Re: [Full-disclosure] It's time for me to go now

[James Matthews]

Goodbye... You will be missed by many

On Mon, Jan 12, 2009 at 9:00 AM, quispiam lepidus <
quispiam.lepi...@gmail.com> wrote:

> You are, the weakest link. Goodbye.
>
> On Mon, Jan 12, 2009 at 12:45 PM, n3td3v  wrote:
> > I don't know how to hack and I don't have any technical abilities I
> > must go now before MI5 take me away in a van and dump my body in the
> > sea.
> >
> > ___
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



-- 
http://www.astorandblack.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] It's time for me to go now

[quispiam lepidus]

You are, the weakest link. Goodbye.

On Mon, Jan 12, 2009 at 12:45 PM, n3td3v  wrote:
> I don't know how to hack and I don't have any technical abilities I
> must go now before MI5 take me away in a van and dump my body in the
> sea.
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] n3td3v profile...

[Ed Carp]

Y'all need Jesus in your life - there's no one else that can fix your
emotional issues, I'm afraid...

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] n3td3v profile...

[waveroad waveroad]

"From: n3td3v 
Have you nothing better to do than do
what you do with serious researchers like me?">
"From: n3td3v 
Subject: [Full-disclosure] It's time for me to go now
I don't know how to hack and I don't have any technical abilities I
must go now before MI5 take me away in a van and dump my body in the
sea. "
-->
how fucked up is that? :)
2009/1/12 n3td3v 

> I don't think anyone on full-disclosure is a troll apart from
> urel...@gmail.com, the rest of us are pretty serious about security
> and what we talk about. I know i'm serious about what I say and i'm
> strong in my convictions about what I say, even if you don't always
> agree with my points of view. There is no need to go around abusing me
> and say you hate me and turning a list against me, just because you
> don't agree with my opinion, how fucked up is that? Look at your own
> conduct if you want to talk about mental illness. The amount of
> bullshit that is made up about me just because you don't agree with my
> opinions on security is amazing. Have you nothing better to do than do
> what you do with serious researchers like me? If you don't agree with
> my opinion about a security industry software license, just ignore. If
> you don't agree on anything I say, just ignore. Don't send out a hate
> campaign and rally people against me, thats the real fuck up.
>
> On Mon, Jan 12, 2009 at 4:35 AM, Biz Marqee  wrote:
> > Informative, interesting and more to the point - its spot on. His self
> > medicating with illegal drugs also falls right in line with this..
> >
> > and even assuming that this profile is all incorrect and this IS some
> troll
> > winding us all up, he invariably has some mental illness. no one sane -
> > whether a "joke" or not - rants on and on and on to a bunch of people who
> > detest him.. maybe for a while but not for years on end.
> >
> > n3td3v, get help or exit life.
> >
> >
> > On Mon, Jan 12, 2009 at :59 PM, - o z -  wrote:
> >>
> >> Andrew is a special kind of crazya friend of mine and former
> >> colleague who I highly respect (practicing Psych.,
> >> who profiles individuals for a real doggone intel agency...alas, not
> >> MI-Jive) labeled Andrew as a probable
> >> schizophrenic with grandiose idealizations.
> >>
> >> These types of people usually can't hold a job.  The most active
> >> period of delusions occur from 17-33, some
> >> think the drop-off may be due to decreased levels of testosterone as
> >> they age.  Intelligence agency intrigue & innuendo is a classic
> >> manifestation, along with imaginary friends, martyr glamorizations,
> >> alternate personalities and repeated exclamations that they will
> >> curtail their
> >> behaviors, only to come back, roaringly, foisting themselves upon a
> >> group/friend circle with a different guise or mission.
> >> Some have said it resembles alcoholic behavior in the promises "to
> >> quit..."
> >>
> >> They constantly need an audience, since 'friends' are temporal at
> >> best...they churn through relationships like shit
> >> flowing through a goose...as people become estranged/exasperated with
> >> the constant epiphany's, revelations and
> >> God-like interpretations.
> >>
> >> Stranger yet is that people like this can be wonderfully charming in
> >> real-lifefunny for awhile, but as they age, they
> >> start losing boyish charms that previously were
> >> forgiven...promulgating even more outlandish behavior as grow older.
> >> Sound familiar?  We have a baseline here, folks.  Also notice he
> >> hasn't written anything technical -- it's mostly
> >> outlandish hypothesis with pointers to..not infosec...but Andrew.
> >>
> >> They usually refuse medications to control themselves, because it
> >> dulls the essence of what they're trying to portray:
> >> someone mysterious, withholding critical information, being the sole-
> >> source of knowledge that might somehow change
> >> the world.
> >>
> >> IMHO, I would venture to say Andrew has attempted suicide -- his type
> >> is usually unsuccessful, indeed, it's not a suicide
> >> attempt but an attention-seeking event.
> >>
> >> He's bat-shit-fucking-crazy-nuts, but sane enough to fool someone
> >> unfamiliar with his MO.  That's what is so aggravating about this
> >> particular form of mental illness...once again, as long as there's a
> >> receptive audience, the monkey will feel the compulsion to
> >> perform.  It's akin to sexual gratification for him to see he's the
> >> subject of people's ire...don't forget that.
> >>
> >> This type of person will emotionally soul-suck everyone he comes in
> >> contact with, and make up dramas if only to suck more
> >> people in, because really, it's all about the adulation of n3td3v/
> >> Andrew/, nothing else.
> >>
> >> Solutions:  There's a few, but I wouldn't want to be responsible for
> >> the end result; once again, n3td3v is a human たまごっち
> >> (Tamagotchi) and should be treated accordingly.
> >>
> >>
> >>
> >>
> >>
> >> _

Re: [Full-disclosure] n3td3v profile...

[n3td3v]

I don't think anyone on full-disclosure is a troll apart from
urel...@gmail.com, the rest of us are pretty serious about security
and what we talk about. I know i'm serious about what I say and i'm
strong in my convictions about what I say, even if you don't always
agree with my points of view. There is no need to go around abusing me
and say you hate me and turning a list against me, just because you
don't agree with my opinion, how fucked up is that? Look at your own
conduct if you want to talk about mental illness. The amount of
bullshit that is made up about me just because you don't agree with my
opinions on security is amazing. Have you nothing better to do than do
what you do with serious researchers like me? If you don't agree with
my opinion about a security industry software license, just ignore. If
you don't agree on anything I say, just ignore. Don't send out a hate
campaign and rally people against me, thats the real fuck up.

On Mon, Jan 12, 2009 at 4:35 AM, Biz Marqee  wrote:
> Informative, interesting and more to the point - its spot on. His self
> medicating with illegal drugs also falls right in line with this..
>
> and even assuming that this profile is all incorrect and this IS some troll
> winding us all up, he invariably has some mental illness. no one sane -
> whether a "joke" or not - rants on and on and on to a bunch of people who
> detest him.. maybe for a while but not for years on end.
>
> n3td3v, get help or exit life.
>
>
> On Mon, Jan 12, 2009 at :59 PM, - o z -  wrote:
>>
>> Andrew is a special kind of crazya friend of mine and former
>> colleague who I highly respect (practicing Psych.,
>> who profiles individuals for a real doggone intel agency...alas, not
>> MI-Jive) labeled Andrew as a probable
>> schizophrenic with grandiose idealizations.
>>
>> These types of people usually can't hold a job.  The most active
>> period of delusions occur from 17-33, some
>> think the drop-off may be due to decreased levels of testosterone as
>> they age.  Intelligence agency intrigue & innuendo is a classic
>> manifestation, along with imaginary friends, martyr glamorizations,
>> alternate personalities and repeated exclamations that they will
>> curtail their
>> behaviors, only to come back, roaringly, foisting themselves upon a
>> group/friend circle with a different guise or mission.
>> Some have said it resembles alcoholic behavior in the promises "to
>> quit..."
>>
>> They constantly need an audience, since 'friends' are temporal at
>> best...they churn through relationships like shit
>> flowing through a goose...as people become estranged/exasperated with
>> the constant epiphany's, revelations and
>> God-like interpretations.
>>
>> Stranger yet is that people like this can be wonderfully charming in
>> real-lifefunny for awhile, but as they age, they
>> start losing boyish charms that previously were
>> forgiven...promulgating even more outlandish behavior as grow older.
>> Sound familiar?  We have a baseline here, folks.  Also notice he
>> hasn't written anything technical -- it's mostly
>> outlandish hypothesis with pointers to..not infosec...but Andrew.
>>
>> They usually refuse medications to control themselves, because it
>> dulls the essence of what they're trying to portray:
>> someone mysterious, withholding critical information, being the sole-
>> source of knowledge that might somehow change
>> the world.
>>
>> IMHO, I would venture to say Andrew has attempted suicide -- his type
>> is usually unsuccessful, indeed, it's not a suicide
>> attempt but an attention-seeking event.
>>
>> He's bat-shit-fucking-crazy-nuts, but sane enough to fool someone
>> unfamiliar with his MO.  That's what is so aggravating about this
>> particular form of mental illness...once again, as long as there's a
>> receptive audience, the monkey will feel the compulsion to
>> perform.  It's akin to sexual gratification for him to see he's the
>> subject of people's ire...don't forget that.
>>
>> This type of person will emotionally soul-suck everyone he comes in
>> contact with, and make up dramas if only to suck more
>> people in, because really, it's all about the adulation of n3td3v/
>> Andrew/, nothing else.
>>
>> Solutions:  There's a few, but I wouldn't want to be responsible for
>> the end result; once again, n3td3v is a human たまごっち
>> (Tamagotchi) and should be treated accordingly.
>>
>>
>>
>>
>>
>> ___
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsor

[Full-disclosure] Wildest ideas?

[Will McAfee]

Face it.  If you're serious about security, you've been laying in bed  
one night and gotten an Idea, which you never bothered to develop.   
Throw 'em out there, if it's good maybe someone will develop it for you!

Sent from my iPhone

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] n3td3v profile...

[Biz Marqee]

sexyazngrl69/n3td3v, it was only you who mentioned krawetz...but you ARE
right about him.

On Mon, Jan 12, 2009 at :35 PM,  wrote:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Mr. Krawetz's PhD is in computer science, not psychology.  And he
> is a fucktard.
>
>
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] n3td3v profile...

[Biz Marqee]

Informative, interesting and more to the point - its spot on. His self
medicating with illegal drugs also falls right in line with this..

and even assuming that this profile is all incorrect and this IS some troll
winding us all up, he invariably has some mental illness. no one sane -
whether a "joke" or not - rants on and on and on to a bunch of people who
detest him.. maybe for a while but not for years on end.

n3td3v, get help or exit life.


