept of Defense admitted that they had an Office of Disinformation dedicated to feeding bogus info to our enemies. Of course, there was a public outrage for some reason. The only official announcement that the Office ever released was a press release that they were disbanding due to the public outrage... ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [funsec] Internet attacks against Georgian web s ites
That's my whole point. On Mon, 2008-08-18 at 13:35 -0400, Dave wrote: Wouldn't their press release indicate that they are actually keeping the unit intact? After all, it IS the Office of Disinformation. William McAfee wrote: I have to say, the DoD would be crazy not to ramp up AFCYBER. What reason on or off Earth do they have to intentionally not protect themselves against attack on the network front? It's crazy to leave yourself vulnerable like that, much less not have a method of offensive strike. It's like a country just now deciding to have an Air Force and then out of the blue saying 'Nope, sorry, nevermind.' On Mon, 2008-08-18 at 11:39 -0400, [EMAIL PROTECTED] wrote: On Mon, 18 Aug 2008 08:43:11 EDT, Peter Dawson said: seems the cybercommand is not ramping up.. A few years ago, the US Dept of Defense admitted that they had an Office of Disinformation dedicated to feeding bogus info to our enemies. Of course, there was a public outrage for some reason. The only official announcement that the Office ever released was a press release that they were disbanding due to the public outrage... ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Linus summarizes state of the security industry with precision and accuracy.
coderman un jour écrivit: ... hypothesis that security researchers are all masturbating monkey whores is now proven definitively. [0] Too often, so-called security is split into two camps: one that believes in nondisclosure of problems by hiding knowledge until a bug is fixed, and one that revels in exposing vendor security holes because they see that as just another proof that the vendors are corrupt and crap, which admittedly mostly are, Torvalds states. Torvalds went on to say he views both camps as crazy. Both camps are whoring themselves out for their own reasons, and both camps point fingers at each other as a way to cement their own reason for existence, Torvalds asserts. 0. Torvalds Interview with Network World , 08/14/2008 http://www.networkworld.com/news/2008/081408-torvalds-security-circus.html Isn't that quite old news? Not only the article doesn't offer anything new, but It also doesn't give the full picture and offer very little useful information compared to the real discussion. I did read the thread at this time, and there was many interesting ideas. If I happens to see an article that resume well the issues involved, I'll post a link, but I won't spend much time searching, so don't wait after me. By the way, Linus Torvalds is very well known to enjoy starting flames on purpose (he calls that flamefesting). This time, the troll was trown at OpenBSD, but It was too big to be taken seriously by them, so It is mostly the security people that reacted. I prefer the troll he launched last year when he basically said that Gnome is just a waste of time and than both users and developers should just give-up and move on to KDE, which would be a much better and productive use of their time. It was said in 2007 directly on some major Gnome mailing list, like his previous flames against Gnome. :o) Simon Valiquette ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Linus summarizes state of the security industry with precision and accuracy.
Who's Linus? On Mon, Aug 18, 2008 at 3:50 PM, Simon Valiquette [EMAIL PROTECTED] wrote: coderman un jour écrivit: ... hypothesis that security researchers are all masturbating monkey whores is now proven definitively. [0] Too often, so-called security is split into two camps: one that believes in nondisclosure of problems by hiding knowledge until a bug is fixed, and one that revels in exposing vendor security holes because they see that as just another proof that the vendors are corrupt and crap, which admittedly mostly are, Torvalds states. Torvalds went on to say he views both camps as crazy. Both camps are whoring themselves out for their own reasons, and both camps point fingers at each other as a way to cement their own reason for existence, Torvalds asserts. 0. Torvalds Interview with Network World , 08/14/2008 http://www.networkworld.com/news/2008/081408-torvalds-security-circus.html Isn't that quite old news? Not only the article doesn't offer anything new, but It also doesn't give the full picture and offer very little useful information compared to the real discussion. I did read the thread at this time, and there was many interesting ideas. If I happens to see an article that resume well the issues involved, I'll post a link, but I won't spend much time searching, so don't wait after me. By the way, Linus Torvalds is very well known to enjoy starting flames on purpose (he calls that flamefesting). This time, the troll was trown at OpenBSD, but It was too big to be taken seriously by them, so It is mostly the security people that reacted. I prefer the troll he launched last year when he basically said that Gnome is just a waste of time and than both users and developers should just give-up and move on to KDE, which would be a much better and productive use of their time. It was said in 2007 directly on some major Gnome mailing list, like his previous flames against Gnome. :o) Simon Valiquette ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Linus summarizes state of the security industry with precision and accuracy.