On Mon, Jan 12, 2009 at :59 PM, - o z -  wrote:

> Andrew is a special kind of crazya friend of mine and former
> colleague who I highly respect (practicing Psych.,
> who profiles individuals for a real doggone intel agency...alas, not
> MI-Jive) labeled Andrew as a probable
> schizophrenic with grandiose idealizations.
>
> These types of people usually can't hold a job.  The most active
> period of delusions occur from 17-33, some
> think the drop-off may be due to decreased levels of testosterone as
> they age.  Intelligence agency intrigue & innuendo is a classic
> manifestation, along with imaginary friends, martyr glamorizations,
> alternate personalities and repeated exclamations that they will
> curtail their
> behaviors, only to come back, roaringly, foisting themselves upon a
> group/friend circle with a different guise or mission.
> Some have said it resembles alcoholic behavior in the promises "to
> quit..."
>
> They constantly need an audience, since 'friends' are temporal at
> best...they churn through relationships like shit
> flowing through a goose...as people become estranged/exasperated with
> the constant epiphany's, revelations and
> God-like interpretations.
>
> Stranger yet is that people like this can be wonderfully charming in
> real-lifefunny for awhile, but as they age, they
> start losing boyish charms that previously were
> forgiven...promulgating even more outlandish behavior as grow older.
> Sound familiar?  We have a baseline here, folks.  Also notice he
> hasn't written anything technical -- it's mostly
> outlandish hypothesis with pointers to..not infosec...but Andrew.
>
> They usually refuse medications to control themselves, because it
> dulls the essence of what they're trying to portray:
> someone mysterious, withholding critical information, being the sole-
> source of knowledge that might somehow change
> the world.
>
> IMHO, I would venture to say Andrew has attempted suicide -- his type
> is usually unsuccessful, indeed, it's not a suicide
> attempt but an attention-seeking event.
>
> He's bat-shit-fucking-crazy-nuts, but sane enough to fool someone
> unfamiliar with his MO.  That's what is so aggravating about this
> particular form of mental illness...once again, as long as there's a
> receptive audience, the monkey will feel the compulsion to
> perform.  It's akin to sexual gratification for him to see he's the
> subject of people's ire...don't forget that.
>
> This type of person will emotionally soul-suck everyone he comes in
> contact with, and make up dramas if only to suck more
> people in, because really, it's all about the adulation of n3td3v/
> Andrew/, nothing else.
>
> Solutions:  There's a few, but I wouldn't want to be responsible for
> the end result; once again, n3td3v is a human たまごっち
> (Tamagotchi) and should be treated accordingly.
>
>
>
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] This is WAR!

[sr.]

maybe i'm not getting the joke, but it's not escape - colon - i.

it's escape - i

is this the twilight zone?

sr.

On Sat, Jan 10, 2009 at 1:45 AM, Ed Carp  wrote:
> I'm sure George doesn't even wash his hands after using emacs!  The
> only reason you'd use "escape - colon - i" is because you are not a
> master, you are merely a novice at vi ... once you are exposed to the
> Zen of vi, you will never go back to the maya (illusion) that is
> emacs!
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] It's time for me to go now

[ghost]

DON'T LEAVE N3TD3V, PL

On Sun, Jan 11, 2009 at 8:45 PM, n3td3v  wrote:
> I don't know how to hack and I don't have any technical abilities I
> must go now before MI5 take me away in a van and dump my body in the
> sea.
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] It's time for me to go now

[sexyazngrl69]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

hehe, that would make me go boo-hoo :

<3 u n3td3v xoxoxox

On Sun, 11 Jan 2009 20:45:29 -0500 n3td3v 
wrote:
>I don't know how to hack and I don't have any technical abilities
>I
>must go now before MI5 take me away in a van and dump my body in
>the
>sea.
>
>___
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
-BEGIN PGP SIGNATURE-
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQMCAAYFAklqutIACgkQynWwk3/AtyMBnAP+MeivH65yjpSKW3zIBMTis7umKqMy
7N7T3jrXEcuhlMuUkhSUhpjlBTp+UDbL6IpkrhGdcJnQbCSsmhGCd9QknkKBDAsXGj5D
Oiv/nMvdn1AVw0pCULcUEZPuZWV1GxElo3js2BQw6mC0pJEpTxG2d2HheTkA081hoPLH
eC+FKj8=
=N3/3
-END PGP SIGNATURE-

--
Easy-to-use, advanced features, flexible phone systems.  Click here for more 
info.
 
http://tagline.hushmail.com/fc/PnY6qxu9tWNPQUUSTOVZjr344qNzrEK758Tmz9pHNgsi2M9rtV45i/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] n3td3v profile...

[sexyazngrl69]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Mr. Krawetz's PhD is in computer science, not psychology.  And he
is a fucktard.

On Sun, 11 Jan 2009 20:59:15 -0500 - o z -  wrote:
>Andrew is a special kind of crazya friend of mine and former
>colleague who I highly respect (practicing Psych.,
>who profiles individuals for a real doggone intel agency...alas,
>not
>MI-Jive) labeled Andrew as a probable
>schizophrenic with grandiose idealizations.
>
>These types of people usually can't hold a job.  The most active
>period of delusions occur from 17-33, some
>think the drop-off may be due to decreased levels of testosterone
>as
>they age.  Intelligence agency intrigue & innuendo is a classic
>manifestation, along with imaginary friends, martyr
>glamorizations,
>alternate personalities and repeated exclamations that they will
>curtail their
>behaviors, only to come back, roaringly, foisting themselves upon
>a
>group/friend circle with a different guise or mission.
>Some have said it resembles alcoholic behavior in the promises "to
>
>quit..."
>
>They constantly need an audience, since 'friends' are temporal at
>best...they churn through relationships like shit
>flowing through a goose...as people become estranged/exasperated
>with
>the constant epiphany's, revelations and
>God-like interpretations.
>
>Stranger yet is that people like this can be wonderfully charming
>in
>real-lifefunny for awhile, but as they age, they
>start losing boyish charms that previously were
>forgiven...promulgating even more outlandish behavior as grow
>older.
>Sound familiar?  We have a baseline here, folks.  Also notice he
>hasn't written anything technical -- it's mostly
>outlandish hypothesis with pointers to..not infosec...but Andrew.
>
>They usually refuse medications to control themselves, because it
>dulls the essence of what they're trying to portray:
>someone mysterious, withholding critical information, being the
>sole-
>source of knowledge that might somehow change
>the world.
>
>IMHO, I would venture to say Andrew has attempted suicide -- his
>type
>is usually unsuccessful, indeed, it's not a suicide
>attempt but an attention-seeking event.
>
>He's bat-shit-fucking-crazy-nuts, but sane enough to fool someone
>unfamiliar with his MO.  That's what is so aggravating about this
>particular form of mental illness...once again, as long as there's
>a
>receptive audience, the monkey will feel the compulsion to
>perform.  It's akin to sexual gratification for him to see he's
>the
>subject of people's ire...don't forget that.
>
>This type of person will emotionally soul-suck everyone he comes
>in
>contact with, and make up dramas if only to suck more
>people in, because really, it's all about the adulation of n3td3v/
>Andrew/, nothing else.
>
>Solutions:  There's a few, but I wouldn't want to be responsible
>for
>the end result; once again, n3td3v is a human たまごっち
>(Tamagotchi) and should be treated accordingly.
>
>
>
>
>
>___
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
-BEGIN PGP SIGNATURE-
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQMCAAYFAklqup0ACgkQynWwk3/AtyOP1AP/dvJRaGN9T/tigswbou1jogvlgNYB
4gUXobeCqSCUrBDotoCEz5AyhTIOFZNY5LE40ELbJ+qrGUp6+ahzCHhxqMy70AJ8p4DW
q6i6jo+56GCxU+v+QMNNDA9IQThPELviUXaqPUjMiJbKl6pcI41ScD6rch1HK+OPCnL0
DGUJJJE=
=JicB
-END PGP SIGNATURE-

--
Paying too much for your business phone system?  Click here to compare systems 
from top companies.
 
http://tagline.hushmail.com/fc/PnY6qxu9tWFsIKEJwRt0c9ClaTJlVzTQvzuRVAhKXhWclFEQKSWgw/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] [ MDVSA-2009:005 ] xterm

[security]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

 ___

 Mandriva Linux Security Advisory MDVSA-2009:005
 http://www.mandriva.com/security/
 ___

 Package : xterm
 Date: January 11, 2009
 Affected: 2008.0, 2008.1, 2009.0, Corporate 3.0, Corporate 4.0
 ___

 Problem Description:

 A vulnerability has been discovered in xterm, which can be exploited
 by malicious people to compromise a user's system. The vulnerability
 is caused due to xterm not properly processing the DECRQSS Device
 Control Request Status String escape sequence. This can be exploited
 to inject and execute arbitrary shell commands by e.g. tricking a
 user into displaying a malicious text file containing a specially
 crafted escape sequence via the more command in xterm (CVE-2008-2383).
 
 The updated packages have been patched to prevent this.
 ___

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2383
 ___

 Updated Packages:

 Mandriva Linux 2008.0:
 0afcdb50028ef42a65de6d144aa132e0  2008.0/i586/xterm-229-2.1mdv2008.0.i586.rpm 
 4ab46d69ae67182b660d9d876b2d7d4a  2008.0/SRPMS/xterm-229-2.1mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 0edc195a66de717de16ce187bdb52605  
2008.0/x86_64/xterm-229-2.1mdv2008.0.x86_64.rpm 
 4ab46d69ae67182b660d9d876b2d7d4a  2008.0/SRPMS/xterm-229-2.1mdv2008.0.src.rpm

 Mandriva Linux 2008.1:
 42985a0486e1bea3196576216dc29fff  2008.1/i586/xterm-232-1.1mdv2008.1.i586.rpm 
 7ae405602b65a1fc1e53ce7b9619ea4c  2008.1/SRPMS/xterm-232-1.1mdv2008.1.src.rpm

 Mandriva Linux 2008.1/X86_64:
 8b3dc6fb6c25034b47094c2895244f52  
2008.1/x86_64/xterm-232-1.1mdv2008.1.x86_64.rpm 
 7ae405602b65a1fc1e53ce7b9619ea4c  2008.1/SRPMS/xterm-232-1.1mdv2008.1.src.rpm

 Mandriva Linux 2009.0:
 eb3c38a51326b1eafb5d0ad6f4e73ddb  2009.0/i586/xterm-236-1.1mdv2009.0.i586.rpm 
 0852446a157588e61c85ce589d140b7f  2009.0/SRPMS/xterm-236-1.1mdv2009.0.src.rpm

 Mandriva Linux 2009.0/X86_64:
 33aa6e252961cfa84aa243f4654bd0b7  
2009.0/x86_64/xterm-236-1.1mdv2009.0.x86_64.rpm 
 0852446a157588e61c85ce589d140b7f  2009.0/SRPMS/xterm-236-1.1mdv2009.0.src.rpm

 Corporate 3.0:
 60f0250c17212cf80c5e81e0ba4f5b82  
corporate/3.0/i586/xterm-184-1.1.C30mdk.i586.rpm 
 8674b5ce234d367814905944cbbb48a6  
corporate/3.0/SRPMS/xterm-184-1.1.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 05b5a40265d8a5a9f6da03af5920252a  
corporate/3.0/x86_64/xterm-184-1.1.C30mdk.x86_64.rpm 
 8674b5ce234d367814905944cbbb48a6  
corporate/3.0/SRPMS/xterm-184-1.1.C30mdk.src.rpm

 Corporate 4.0:
 3f8bb08944785f50ab189fdc9af829e1  
corporate/4.0/i586/xterm-203-1.1.20060mlcs4.i586.rpm 
 dff8e15cc4fd01732ca2097b2bc4731d  
corporate/4.0/SRPMS/xterm-203-1.1.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 7da181fbf15239e44b4f887e1bbbcc03  
corporate/4.0/x86_64/xterm-203-1.1.20060mlcs4.x86_64.rpm 
 dff8e15cc4fd01732ca2097b2bc4731d  
corporate/4.0/SRPMS/xterm-203-1.1.20060mlcs4.src.rpm
 ___

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 ___

 Type Bits/KeyID Date   User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFJaolWmqjQ0CJFipgRAukIAKDpdq6oMsL8hv/l7f3E0LMz1KdGMACePjzG
mu4NY4xULs9opis9QPwh9lM=
=Mg0S
-END PGP SIGNATURE-

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] n3td3v profile...

[- o z -]

Andrew is a special kind of crazya friend of mine and former  
colleague who I highly respect (practicing Psych.,
who profiles individuals for a real doggone intel agency...alas, not  
MI-Jive) labeled Andrew as a probable
schizophrenic with grandiose idealizations.

These types of people usually can't hold a job.  The most active  
period of delusions occur from 17-33, some
think the drop-off may be due to decreased levels of testosterone as  
they age.  Intelligence agency intrigue & innuendo is a classic
manifestation, along with imaginary friends, martyr glamorizations,  
alternate personalities and repeated exclamations that they will  
curtail their
behaviors, only to come back, roaringly, foisting themselves upon a  
group/friend circle with a different guise or mission.
Some have said it resembles alcoholic behavior in the promises "to  
quit..."

They constantly need an audience, since 'friends' are temporal at  
best...they churn through relationships like shit
flowing through a goose...as people become estranged/exasperated with  
the constant epiphany's, revelations and
God-like interpretations.

Stranger yet is that people like this can be wonderfully charming in  
real-lifefunny for awhile, but as they age, they
start losing boyish charms that previously were  
forgiven...promulgating even more outlandish behavior as grow older.
Sound familiar?  We have a baseline here, folks.  Also notice he  
hasn't written anything technical -- it's mostly
outlandish hypothesis with pointers to..not infosec...but Andrew.

They usually refuse medications to control themselves, because it  
dulls the essence of what they're trying to portray:
someone mysterious, withholding critical information, being the sole- 
source of knowledge that might somehow change
the world.

IMHO, I would venture to say Andrew has attempted suicide -- his type  
is usually unsuccessful, indeed, it's not a suicide
attempt but an attention-seeking event.

He's bat-shit-fucking-crazy-nuts, but sane enough to fool someone  
unfamiliar with his MO.  That's what is so aggravating about this
particular form of mental illness...once again, as long as there's a  
receptive audience, the monkey will feel the compulsion to
perform.  It's akin to sexual gratification for him to see he's the  
subject of people's ire...don't forget that.

This type of person will emotionally soul-suck everyone he comes in  
contact with, and make up dramas if only to suck more
people in, because really, it's all about the adulation of n3td3v/ 
Andrew/, nothing else.

Solutions:  There's a few, but I wouldn't want to be responsible for  
the end result; once again, n3td3v is a human たまごっち
(Tamagotchi) and should be treated accordingly.





___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] It's time for me to go now

[Valdis . Kletnieks]

On Mon, 12 Jan 2009 01:45:29 GMT, n3td3v said:
> I don't know how to hack and I don't have any technical abilities I
> must go now before MI5 take me away in a van and dump my body in the
> sea.

And here I thought MI5 had better things to do - like defend England
against security threats.  If you don't know how to hack, you're not a
threat, and MI5 isn't interested.

Seriously dude.  Get some professional help with this MI5 fixation you have.


pgpEtOI3bhTwW.pgp
Description: PGP signature
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] It's time for me to go now

[waveroad waveroad]

"I don't know how to hack and I don't have any technical abilities"
No suprised at all .

"... before MI5 take me away in a van and dump my body in the
sea"
That would be great.

2009/1/11 n3td3v 

> I don't know how to hack and I don't have any technical abilities I
> must go now before MI5 take me away in a van and dump my body in the
> sea.
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] It's time for me to go now

[n3td3v]

I don't know how to hack and I don't have any technical abilities I
must go now before MI5 take me away in a van and dump my body in the
sea.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] WTF people?

[waveroad waveroad]

Why dont you post under your real nick aka n3tcr4p ?

you think it make n3tcr4p kid more credible in some ways ?

0r m4yb3 5h4|| 1 5p34k |1k3 7h15 7o m4k3 you und3r574nd my p01n7 ?

1 don7 know wh3n 1 |ook 47 your w3b5173 1 wond3r .

2009/1/11 

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> You tell me.
>
> On Sun, 11 Jan 2009 19:30:17 -0500 Pete Licoln
>  wrote:
> >What's the point with MI5 n3td3v ?
> >
> >Regards Pete
> -BEGIN PGP SIGNATURE-
> Charset: UTF8
> Note: This signature can be verified at https://www.hushtools.com/verify
> Version: Hush 3.0
>
> wpwEAQMCAAYFAklqm4cACgkQynWwk3/AtyOg/gP+KWIstvs71K7K+cvK/9bo/tRsYBC9
> iCu8diF/TpkXYvnEPXoV+IRH06bJxqhGkkuvE4zBhj0HtTlKMO5MmYPuY2j9GiBWIM3M
> vfYvbxBaZS8pZGJuoU8nbCYag8pXzf1FaEeNZhTT2J8Lhpy4JD12Duxnq2nnEtJL+Oz/
> UCQxaPk=
> =fsii
> -END PGP SIGNATURE-
>
> --
> Click for free info on online masters degrees and make up to $150K/ year
>
> http://tagline.hushmail.com/fc/PnY6qxtpjZXJLh7RrSDxAfzH8U8VbYeKiNKjN2pvOBEY7XUQCex7a/
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] WTF people?

[sexyazngrl69]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

You tell me.

On Sun, 11 Jan 2009 19:30:17 -0500 Pete Licoln
 wrote:
>What's the point with MI5 n3td3v ?
>
>Regards Pete
-BEGIN PGP SIGNATURE-
Charset: UTF8
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 3.0

wpwEAQMCAAYFAklqm4cACgkQynWwk3/AtyOg/gP+KWIstvs71K7K+cvK/9bo/tRsYBC9
iCu8diF/TpkXYvnEPXoV+IRH06bJxqhGkkuvE4zBhj0HtTlKMO5MmYPuY2j9GiBWIM3M
vfYvbxBaZS8pZGJuoU8nbCYag8pXzf1FaEeNZhTT2J8Lhpy4JD12Duxnq2nnEtJL+Oz/
UCQxaPk=
=fsii
-END PGP SIGNATURE-

--
Click for free info on online masters degrees and make up to $150K/ year
 
http://tagline.hushmail.com/fc/PnY6qxtpjZXJLh7RrSDxAfzH8U8VbYeKiNKjN2pvOBEY7XUQCex7a/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] US-CERT Current Activity - Malicious Code Circulating via Israel/Hamas Conflict Spam Messages

[Mark Andrews]

In message <4b6ee931090620t4410kc896944730c64...@mail.gmail.com>, 
n3td3v writes:
> On Mon, Jan 12, 2009 at 12:16 AM,   wrote:
> > On Sun, 11 Jan 2009 23:32:09 GMT, n3td3v said:
> >> Their PGP keys have expired =)
> >
> >> Expires: 2009-10-01
> >
> > Wake me up in October.
> 
> To me that says January 10th 2009

2009-10-01 is a ISO date.

http://www.iso.org/iso/support/faqs/faqs_widely_used_standards/widely_used_standards_other/date_and_time_format.htm
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: mark_andr...@isc.org

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] They don't realise I might work for MI5

[j-f sentier]

you'll never exit from your basement you fat stoned-dreamer :)

2009/1/11 andrew. wallace 

> Because they protect the UK against the threats:
>
> http://www.mi5.gov.uk/
>
> On Mon, Jan 12, 2009 at 12:38 AM, Ed Carp  wrote:
> > And working (or not working) for MI5 is supposed to be impressive in what
> way?
> >
> > ___
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] They don't realise I might work for MI5

[andrew . wallace]

Because they protect the UK against the threats:

http://www.mi5.gov.uk/

On Mon, Jan 12, 2009 at 12:38 AM, Ed Carp  wrote:
> And working (or not working) for MI5 is supposed to be impressive in what way?
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] They don't realise I might work for MI5

[andrew . wallace]

Why not brag about wanting to join MI5?

On Mon, Jan 12, 2009 at 12:33 AM, Biz Marqee  wrote:
>
> s/"allude to"/"brag about"/
>
> On Mon, Jan 12, 2009 at :23 AM,  wrote:
>>
>> On Mon, 12 Jan 2009 :00:31 +00, Biz Marqee said:
>>
>> > you fucking idiot, who do you think you are fooling? if you worked for
>> > ANY
>> > intelligence agency you wouldn't allude to that fact in such a public
>> > forum...
>>
>> Actually, if you go look at the SELinux security extensions, the NSA guys
>> are pretty up-front about being NSA guys, right down to posting with
>> @nsa.gov
>> addresses.
>>
>> The only time you don't allude to the fact you work for an intelligence
>> agency is if you are doing so *covertly*.  Of course, what you actually
>> *do*
>> there may be classified, but even then you can usually say "I'm an analyst
>> for the CIA" or similar.
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] They don't realise I might work for MI5

[Ed Carp]

And working (or not working) for MI5 is supposed to be impressive in what way?

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] They don't realise I might work for MI5

[Biz Marqee]

s/"allude to"/"brag about"/

On Mon, Jan 12, 2009 at :23 AM,  wrote:

> On Mon, 12 Jan 2009 :00:31 +00, Biz Marqee said:
>
> > you fucking idiot, who do you think you are fooling? if you worked for
> ANY
> > intelligence agency you wouldn't allude to that fact in such a public
> > forum...
>
> Actually, if you go look at the SELinux security extensions, the NSA guys
> are pretty up-front about being NSA guys, right down to posting with @
> nsa.gov
> addresses.
>
> The only time you don't allude to the fact you work for an intelligence
> agency is if you are doing so *covertly*.  Of course, what you actually
> *do*
> there may be classified, but even then you can usually say "I'm an analyst
> for the CIA" or similar.
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] WTF people?

[Pete Licoln]

What's the point with MI5 n3td3v ?

Regards Pete
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] US-CERT Current Activity - Malicious Code Circulating via Israel/Hamas Conflict Spam Messages

[sexyazngrl69]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

i smell conspiracy!!!

*kisses*

On Sun, 11 Jan 2009 19:20:36 -0500 n3td3v 
wrote:
>On Mon, Jan 12, 2009 at 12:16 AM,  
>wrote:
>> On Sun, 11 Jan 2009 23:32:09 GMT, n3td3v said:
>>> Their PGP keys have expired =)
>>
>>> Expires: 2009-10-01
>>
>> Wake me up in October.
>
>To me that says January 10th 2009
>
>___
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
-BEGIN PGP SIGNATURE-
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQMCAAYFAklqjh0ACgkQynWwk3/AtyM3bAQAlIvPsJ+JA6iv8jTTLeHQ11hQWr6y
O+9Wq83zTo0JzWg9bwtvycxhB3BBaCTQbIssrl68RKLBMpU5HiOBqltC7hSGeU+EXVxA
1Kkc7z21cKMffHoKFP0x45pg7xymJ0eTRnfUNDcXlYr04BrR6cG5p1PK2SWX4vIEvD/2
NUtKMpo=
=w+8K
-END PGP SIGNATURE-

--
Earn your college degree at your own pace, 100% online!
 
http://tagline.hushmail.com/fc/PnY6qxtpfWs2gqP1ysqgeSNTRIqVKDzic1DLteulcikr3Y3h9zmFy/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] WTF people?

[sexyazngrl69]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

naive to think mi5 is gender biased:)))

On Sun, 11 Jan 2009 18:36:56 -0500 Pete Licoln
 wrote:
>sexyazngrl69 is a n3td3v alias, no doubt about it.
>
>Regards Pete
-BEGIN PGP SIGNATURE-
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQMCAAYFAklqjccACgkQynWwk3/AtyMqRwQAiOCfp9PC1o0g7CP8X8gr1psnpijR
NVIHQqkbjl1L4uAa55qBUElskX7n5DTzLflFIoT1u9zfCV9KTz8kPpdPZjMnXBpXzFmA
N7+lDieYQvJn+0PZVhH7zkzJX3aXcgmcNoIRoVSjazJlHKK76lNXrhQ2vqAPeSCA01NR
wtKWVj4=
=WSQG
-END PGP SIGNATURE-

--
Stuck in a dead end job?? Click to start living your dreams by earning an 
online degree.
 
http://tagline.hushmail.com/fc/PnY6qxtpfWguKXIbuKy0wc53HbV7MyFTUOqm2btdhhgyTGOJRdfcM/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] They don't realise I might work for MI5

[Valdis . Kletnieks]

On Mon, 12 Jan 2009 11:00:31 +1100, Biz Marqee said:

> you fucking idiot, who do you think you are fooling? if you worked for ANY
> intelligence agency you wouldn't allude to that fact in such a public
> forum...