John C. A. Bambenek, GCIH, CISSP un jour écrivit: Who's Linus? Are you seriously asking that, or just trying to start a flamefest (in which case, looking like clueless is a good attempt). Unless you are very Junior in the computer field (and even then), you should have heard of Linus Benedict Torvalds. It should be very basic general knowledge for someone in the computer security field, like knowing who is Dr. Bernstein, Bjarne Stroustrup, Denis Ritchies, Dijkstra and many others. They are not necessarily directly related to computer security, but their contributions all have significant impact in today security field. Instead of telling you who is Linus, I'll tell you a well garded secret: most famous people are described in Wikipedia. And even if they are not, It is usualy very easy to find something using Google. Well, probably another proof that showing a certification is not the same than showing expertise in a field. Simon Valiquette 0. Torvalds Interview with Network World , 08/14/2008 http://www.networkworld.com/news/2008/081408-torvalds-security-circus.html Isn't that quite old news? Not only the article doesn't offer anything new, but It also doesn't give the full picture and offer very little useful information compared to the real discussion. I did read the thread at this time, and there was many interesting ideas. If I happens to see an article that resume well the issues involved, I'll post a link, but I won't spend much time searching, so don't wait after me. By the way, Linus Torvalds is very well known to enjoy starting flames on purpose (he calls that flamefesting). This time, the troll was trown at OpenBSD, but It was too big to be taken seriously by them, so It is mostly the security people that reacted. I prefer the troll he launched last year when he basically said that Gnome is just a waste of time and than both users and developers should just give-up and move on to KDE, which would be a much better and productive use of their time. It was said in 2007 directly on some major Gnome mailing list, like his previous flames against Gnome. :o) Simon Valiquette ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Linus summarizes state of the security industry with precision and accuracy.
John C. A. Bambenek, GCIH, CISSP wrote: Who's Linus? I think he is the kid in the Peanuts cartoon that carries around the blanket... D ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Linus summarizes state of the security industry with precision and accuracy.
Unless you are very Junior in the computer field (and even then), you should have heard of Linus Benedict Torvalds. Wow, seriously? Clean off the end of your nose. D ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Linus summarizes state of the security industry with precision and accuracy.
please refer to: http://en.wikipedia.org/wiki/Jokes and possibly: http://www.youtube.com/watch?v=VT8uiT_rZ5k please feel free to laugh, snicker or otherwise enjoy yourself. On Mon, Aug 18, 2008 at 8:54 PM, Simon Valiquette [EMAIL PROTECTED] wrote: John C. A. Bambenek, GCIH, CISSP un jour écrivit: Who's Linus? Are you seriously asking that, or just trying to start a flamefest (in which case, looking like clueless is a good attempt). Unless you are very Junior in the computer field (and even then), you should have heard of Linus Benedict Torvalds. It should be very basic general knowledge for someone in the computer security field, like knowing who is Dr. Bernstein, Bjarne Stroustrup, Denis Ritchies, Dijkstra and many others. They are not necessarily directly related to computer security, but their contributions all have significant impact in today security field. Instead of telling you who is Linus, I'll tell you a well garded secret: most famous people are described in Wikipedia. And even if they are not, It is usualy very easy to find something using Google. Well, probably another proof that showing a certification is not the same than showing expertise in a field. Simon Valiquette 0. Torvalds Interview with Network World , 08/14/2008 http://www.networkworld.com/news/2008/081408-torvalds-security-circus.html Isn't that quite old news? Not only the article doesn't offer anything new, but It also doesn't give the full picture and offer very little useful information compared to the real discussion. I did read the thread at this time, and there was many interesting ideas. If I happens to see an article that resume well the issues involved, I'll post a link, but I won't spend much time searching, so don't wait after me. By the way, Linus Torvalds is very well known to enjoy starting flames on purpose (he calls that flamefesting). This time, the troll was trown at OpenBSD, but It was too big to be taken seriously by them, so It is mostly the security people that reacted. I prefer the troll he launched last year when he basically said that Gnome is just a waste of time and than both users and developers should just give-up and move on to KDE, which would be a much better and productive use of their time. It was said in 2007 directly on some major Gnome mailing list, like his previous flames against Gnome. :o) Simon Valiquette ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Linus summarizes state of the security industry with precision and accuracy.
I'm pretty sure the guy who just told me the world ends in 2012 and that I must repent now said his name was Linus. On Mon, 2008-08-18 at 19:20 -0600, don bailey wrote: John C. A. Bambenek, GCIH, CISSP wrote: Who's Linus? I think he is the kid in the Peanuts cartoon that carries around the blanket... D ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/