Actually, if you go look at the SELinux security extensions, the NSA guys
are pretty up-front about being NSA guys, right down to posting with @nsa.gov
addresses.

The only time you don't allude to the fact you work for an intelligence
agency is if you are doing so *covertly*.  Of course, what you actually *do*
there may be classified, but even then you can usually say "I'm an analyst
for the CIA" or similar.


pgpWr4CXLGgXt.pgp
Description: PGP signature
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] US-CERT Current Activity - Malicious Code Circulating via Israel/Hamas Conflict Spam Messages

[n3td3v]

On Mon, Jan 12, 2009 at 12:16 AM,   wrote:
> On Sun, 11 Jan 2009 23:32:09 GMT, n3td3v said:
>> Their PGP keys have expired =)
>
>> Expires: 2009-10-01
>
> Wake me up in October.

To me that says January 10th 2009

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] They don't realise I might work for MI5

[Biz Marqee]

Regardless, I stand by my original assertion of "you fucking idiot".

On Mon, Jan 12, 2009 at :12 AM, andrew. wallace <
andrew.wall...@rocketmail.com> wrote:

> On Mon, Jan 12, 2009 at :00 AM, Biz Marqee  wrote:
> > you fucking idiot, who do you think you are fooling? if you worked for
> ANY
> > intelligence agency you wouldn't allude to that fact in such a public
> > forum...
>
> If you look at the other thread it says I haven't applied yet:
>
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] US-CERT Current Activity - Malicious Code Circulating via Israel/Hamas Conflict Spam Messages

[Valdis . Kletnieks]

On Sun, 11 Jan 2009 23:32:09 GMT, n3td3v said:
> Their PGP keys have expired =)

> Expires: 2009-10-01

Wake me up in October.



pgpTNHnWE7yPM.pgp
Description: PGP signature
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] They don't realise I might work for MI5

[andrew . wallace]

On Mon, Jan 12, 2009 at 12:00 AM, Biz Marqee  wrote:
> you fucking idiot, who do you think you are fooling? if you worked for ANY
> intelligence agency you wouldn't allude to that fact in such a public
> forum...

If you look at the other thread it says I haven't applied yet:

-- Forwarded message --
From: andrew. wallace 
Date: Sun, Jan 11, 2009 at 4:09 PM
Subject: Why are you against n3td3v?
To: full-disclosure@lists.grok.org.uk


n3td3v isn't at the moment a professional intelligence group but will
be in the future if and when i'm employed into the British
intelligence community if they choose to accept my application form.

You can goto their web site
and apply for a job https://www.mi5careers.gov.uk/ this is what i'm
going to do as well.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Why are you against n3td3v?

[Biz Marqee]

Direct quote from n3td3v: "I've been watching too many movies and using
illegal substances. Time for me to go now." -
http://lists.grok.org.uk/pipermail/full-disclosure/2005-August/036365.html

So you want to be mi5, but your a drug addict? Sorry they don't employ
people with your state of mind.

Also, they would never employ you because you are an evil blackhat hacker
masquerading behind this "legitimate alias". You are known as the biggest
yahoo and google blackhat hacker going around. You deliberate cause harm to
servers world wide.

I URGE ALL INTELLIGENCE AGENCIES TO BE WEARY OF THE ROUGE HACKER n3td3v!



On Mon, Jan 12, 2009 at :56 AM, andrew. wallace <
andrew.wall...@rocketmail.com> wrote:

> On Sun, Jan 11, 2009 at :41 PM,   wrote:
> > On Sun, 11 Jan 2009 :14:36 GMT, you said:
> >
> >> I'm not clueless on this list everything I say is pretty accurate.
> >
> > Go back and re-read every post you've written lately that contains the
> strings
> > 'MI5' or 'Mossad', and ponder how the rest of us see it.
>
>
> Trolls target people they know they can get a reaction out of thats
> why they target me, you're turning increasingly into one Valdis.
>
>
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] They don't realise I might work for MI5

[Biz Marqee]

you fucking idiot, who do you think you are fooling? if you worked for ANY
intelligence agency you wouldn't allude to that fact in such a public
forum...

On Sat, Jan 10, 2009 at :40 PM, andrew. wallace <
andrew.wall...@rocketmail.com> wrote:

>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] e-Holocaust

[Rants nRaves]

On Sun, Jan 11, 2009 at 1:38 AM,  wrote:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> We are pretty far away from them, if it was possible for us to go
> and fight, we would.


Translation: I'm too comfortable sitting on a couch in my mothers basement
watching porn on the internet to get on a plane and put my life at risk like
the other 1.4 million people who live in Gaza.  If you don't have the money,
then go get a job at McDonalds flipping burgers until you do.  Anything else
is just lame excuses considering what is at stake.


> It is not worthless, it is merely the beginning.. every file,
> database, email, paypal or bank account... the more damage, the
> better... maybe one site is worthless for you, but its someone
> else's job, years of effort to build, etc etc... and as long as
> that someone is an Israeli, then his site is a target.


Yes, it is worthless.  Your targets have no military or political
value. What you're doing is the internet equivalent of throwing eggs at a
passing car- adolescent prank that might piss someone off, but in the end is
meaningless.  Or are you so delusional that you think the IDF will stop now
because some lawyers and artists had their websites hacked?

Let's put it to a simple test to determine its value.  I've been told Hamas
suicide bombers get 72 virgins when they reach heaven for their actions.
 How many virgins does hacking mynotebook.co.il or refaeli-art.com get you?



>
> We expected people to call this "script kiddie", but it is alright,
> that is the typical response from a "rants" person like yourself,
> we will overlook that..


Of course you expected to be called a script kiddie- that's what you are.
 That or you're the stupidest hacker in the world for using a new exploit
you designed on such worthless targets.  If you really were anything more
then a script kiddie why wouldn't you use your awesome power to hack an
Israeli government site?  Why not steal something embarrassing from the IDF
and post it for the world to see?  Simple- because you're a pathetic script
kiddie.


>
>
> - -- QUOTE --
> >Then to prove just how pathetic you really are, you don't even
> >have the
> >balls to publicly show your face and have to hide behind an
> >anonymous email
> >address- all while real men are out there on the streets in harms
> >way.
> - -- / QUOTE --
>
> That is coming from the person who replied to our email from his
> "Rants n Raves" email account? please take a seat.


Please.  I'm not the one making grand claims about helping Hamas fight the
IDF.  I'm more then happy to admit that I've got no skin in this game.


>
> We do have what it takes to make a difference, we believe actions
> speak louder than words, so you can just sit back and watch.


If you believe actions speak louder then words then why the hell are you
arguing with me?  Do you even read what you type?

~ The E-Holocaust



I gotta say, this whole "e.hitler" and "e-holocaust" thing makes you sound
like you're 9 years old.  Couldn't you come up with something more creative
and impressive?

-Rants


>
>
> On Sun, 11 Jan 2009 06:20:03 +0300 Rants nRaves
>  wrote:
> >Wow, congratulations.  While people on both sides are risking
> >their lives
> >and in some cases making the ultimate sacrifice by loosing their
> >life for
> >their friends, family and country; you've hacked some worthless
> >Israeli
> >websites- thus once again proving lawyers and artists in all
> >countries don't
> >know how to apply security patches to their servers.I'm sure
> >the IDF is
> >cowering in fear over your awesome power, amazing resources and
> >limitless
> >influence- just like every other script kiddie out there.
> >Can we all now schedule the parade and present you with your medal
> >for being
> >the lamest excuse of a terrorist / freedom fighter / human being
> >of the
> >week?
> >
> >Then to prove just how pathetic you really are, you don't even
> >have the
> >balls to publicly show your face and have to hide behind an
> >anonymous email
> >address- all while real men are out there on the streets in harms
> >way.  Even
> >the worthless politicians are doing more and taking bigger risks
> >then you.
> >
> >Normally I'd suggest to go crawl back into your hiding hole, but
> >since
> >you've never actually came out; I'll just say shut up and let the
> >adults
> >deal with it, because clearly you don't have what it takes to make
> >a real
> >difference in the world.
> >
> >- Rants
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] US-CERT Current Activity - Malicious Code Circulating via Israel/Hamas Conflict Spam Messages

[sexyazngrl69]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

nice hack babe:))

On Sun, 11 Jan 2009 18:32:09 -0500 n3td3v 
wrote:
>Their PGP keys have expired =)
>
>Sending email to US-CERT
>
>When sending sensitive information to US-CERT via email, we
>encourage
>you to encrypt your messages. US-CERT uses multiple public keys
>based
>upon their purpose. If the purpose of your communication is a
>cyber
>security incident report, vulnerability report, or any other
>technical
>question related to cyber security, please use the following key:
>
>User ID: US-CERT Security Operations Center 
>Key ID: B832BE70
>Key Type: RSA
>Expires: 2009-10-01
>Key size: 2048
>Fingerprint: 195E 7A9E CCD9 9504 3CA7 E26E 13D4 4840 B832 BE70
>
>Information about other keys can be found on Contacting US-CERT.
>
>&
>
>Receiving publications in email from US-CERT
>
>US-CERT signs the email distribution of all US-CERT publications,
>including Cyber Security Alerts, Technical Cyber Security Alerts,
>Cyber Security Bulletins and Cyber Security Tips with the
>following
>key:
>
>User ID: US-CERT Publications Key 
>Key ID: 0x3E1F88AB
>Key Type: RSA
>Expires: 2009-10-01
>Key Size: 2048
>Fingerprint: E0BF 6D0E 88C1 1FFC F93F 571B 7207 9633 3E1F 88AB
>
>http://www.us-cert.gov/pgp/email.html
>
>On Sun, Jan 11, 2009 at 10:29 PM, Chris Wallis 
>wrote:
>> Just got this from US Cert. With what's going on with this list.
>I fought
>> I might share with you all...
>>
>> With some of the crap on this list lately I really do hope it is
>spambots...
>>
>> ~Chris Wallis
>>
>>
>> __
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> US-CERT Current Activity
>>
>> Malicious Code Circulating via Israel/Hamas Conflict Spam
>Messages
>>
>> Original release date: January 9, 2009 at 9:25 am Last revised:
>January 9,
>> 2009 at 9:25 am
>>
>>
>> US-CERT is aware of public reports of malicious code circulating
>via spam
>> email messages related to the Israel/Hamas conflict in Gaza.
>> These messages may contain factual information about the
>conflict and
>> appear to come from CNN. Additionally, the messages indicate
>that
>> additional news coverage of the conflict can be viewed by
>following a link
>> provided in the email body. If users click on this link, they
>are
>> redirected to a bogus CNN website that appears to contain a
>video.
>> Users who attempt to view this video will be prompted to update
>to a new
>> version of Adobe Flash Player in order to view the video. This
>update is
>> not a legitimate Adobe Flash Player update; it is malicious
>code. If users
>> download this executable file, malicious code may be installed
>on their
>> systems.
>>
>> US-CERT encourages users and administrators to take the
>following
>> preventative measures to help mitigate the security risks:
>>  * Install antivirus software, and keep the virus signatures up
>to
>>date.
>>  * Do not follow unsolicited links and do not open unsolicited
>email
>>messages.
>>  * Use caution when visiting untrusted websites.
>>  * Use caution when downloading and installing applications.
>>  * Obtain software applications and updates directly from the
>>vendor's website.
>>  * Refer to the Recognizing and Avoiding Email Scams (pdf)
>document
>>for more information on avoiding email scams.
>>  * Refer to the Avoiding Social Engineering and Phishing Attacks
>>document for more information on social engineering attacks.
>>
>> Relevant Url(s):
>> 
>>
>> 
>>
>> 
>> This entry is available at
>> http://www.us-
>cert.gov/current/index.html#malware_circulating_via_email_messages
>>
>> -BEGIN PGP SIGNATURE-
>> Version: GnuPG v1.4.5 (GNU/Linux)
>>
>> iQEVAwUBSWdhW3IHljM+H4irAQJcFAgAjGyje+ahBx/YguARXCI1CAYY/5zWoL1s
>> Zg5n1Ly+cB3kte8ZgVUoOb2CrHor8HxMhu3kVkD0T4yFpK1UOi9W4ERbe2ntVKGh
>> 2nISPXPWOmn9glexc9EnvBBmEUEEv3Uu8m6M5uykUisJMcfje5LVt1I9BtgESqmu
>> x9cTWACgciA+wgDHnaspKjxUOFaAy2c4SFBt+S/5FtzU4t43f6CThD4V4b3MO06y
>> 2m46lkWe4fJdQBd7tboj0CK+vX7IKtplPzL7VG+L36idn0ZBFwNMAJTiuHSjdEA1
>> fvLBMjMm4bBblUet4Mf4oKatkElqLXCZDMdaWJ1JPuCc6Lc5ChEMGQ==
>> =PU6L
>> -END PGP SIGNATURE-
>>
>>
>>
>>
>> ___
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
>___
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
-BEGIN PGP SIGNATURE-
Charset: UTF8
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 3.0

wpwEAQMCAAYFAklqhrMACgkQynWwk3/AtyOmJgQAjZsbVABLYAgiJ6E3KbL8egRC16LZ
LYWMz+Qq488tDFyuFqx42aKKX9Kq+Bq6OmiDpiEPfh/Kbv94Sz7NNhJitOUj59qmaW8l
+Q7MZH3n8HLwWHuSNNg49Z+dbsa6bCoXg1UAFHsfzBgoxhpw409y3UOi8tiBZKGZh077
i7zstEQ=
=41Lu
-EN

Re: [Full-disclosure] WTF people?

[sr.]

amazing how every message becomes tainted with bullshit.

On Sun, Jan 11, 2009 at 6:01 PM,   wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> pics?
>
> On Sun, 11 Jan 2009 17:48:53 -0500 waveroad waveroad
>  wrote:
>>N3td3v other alias spotted.
>>
>>
>>
>>2009/1/11 
>>
>>> -BEGIN PGP SIGNED MESSAGE-
>>> Hash: SHA1
>>>
>>> i find the surname mcafee to be a turn-on here on the security
>>> mailing list, mister good hacker:)))
>>>
>>> a/s/l?
>>>
>>>
>>> On Sun, 11 Jan 2009 16:49:20 -0500 Will McAfee >> commun...@thegoodhacker.com> wrote:
>>> >I have lurked for some time, and really, this list has become
>>> >pathetic
>>> >due to it's hiijacking by two or three trolls with nothing
>>better
>>> >to
>>> >do than destroy the relevant signal to noise ratio.  This list
>>is
>>> >not
>>> >about MI5, the NSA, or Mossad unless there is something
>>practical
>>> >to
>>> >be learned from them.  I do not care about the information war
>>> >between
>>> >Russia and Georgia unless it is about the systems used.  Think
>>of
>>> >this
>>> >list as like a trade correspondence journal, not a public
>>> >tackboard.
>>> >
>>> >Sent from my iPhone
>>> >
>>> >___
>>> >Full-Disclosure - We believe in it.
>>> >Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> >Hosted and sponsored by Secunia - http://secunia.com/
>>> -BEGIN PGP SIGNATURE-
>>> Charset: UTF8
>>> Version: Hush 3.0
>>> Note: This signature can be verified at
>>https://www.hushtools.com/verify
>>>
>>>
>>wpwEAQMCAAYFAklqcbUACgkQynWwk3/AtyOa+wP/YQJlJsabFMRjU8FEs6V+t4eEwkW
>>0
>>>
>>QHX6NsZkryCvIgNWKjPjCTq25n/sS8JKr9oKFJybeyhgY9ADMJ94rLspQU6pQetJnfk
>>o
>>>
>>rkmOnzyUOPzXdmBDJH/34qe3K55k8v7f7OeWLu3xosxWP8iWJwQWR2gXF11hELGJKbJ
>>/
>>> 9Zzisvg=
>>> =cJJ3
>>> -END PGP SIGNATURE-
>>>
>>> --
>>> Click for free info on online doctorate degrees and make up to
>>$250k/ year.
>>>
>>>
>>http://tagline.hushmail.com/fc/PnY6qxudoSZgDEE0yj7ARzIKdHrLoCs88Zzh
>>zE4rU3tdHkjzM8yso/
>>>
>>> ___
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>
> -BEGIN PGP SIGNATURE-
> Charset: UTF8
> Version: Hush 3.0
> Note: This signature can be verified at https://www.hushtools.com/verify
>
> wpwEAQMCAAYFAklqek0ACgkQynWwk3/AtyPcEgP8ClWXNKSO2PiPEUGhalNNnQD3LORX
> LxkxnMgYlCPb06v4unM1RSC4ohJZdX7T+bRrvNQdO9b0RsP34pkdCbCZavLMsxaZChbJ
> /ApjICH6vsajaRdu0ZEH5HjnfAwnYcVpAFKamfnP7h8Zyzgp9ZfHZv4ZEOYL9oHxh2NN
> CdQCXww=
> =Hgbn
> -END PGP SIGNATURE-
>
> --
> Click for free info on business schools, $150K/ year potential.
>  
> http://tagline.hushmail.com/fc/PnY6qxsZgJoEzGwoSheR0lZiwV2oU7O92zSQHsC8LzPC3isaZnbmg/
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] WTF people?

[Pete Licoln]

sexyazngrl69 is a n3td3v alias, no doubt about it.

Regards Pete
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] WTF people?

[sexyazngrl69]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

pics?

On Sun, 11 Jan 2009 17:48:53 -0500 waveroad waveroad
 wrote:
>N3td3v other alias spotted.
>
>
>
>2009/1/11 
>
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> i find the surname mcafee to be a turn-on here on the security
>> mailing list, mister good hacker:)))
>>
>> a/s/l?
>>
>>
>> On Sun, 11 Jan 2009 16:49:20 -0500 Will McAfee > commun...@thegoodhacker.com> wrote:
>> >I have lurked for some time, and really, this list has become
>> >pathetic
>> >due to it's hiijacking by two or three trolls with nothing
>better
>> >to
>> >do than destroy the relevant signal to noise ratio.  This list
>is
>> >not
>> >about MI5, the NSA, or Mossad unless there is something
>practical
>> >to
>> >be learned from them.  I do not care about the information war
>> >between
>> >Russia and Georgia unless it is about the systems used.  Think
>of
>> >this
>> >list as like a trade correspondence journal, not a public
>> >tackboard.
>> >
>> >Sent from my iPhone
>> >
>> >___
>> >Full-Disclosure - We believe in it.
>> >Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >Hosted and sponsored by Secunia - http://secunia.com/
>> -BEGIN PGP SIGNATURE-
>> Charset: UTF8
>> Version: Hush 3.0
>> Note: This signature can be verified at
>https://www.hushtools.com/verify
>>
>>
>wpwEAQMCAAYFAklqcbUACgkQynWwk3/AtyOa+wP/YQJlJsabFMRjU8FEs6V+t4eEwkW
>0
>>
>QHX6NsZkryCvIgNWKjPjCTq25n/sS8JKr9oKFJybeyhgY9ADMJ94rLspQU6pQetJnfk
>o
>>
>rkmOnzyUOPzXdmBDJH/34qe3K55k8v7f7OeWLu3xosxWP8iWJwQWR2gXF11hELGJKbJ
>/
>> 9Zzisvg=
>> =cJJ3
>> -END PGP SIGNATURE-
>>
>> --
>> Click for free info on online doctorate degrees and make up to
>$250k/ year.
>>
>>
>http://tagline.hushmail.com/fc/PnY6qxudoSZgDEE0yj7ARzIKdHrLoCs88Zzh
>zE4rU3tdHkjzM8yso/
>>
>> ___
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
-BEGIN PGP SIGNATURE-
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQMCAAYFAklqek0ACgkQynWwk3/AtyPcEgP8ClWXNKSO2PiPEUGhalNNnQD3LORX
LxkxnMgYlCPb06v4unM1RSC4ohJZdX7T+bRrvNQdO9b0RsP34pkdCbCZavLMsxaZChbJ
/ApjICH6vsajaRdu0ZEH5HjnfAwnYcVpAFKamfnP7h8Zyzgp9ZfHZv4ZEOYL9oHxh2NN
CdQCXww=
=Hgbn
-END PGP SIGNATURE-

--
Click for free info on business schools, $150K/ year potential.
 
http://tagline.hushmail.com/fc/PnY6qxsZgJoEzGwoSheR0lZiwV2oU7O92zSQHsC8LzPC3isaZnbmg/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] US-CERT Current Activity - Malicious Code Circulating via Israel/Hamas Conflict Spam Messages

[n3td3v]

Their PGP keys have expired =)

Sending email to US-CERT

When sending sensitive information to US-CERT via email, we encourage
you to encrypt your messages. US-CERT uses multiple public keys based
upon their purpose. If the purpose of your communication is a cyber
security incident report, vulnerability report, or any other technical
question related to cyber security, please use the following key:

User ID: US-CERT Security Operations Center 
Key ID: B832BE70
Key Type: RSA
Expires: 2009-10-01
Key size: 2048
Fingerprint: 195E 7A9E CCD9 9504 3CA7 E26E 13D4 4840 B832 BE70

Information about other keys can be found on Contacting US-CERT.

&

Receiving publications in email from US-CERT

US-CERT signs the email distribution of all US-CERT publications,
including Cyber Security Alerts, Technical Cyber Security Alerts,
Cyber Security Bulletins and Cyber Security Tips with the following
key:

User ID: US-CERT Publications Key 
Key ID: 0x3E1F88AB
Key Type: RSA
Expires: 2009-10-01
Key Size: 2048
Fingerprint: E0BF 6D0E 88C1 1FFC F93F 571B 7207 9633 3E1F 88AB

http://www.us-cert.gov/pgp/email.html

On Sun, Jan 11, 2009 at 10:29 PM, Chris Wallis  wrote:
> Just got this from US Cert. With what's going on with this list. I fought
> I might share with you all...
>
> With some of the crap on this list lately I really do hope it is spambots...
>
> ~Chris Wallis
>
>
> __
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> US-CERT Current Activity
>
> Malicious Code Circulating via Israel/Hamas Conflict Spam Messages
>
> Original release date: January 9, 2009 at 9:25 am Last revised: January 9,
> 2009 at 9:25 am
>
>
> US-CERT is aware of public reports of malicious code circulating via spam
> email messages related to the Israel/Hamas conflict in Gaza.
> These messages may contain factual information about the conflict and
> appear to come from CNN. Additionally, the messages indicate that
> additional news coverage of the conflict can be viewed by following a link
> provided in the email body. If users click on this link, they are
> redirected to a bogus CNN website that appears to contain a video.
> Users who attempt to view this video will be prompted to update to a new
> version of Adobe Flash Player in order to view the video. This update is
> not a legitimate Adobe Flash Player update; it is malicious code. If users
> download this executable file, malicious code may be installed on their
> systems.
>
> US-CERT encourages users and administrators to take the following
> preventative measures to help mitigate the security risks:
>  * Install antivirus software, and keep the virus signatures up to
>date.
>  * Do not follow unsolicited links and do not open unsolicited email
>messages.
>  * Use caution when visiting untrusted websites.
>  * Use caution when downloading and installing applications.
>  * Obtain software applications and updates directly from the
>vendor's website.
>  * Refer to the Recognizing and Avoiding Email Scams (pdf) document
>for more information on avoiding email scams.
>  * Refer to the Avoiding Social Engineering and Phishing Attacks
>document for more information on social engineering attacks.
>
> Relevant Url(s):
> 
>
> 
>
> 
> This entry is available at
> http://www.us-cert.gov/current/index.html#malware_circulating_via_email_messages
>
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.5 (GNU/Linux)
>
> iQEVAwUBSWdhW3IHljM+H4irAQJcFAgAjGyje+ahBx/YguARXCI1CAYY/5zWoL1s
> Zg5n1Ly+cB3kte8ZgVUoOb2CrHor8HxMhu3kVkD0T4yFpK1UOi9W4ERbe2ntVKGh
> 2nISPXPWOmn9glexc9EnvBBmEUEEv3Uu8m6M5uykUisJMcfje5LVt1I9BtgESqmu
> x9cTWACgciA+wgDHnaspKjxUOFaAy2c4SFBt+S/5FtzU4t43f6CThD4V4b3MO06y
> 2m46lkWe4fJdQBd7tboj0CK+vX7IKtplPzL7VG+L36idn0ZBFwNMAJTiuHSjdEA1
> fvLBMjMm4bBblUet4Mf4oKatkElqLXCZDMdaWJ1JPuCc6Lc5ChEMGQ==
> =PU6L
> -END PGP SIGNATURE-
>
>
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] WTF people?

[waveroad waveroad]

N3td3v other alias spotted.



2009/1/11 

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> i find the surname mcafee to be a turn-on here on the security
> mailing list, mister good hacker:)))
>
> a/s/l?
>
>
> On Sun, 11 Jan 2009 16:49:20 -0500 Will McAfee  commun...@thegoodhacker.com> wrote:
> >I have lurked for some time, and really, this list has become
> >pathetic
> >due to it's hiijacking by two or three trolls with nothing better
> >to
> >do than destroy the relevant signal to noise ratio.  This list is
> >not
> >about MI5, the NSA, or Mossad unless there is something practical
> >to
> >be learned from them.  I do not care about the information war
> >between
> >Russia and Georgia unless it is about the systems used.  Think of
> >this
> >list as like a trade correspondence journal, not a public
> >tackboard.
> >
> >Sent from my iPhone
> >
> >___
> >Full-Disclosure - We believe in it.
> >Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >Hosted and sponsored by Secunia - http://secunia.com/
> -BEGIN PGP SIGNATURE-
> Charset: UTF8
> Version: Hush 3.0
> Note: This signature can be verified at https://www.hushtools.com/verify
>
> wpwEAQMCAAYFAklqcbUACgkQynWwk3/AtyOa+wP/YQJlJsabFMRjU8FEs6V+t4eEwkW0
> QHX6NsZkryCvIgNWKjPjCTq25n/sS8JKr9oKFJybeyhgY9ADMJ94rLspQU6pQetJnfko
> rkmOnzyUOPzXdmBDJH/34qe3K55k8v7f7OeWLu3xosxWP8iWJwQWR2gXF11hELGJKbJ/
> 9Zzisvg=
> =cJJ3
> -END PGP SIGNATURE-
>
> --
> Click for free info on online doctorate degrees and make up to $250k/ year.
>
> http://tagline.hushmail.com/fc/PnY6qxudoSZgDEE0yj7ARzIKdHrLoCs88ZzhzE4rU3tdHkjzM8yso/
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] WTF people?

[Rants nRaves]

If you want to solve the problem, then you and people like you need to:

Step 1: Filter out n3td3v, urleet, etc so you never see their posts or
replies to them. ie: filter the noise Step 2: Post something that you think
is relevant to the list. ie: add to the signal
Step 3: Profit!

Notice there is no step which reads: "Whine and complain about the noise on
the list like a little girl."-  because clearly that's proven not to be
effective.

-Rants

On Sun, Jan 11, 2009 at 1:49 PM, Will McAfee <
sec-commun...@thegoodhacker.com> wrote:

> I have lurked for some time, and really, this list has become pathetic
> due to it's hiijacking by two or three trolls with nothing better to
> do than destroy the relevant signal to noise ratio.  This list is not
> about MI5, the NSA, or Mossad unless there is something practical to
> be learned from them.  I do not care about the information war between
> Russia and Georgia unless it is about the systems used.  Think of this
> list as like a trade correspondence journal, not a public tackboard.
>
> Sent from my iPhone
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



-- 
- Rants
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] US-CERT Current Activity - Malicious Code Circulating via Israel/Hamas Conflict Spam Messages

[Chris Wallis]

Just got this from US Cert. With what's going on with this list. I fought
I might share with you all...

With some of the crap on this list lately I really do hope it is spambots...

~Chris Wallis


__
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

US-CERT Current Activity

Malicious Code Circulating via Israel/Hamas Conflict Spam Messages

Original release date: January 9, 2009 at 9:25 am Last revised: January 9,
2009 at 9:25 am


US-CERT is aware of public reports of malicious code circulating via spam
email messages related to the Israel/Hamas conflict in Gaza.
These messages may contain factual information about the conflict and
appear to come from CNN. Additionally, the messages indicate that
additional news coverage of the conflict can be viewed by following a link
provided in the email body. If users click on this link, they are
redirected to a bogus CNN website that appears to contain a video.
Users who attempt to view this video will be prompted to update to a new
version of Adobe Flash Player in order to view the video. This update is
not a legitimate Adobe Flash Player update; it is malicious code. If users
download this executable file, malicious code may be installed on their
systems.

US-CERT encourages users and administrators to take the following
preventative measures to help mitigate the security risks:
  * Install antivirus software, and keep the virus signatures up to
date.
  * Do not follow unsolicited links and do not open unsolicited email
messages.
  * Use caution when visiting untrusted websites.
  * Use caution when downloading and installing applications.
  * Obtain software applications and updates directly from the
vendor's website.
  * Refer to the Recognizing and Avoiding Email Scams (pdf) document
for more information on avoiding email scams.
  * Refer to the Avoiding Social Engineering and Phishing Attacks
document for more information on social engineering attacks.

Relevant Url(s):





This entry is available at
http://www.us-cert.gov/current/index.html#malware_circulating_via_email_messages

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBSWdhW3IHljM+H4irAQJcFAgAjGyje+ahBx/YguARXCI1CAYY/5zWoL1s
Zg5n1Ly+cB3kte8ZgVUoOb2CrHor8HxMhu3kVkD0T4yFpK1UOi9W4ERbe2ntVKGh
2nISPXPWOmn9glexc9EnvBBmEUEEv3Uu8m6M5uykUisJMcfje5LVt1I9BtgESqmu
x9cTWACgciA+wgDHnaspKjxUOFaAy2c4SFBt+S/5FtzU4t43f6CThD4V4b3MO06y
2m46lkWe4fJdQBd7tboj0CK+vX7IKtplPzL7VG+L36idn0ZBFwNMAJTiuHSjdEA1
fvLBMjMm4bBblUet4Mf4oKatkElqLXCZDMdaWJ1JPuCc6Lc5ChEMGQ==
=PU6L
-END PGP SIGNATURE-




___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] WTF people?

[sexyazngrl69]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

i find the surname mcafee to be a turn-on here on the security
mailing list, mister good hacker:)))

a/s/l?


On Sun, 11 Jan 2009 16:49:20 -0500 Will McAfee  wrote:
>I have lurked for some time, and really, this list has become
>pathetic
>due to it's hiijacking by two or three trolls with nothing better
>to
>do than destroy the relevant signal to noise ratio.  This list is
>not
>about MI5, the NSA, or Mossad unless there is something practical
>to
>be learned from them.  I do not care about the information war
>between
>Russia and Georgia unless it is about the systems used.  Think of
>this
>list as like a trade correspondence journal, not a public
>tackboard.
>
>Sent from my iPhone
>
>___
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
-BEGIN PGP SIGNATURE-
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQMCAAYFAklqcbUACgkQynWwk3/AtyOa+wP/YQJlJsabFMRjU8FEs6V+t4eEwkW0
QHX6NsZkryCvIgNWKjPjCTq25n/sS8JKr9oKFJybeyhgY9ADMJ94rLspQU6pQetJnfko
rkmOnzyUOPzXdmBDJH/34qe3K55k8v7f7OeWLu3xosxWP8iWJwQWR2gXF11hELGJKbJ/
9Zzisvg=
=cJJ3
-END PGP SIGNATURE-

--
Click for free info on online doctorate degrees and make up to $250k/ year.
 
http://tagline.hushmail.com/fc/PnY6qxudoSZgDEE0yj7ARzIKdHrLoCs88ZzhzE4rU3tdHkjzM8yso/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] [SECURITY] [DSA 1700-1] New lasso packages fix validation bypass

[Moritz Muehlenhoff]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

- 
Debian Security Advisory DSA-1700-1  secur...@debian.org
http://www.debian.org/security/   Moritz Muehlenhoff
January 11, 2009  http://www.debian.org/security/faq
- 

Package: lasso
Vulnerability  : incorrect API usage
Problem type   : local(remote)
Debian-specific: no
CVE Id(s)  : CVE-2009-0050
Debian Bug : 511262

It was discovered that Lasso, a library for Liberty Alliance and SAML
protocols performs incorrect validation of the return value of OpenSSL's
DSA_verify() function.

For the stable distribution (etch), this problem has been fixed in
version 0.6.5-3+etch1.

For the upcoming stable distribution (lenny) and the unstable
distribution (sid), this problem has been fixed in version 2.2.1-2.

We recommend that you upgrade your lasso package.

Upgrade instructions
- 

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- ---

Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, 
mipsel, powerpc, s390 and sparc.

Source archives:

  
http://security.debian.org/pool/updates/main/l/lasso/lasso_0.6.5-3+etch1.diff.gz
Size/MD5 checksum: 7571 1795008d78e35b8e3a098e5f72fabe68
  http://security.debian.org/pool/updates/main/l/lasso/lasso_0.6.5.orig.tar.gz
Size/MD5 checksum:  1420093 6263375e5910577258a04882b50d58cd
  http://security.debian.org/pool/updates/main/l/lasso/lasso_0.6.5-3+etch1.dsc
Size/MD5 checksum: 1149 a2975d5f40cc77b4416189c91b640626

alpha architecture (DEC Alpha)

  
http://security.debian.org/pool/updates/main/l/lasso/python-lasso_0.6.5-3+etch1_alpha.deb
Size/MD5 checksum:   188988 52db78dd66b6ee7af8e952423a5bae69
  
http://security.debian.org/pool/updates/main/l/lasso/liblasso-java_0.6.5-3+etch1_alpha.deb
Size/MD5 checksum:   202066 25f98352704c905d0ec9e50a876eca5b
  
http://security.debian.org/pool/updates/main/l/lasso/liblasso3-dev_0.6.5-3+etch1_alpha.deb
Size/MD5 checksum:   243412 7f7cc9c581abcb282255437e0347a4a5
  
http://security.debian.org/pool/updates/main/l/lasso/php4-lasso_0.6.5-3+etch1_alpha.deb
Size/MD5 checksum:   199052 7846d19823e3f0f3920e225565612241
  
http://security.debian.org/pool/updates/main/l/lasso/liblasso3_0.6.5-3+etch1_alpha.deb
Size/MD5 checksum:   102330 3162bda7c4114d1077de147f74fedca2

amd64 architecture (AMD x86_64 (AMD64))

  
http://security.debian.org/pool/updates/main/l/lasso/liblasso-java_0.6.5-3+etch1_amd64.deb
Size/MD5 checksum:   190932 9d0ad6de3244a13c21ffd9c9f84c84cb
  
http://security.debian.org/pool/updates/main/l/lasso/liblasso3_0.6.5-3+etch1_amd64.deb
Size/MD5 checksum:96332 3826a242c6c8d970d16947da4f9ebad8
  
http://security.debian.org/pool/updates/main/l/lasso/python-lasso_0.6.5-3+etch1_amd64.deb
Size/MD5 checksum:   197730 2df1a9f5846da409446cf2fe639fdd18
  
http://security.debian.org/pool/updates/main/l/lasso/liblasso3-dev_0.6.5-3+etch1_amd64.deb
Size/MD5 checksum:   181050 33a215818d3127efe4783f6450a65e38
  
http://security.debian.org/pool/updates/main/l/lasso/php4-lasso_0.6.5-3+etch1_amd64.deb
Size/MD5 checksum:   203192 7bf3acad905bc1d1d3db1dc6a2376fb2

arm architecture (ARM)

  
http://security.debian.org/pool/updates/main/l/lasso/python-lasso_0.6.5-3+etch1_arm.deb
Size/MD5 checksum:   160002 98cd9c31a9c5cc6e2d00af6994df275f
  
http://security.debian.org/pool/updates/main/l/lasso/php4-lasso_0.6.5-3+etch1_arm.deb
Size/MD5 checksum:   170136 ffdf6a636e0976dc2453c3c4cdde6148
  
http://security.debian.org/pool/updates/main/l/lasso/liblasso3_0.6.5-3+etch1_arm.deb
Size/MD5 checksum:79320 b7e55e0058211a978b081d34200b6dd2
  
http://security.debian.org/pool/updates/main/l/lasso/liblasso-java_0.6.5-3+etch1_arm.deb
Size/MD5 checksum:   171604 20252678b9734a661bb9d1de85bcc19f
  
http://security.debian.org/pool/updates/main/l/lasso/liblasso3-dev_0.6.5-3+etch1_arm.deb
Size/MD5 checksum:   162136 27d611c443da457449aae51e1886d850

hppa architecture (HP PA RISC)

  
http://security.debian.org/pool/updates/main/l/lasso/python-lasso_0.6.5-3+etch1_hppa.deb
Size/MD5 checksum:   205932 81450e57634addeaf1184fbd22e77e8a
  
http://security.debian.org/pool/updates/main/l/lasso/php4-lasso_0.6.5-3+etch1_hppa.deb
Size/MD5 checksum:   196804 115fb72d48047215dde67725977f4776
  
http://security.debian.org/pool/updates/main/l/lasso/liblasso3_0.6.5-3+etch1_hppa.d

[Full-disclosure] WTF people?

[Will McAfee]

I have lurked for some time, and really, this list has become pathetic  
due to it's hiijacking by two or three trolls with nothing better to  
do than destroy the relevant signal to noise ratio.  This list is not  
about MI5, the NSA, or Mossad unless there is something practical to  
be learned from them.  I do not care about the information war between  
Russia and Georgia unless it is about the systems used.  Think of this  
list as like a trade correspondence journal, not a public tackboard.

Sent from my iPhone

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Full Disclosure of What ?

[Mercury Vapour]

And SERIAL KILLERS, too?  *giggle*

On Sun, Jan 11, 2009 at 8:20 AM,  wrote:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> hiya:
>
> On Sat, 10 Jan 2009 21:24:40 -0500 Gomer Stackseg
>  wrote:
> >G'day to the FD list:
>
> g'day to you too<3
>
> >I find the interplay between netdev and ureleet to be a defining
> >element of inanity, misanthropy and sheer waste of bandwidth.  Who
> >cares about the pissing between what appears to be two colossal
> >noise
> >generating clowns ?
>
> /me *giggles* and loves n3td3v
>
> :))
> -BEGIN PGP SIGNATURE-
> Charset: UTF8
> Version: Hush 3.0
> Note: This signature can be verified at https://www.hushtools.com/verify
>
> wpwEAQMCAAYFAklqHGQACgkQynWwk3/AtyOh8wP/cORU7iy80FZ6T85VogkFnowrwLAT
> O3ucTMYxVDbU0LMU+jHTJyeMkQI/GBpVA2Hk43eUkk0pQ4ebiNsSFcv6Vx0yVmqltgNd
> qUsOtLRV9OGC1gtglDrmiKmwSdwOxZO0Y/H5ry1Ps2ZLR3dAfhpZlXXe48Q7bpKNtjwh
> KDjQP6k=
> =XHKI
> -END PGP SIGNATURE-
>
> --
> Click for free info on online masters degrees and make up to $150K/ year
>
> http://tagline.hushmail.com/fc/PnY6qxtpjYl3OpqOwoCiWdrStDDVtxz04lCOZn3MYTFsovqw5Nxck/
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



-- 
- Scott

Ex Nihilo Nihil
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Full Disclosure of What ?

[Gomer Stackseg]

G'day Andrew / netdev:

In all fairness, you have to ask yourself a few honest questions:

1.)  Why do you think people mistreat you?
2.)  Do you think that you belong on a list where security and
vulnerability researchers share "intelligence"?
3.)  Who are you really? (I mean brutally honestly: Who are you?)
4.)  Do you _really_ work for _any_ intelligence agency ?
5.)  Can you see why people would resent you for implying something
that you are something that in most probability you are not?
6.)  Do you see why people (including myself) see you a basement captive?
7.)  Do you use drugs ?

Actually I could go on but I will not.  My final question to you is this:

Do you think I am out to get you?

In honesty all I know about you is the posts from this list that go
back about four years.  I don't know Andrew Wallace at all.  I do
honestly think that you enjoy trolling, and you need the attention.
Are you a bad person?  Probably not.  Everyone has something to hide,
and everyone has skeletons in the closet.  I don't think people are
against you, but they are against the way you conduct yourself.  Why
don't you try to be honest with yourself, and see how people respond.

You can start by issuing a statement about your involvement with an
intelligence agency.  Just say if you are or are not.  What could it
hurt?

Do you see why researchers with engineering backgrounds, programmers
with 20+ years of solid high and low level languages see you as a dust
mite?

Up the ante, man.  Get honest with yourself and carry on in a way that
people could actually gain respect for you instead of resenting you.
Do you think that is at all possible?

> All I can do is keep going and wait for their balls to drop then
> they'll realise i'm a real person who isn't delusional

What does this mean?  You wait for someone to make an error in
judgment then you appear as a deity for all to bow down to?  Do you in
any way see that this statement is cause for derision?  This came from
your hand, not you detractors.

Does any of this make any sense?

Cheers and best wishes for all !

G. Stackseg


On 1/10/09, n3td3v  wrote:
> On Sun, Jan 11, 2009 at 2:24 AM, Gomer Stackseg
>  wrote:
>> G'day to the FD list:
>>
>> Security and vulnerability research ?  It would really be of great
>> benefit to turn this list into something more than it currently is.
>> There is a wealth of very intelligent, creative and humourous people
>> who post to this list, and I enjoy what they have to say but there is
>> a lot of repetitive tedium.  There is also a wealth of stupidity that
>> shifts the fulcrum from center.
>>
>> I find the interplay between netdev and ureleet to be a defining
>> element of inanity, misanthropy and sheer waste of bandwidth.  Who
>> cares about the pissing between what appears to be two colossal noise
>> generating clowns ?  I know this will piss someone off and I'll look
>> forward to the high-end feedback I will receive.  I am not _trolling_
>> but making clear a premise to get back to what this list is about.
>> Maybe there are others who are in the security arena who feel the
>> same, who believe in full disclosure, and are professionals with
>> professional reputations and (significant) contributions to the
>> security and vulnerability research world.  Blackhats, Whitehats and
>> Grayhats all have something of great value to contribute when
>> presented in an intelligent environment.
>>
>> I am mystified by this omnipresent Andrew Wallace / netdev persona.
>> You say you will "go away" (for the betterment of all) then you come
>> right back like a spoiled child.  What an infantile personality. I
>> hope you realize that you absolutely foster the whole "living in your
>> mother's basement" scenario.   I have always believed strongly that
>> there are certain people who are placed on earth as examples to others
>> of what never to become. This person fills that requirement in a
>> superlative fashion.  What an idiot to make statements about working
>> for an intelligence agency in an abysmal effort to inflate his
>> (absence of) self-worth.  What a pathetic and delusional psychological
>> profile this presents.  Again, this is the play of a little baby in a
>> little baby's world order, where he commands an army of 4500 straw
>> sycophants who are transfixed at his elemental presence.
>>
>> In any event, I hope that an attitude that fosters learning and
>> intelligent discussion will eclipse the "security cut-and-paste
>> carnival" attitude I see that prevails.  Although I see this
>> attenuated when the threats of being sued arose.  What an epically
>> funny thread that was !
>>
>> But in the mean time, please continue to rant about the trivial and
>> cut-and-paste / link current events for us, and speak of "secret
>> intelligence agent" escapades  I think there is hope that this will
>> change when people get serious about a profoundly serious topic that
>> affects everyone.
>>
>> Cheers to all !
>>
>> Gomer Stackseg
>
> I don't

Re: [Full-disclosure] Why are you against n3td3v?

[sexyazngrl69]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

hehe are you trolling me?  *giggle*

On Sun, 11 Jan 2009 15:08:38 -0500 j-f sentier
 wrote:
>> sexyazngrl69 is definitely someone that loves not hates n3td3v.
>http://www.xanga.com/guestbook.aspx?user=seXyazNgRl69
>
>i can understand that ;)
>
>2009/1/11 
>
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> that has never been an acceptable definition for everyone.
>>
>> *hugs*
>>
>> On Sun, 11 Jan 2009 15:04:33 -0500 j-f sentier
>>  wrote:
>> >>>So you have to ask yourself this simple question :
>> >>>Why everyone hates you ?
>> >
>> >>sexyazngrl69 is definitely someone that loves not hates
>n3td3v.
>> >>you're understanding of "everyone" is off.
>> >
>> >In this case, everyone means a majority.
>> -BEGIN PGP SIGNATURE-
>> Charset: UTF8
>> Note: This signature can be verified at
>https://www.hushtools.com/verify
>> Version: Hush 3.0
>>
>>
>wpwEAQMCAAYFAklqUUYACgkQynWwk3/AtyN1mgP/UPRf6jpjBkmTNxLIMFr6VFVb/ef
>O
>>
>tBzCOen6wcZGHvcBaYY9KkjcY35PxDXC4BxVf+x/imXhHlbDG58upi7jVlCekbQ1aV7
>x
>>
>R1wiRBk4vYgrpVmh1H/VEggFg/hG6vEy74hFs0RyTZJUnRBJ9gqux8skyukR+cJZqDB
>k
>> olmE90U=
>> =dXNa
>> -END PGP SIGNATURE-
>>
>> --
>> Click for free info on online doctorate degrees and make up to
>$250k/ year.
>>
>>
>http://tagline.hushmail.com/fc/PnY6qxudoSFWWlqpoHjO4HGwW4SZPe5sKkbc
>HbM4hGzaGY7qf0aoh/
>>
>>
-BEGIN PGP SIGNATURE-
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQMCAAYFAklqUrAACgkQynWwk3/AtyOeywP9F/HCBknctD6YxEdyHT7ULvXZsd+2
beta4bocCMLXnRu62t4B/yL77Qy06odmpSMLhGAcMqfrCdgiUAzzXzO1ueyJRNrF0O4x
hET0qazDV32htaucXJlq1GtfC/bNqX9rxjr99Hx4fN1VwYjU713sW+xkh8rIzMWHDN7G
0CiJodU=
=02lt
-END PGP SIGNATURE-

--
Click for free info on online doctorate degrees and make up to $250k/ year.
 
http://tagline.hushmail.com/fc/PnY6qxudoR56fpkWS1cmihX1LC5fQ0wT2FECRDgTl5N00yXKJd21C/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Why are you against n3td3v?

[j-f sentier]

> sexyazngrl69 is definitely someone that loves not hates n3td3v.
http://www.xanga.com/guestbook.aspx?user=seXyazNgRl69

i can understand that ;)

2009/1/11 

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> that has never been an acceptable definition for everyone.
>
> *hugs*
>
> On Sun, 11 Jan 2009 15:04:33 -0500 j-f sentier
>  wrote:
> >>>So you have to ask yourself this simple question :
> >>>Why everyone hates you ?
> >
> >>sexyazngrl69 is definitely someone that loves not hates n3td3v.
> >>you're understanding of "everyone" is off.
> >
> >In this case, everyone means a majority.
> -BEGIN PGP SIGNATURE-
> Charset: UTF8
> Note: This signature can be verified at https://www.hushtools.com/verify
> Version: Hush 3.0
>
> wpwEAQMCAAYFAklqUUYACgkQynWwk3/AtyN1mgP/UPRf6jpjBkmTNxLIMFr6VFVb/efO
> tBzCOen6wcZGHvcBaYY9KkjcY35PxDXC4BxVf+x/imXhHlbDG58upi7jVlCekbQ1aV7x
> R1wiRBk4vYgrpVmh1H/VEggFg/hG6vEy74hFs0RyTZJUnRBJ9gqux8skyukR+cJZqDBk
> olmE90U=
> =dXNa
> -END PGP SIGNATURE-
>
> --
> Click for free info on online doctorate degrees and make up to $250k/ year.
>
> http://tagline.hushmail.com/fc/PnY6qxudoSFWWlqpoHjO4HGwW4SZPe5sKkbcHbM4hGzaGY7qf0aoh/
>
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Why are you against n3td3v?

[sexyazngrl69]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

that has never been an acceptable definition for everyone.

*hugs*

On Sun, 11 Jan 2009 15:04:33 -0500 j-f sentier
 wrote:
>>>So you have to ask yourself this simple question :
>>>Why everyone hates you ?
>
>>sexyazngrl69 is definitely someone that loves not hates n3td3v.
>>you're understanding of "everyone" is off.
>
>In this case, everyone means a majority.
-BEGIN PGP SIGNATURE-
Charset: UTF8
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 3.0

wpwEAQMCAAYFAklqUUYACgkQynWwk3/AtyN1mgP/UPRf6jpjBkmTNxLIMFr6VFVb/efO
tBzCOen6wcZGHvcBaYY9KkjcY35PxDXC4BxVf+x/imXhHlbDG58upi7jVlCekbQ1aV7x
R1wiRBk4vYgrpVmh1H/VEggFg/hG6vEy74hFs0RyTZJUnRBJ9gqux8skyukR+cJZqDBk
olmE90U=
=dXNa
-END PGP SIGNATURE-

--
Click for free info on online doctorate degrees and make up to $250k/ year.
 
http://tagline.hushmail.com/fc/PnY6qxudoSFZYvmd7IcNarXqt0AILwABDeRPy1cZnbfHQQ45aagn2/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Why are you against n3td3v?

[j-f sentier]

 >>So you have to ask yourself this simple question :
>>Why everyone hates you ?

>sexyazngrl69 is definitely someone that loves not hates n3td3v.
>you're understanding of "everyone" is off.

In this case, everyone means a majority.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Why are you against n3td3v?

[sexyazngrl69]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

hey sweetie,

On Sun, 11 Jan 2009 13:23:12 -0500 j-f sentier
 wrote:
>So you have to ask yourself this simple question :
>Why everyone hates you ?

sexyazngrl69 is definitely someone that loves not hates n3td3v.
you're understanding of "everyone" is off.

>Why you ?

no you why you?
>>

*blushes*

-BEGIN PGP SIGNATURE-
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQMCAAYFAklqTfMACgkQynWwk3/AtyPCmwP/SFRVlvoil+vHNkoP3oYj2tOYD/2S
iS3aU9kwNCDZQIq9vwVpUeZDSVBSFpa2yvhPOELi48qx7m3eU8Yg8H6rbazWAHLA92QV
SdQDJuGHaMerWfs5cxumxBm3X9IcaXCemLPnnp1b9afiHcAdM5kkGgl7NXEzCpsEpsTQ
61BM2IA=
=SImy
-END PGP SIGNATURE-

--
Click here to increase your salary by earning an online degree.
 
http://tagline.hushmail.com/fc/PnY6qxtpfWeTirBzHdcSxcHBfXFZEKHtrbgjG9oDkYbTFRadDSqRS/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Why are you against n3td3v?

[andrew . wallace]

On Sun, Jan 11, 2009 at 6:41 PM,   wrote:
> On Sun, 11 Jan 2009 18:14:36 GMT, you said:
>
>> I'm not clueless on this list everything I say is pretty accurate.
>
> Go back and re-read every post you've written lately that contains the strings
> 'MI5' or 'Mossad', and ponder how the rest of us see it.


Trolls target people they know they can get a reaction out of thats
why they target me, you're turning increasingly into one Valdis.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Why are you against n3td3v?

[Valdis . Kletnieks]

On Sun, 11 Jan 2009 18:14:36 GMT, you said:

> I'm not clueless on this list everything I say is pretty accurate.

Go back and re-read every post you've written lately that contains the strings
'MI5' or 'Mossad', and ponder how the rest of us see it.


pgpUJPUvZNX5n.pgp
Description: PGP signature
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] [ GLSA 200901-06 ] Tremulous: User-assisted execution of arbitrary code

[Pierre-Yves Rofes]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory   GLSA 200901-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
  http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
   Title: Tremulous: User-assisted execution of arbitrary code
Date: January 11, 2009
Bugs: #222119
  ID: 200901-06

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis


A buffer overflow vulnerability has been discovered in Tremulous.

Background
==

Tremulous is a team-based First Person Shooter game.

Affected packages
=

  ---
   Package  /  Vulnerable  /  Unaffected
  ---
1  games-fps/tremulous < 1.1.0-r2>= 1.1.0-r2
2  games-fps/tremulous-bin   < 1.1.0 Vulnerable!
  ---
   NOTE: Certain packages are still vulnerable. Users should migrate
 to another package if one is available or wait for the
 existing packages to be marked stable by their
 architecture maintainers.
  ---
   2 affected packages on all of their supported architectures.
  ---

Description
===

It has been reported that Tremulous includes a vulnerable version of
the ioQuake3 engine (GLSA 200605-12, CVE-2006-2236).

Impact
==

A remote attacker could entice a user to connect to a malicious games
server, possibly resulting in the execution of arbitrary code with the
privileges of the user running the application.

Workaround
==

There is no known workaround at this time.

Resolution
==

Tremulous users should upgrade to the latest version:

   # emerge --sync
   # emerge --ask --oneshot --verbose ">=games-fps/tremulous-1.1.0-r2"

Note: The binary version of Tremulous has been removed from the Portage
tree.

References
==

[ 1 ] CVE-2006-2236
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2236
[ 2 ] GLSA 200605-12
  http://www.gentoo.org/security/en/glsa/glsa-200605-12.xml

Availability


This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200901-06.xml

Concerns?
=

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
secur...@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.

License
===

Copyright 2009 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5





signature.asc
Description: OpenPGP digital signature
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Why are you against n3td3v?

[andrew . wallace]

You don't know everyone, you only know the other *actual* trolls you
social with on full-disclosure and have grouped up with to cause
trouble against me.

On Sun, Jan 11, 2009 at 6:23 PM, j-f sentier  wrote:
> So you have to ask yourself this simple question :
> Why everyone hates you ?
> Why you ?
>
>
>
>
>
> 2009/1/11 andrew. wallace 
>>
>> Defending myself against *actual* trolls like you.
>>
>> On Sun, Jan 11, 2009 at 6:15 PM, j-f sentier  wrote:
>> > LOL, if someone is ruining FD it's you with these kind of stupid post
>> > twice
>> > a day :
>> > "Why are you against n3td3v?",
>> > "They don't realise I might work for MI5",
>> > "Full-Disclosure wouldn't let me post this message",
>> > "n3td3v is big in the security community protecting the UK against the
>> > threats.",
>> > etc
>> >
>> >
>> >
>> >
>> > 2009/1/11 andrew. wallace 
>> >>
>> >> Keep trolling it will do you no good, you didn't read what I initially
>> >> said "back off now not only are you not making
>> >> any difference to me but you are only ruining the full-disclosure
>> >> mailing list by the constant back and forward arguing thats going on"
>> >>
>> >> On Sun, Jan 11, 2009 at 6:00 PM, j-f sentier 
>> >> wrote:
>> >> > i'm just tired as many here, to see you spamming shit around.
>> >> > You said, you will leave, and as a kid, you came back  5 days later,
>> >> > so let me guess:
>> >> > - your mailing-list is annoying ?
>> >> > - you went out of crack for a week ?
>> >> >
>> >> > 2009/1/11 andrew. wallace 
>> >> >>
>> >> >> Another *actual* troll I forgot to mention...
>> >> >>
>> >> >> On Sun, Jan 11, 2009 at 5:32 PM, j-f sentier 
>> >> >> wrote:
>> >> >> > You're a troll bitch, stop sniffing crack you loose your memory, i
>> >> >> > guess
>> >> >> > someone should make an wikipedia entry or something, just to
>> >> >> > remind
>> >> >> > you
>> >> >> > what
>> >> >> > kind of piece of shit you are.
>> >> >> >
>> >> >> > Now you see that no one likes you here, so stop crying on such
>> >> >> > useless
>> >> >> > topics as this one, and get the fuck out.
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> > ___
>> >> >> > Full-Disclosure - We believe in it.
>> >> >> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> >> > Hosted and sponsored by Secunia - http://secunia.com/
>> >> >> >
>> >> >
>> >> >
>> >> > ___
>> >> > Full-Disclosure - We believe in it.
>> >> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> > Hosted and sponsored by Secunia - http://secunia.com/
>> >> >
>> >
>> >
>> > ___
>> > Full-Disclosure - We believe in it.
>> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> > Hosted and sponsored by Secunia - http://secunia.com/
>> >
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Why are you against n3td3v?

[j-f sentier]

So you have to ask yourself this simple question :
Why everyone hates you ?
Why you ?





2009/1/11 andrew. wallace 

> Defending myself against *actual* trolls like you.
>
> On Sun, Jan 11, 2009 at 6:15 PM, j-f sentier  wrote:
> > LOL, if someone is ruining FD it's you with these kind of stupid post
> twice
> > a day :
> > "Why are you against n3td3v?",
> > "They don't realise I might work for MI5",
> > "Full-Disclosure wouldn't let me post this message",
> > "n3td3v is big in the security community protecting the UK against the
> > threats.",
> > etc
> >
> >
> >
> >
> > 2009/1/11 andrew. wallace 
> >>
> >> Keep trolling it will do you no good, you didn't read what I initially
> >> said "back off now not only are you not making
> >> any difference to me but you are only ruining the full-disclosure
> >> mailing list by the constant back and forward arguing thats going on"
> >>
> >> On Sun, Jan 11, 2009 at 6:00 PM, j-f sentier 
> wrote:
> >> > i'm just tired as many here, to see you spamming shit around.
> >> > You said, you will leave, and as a kid, you came back  5 days later,
> >> > so let me guess:
> >> > - your mailing-list is annoying ?
> >> > - you went out of crack for a week ?
> >> >
> >> > 2009/1/11 andrew. wallace 
> >> >>
> >> >> Another *actual* troll I forgot to mention...
> >> >>
> >> >> On Sun, Jan 11, 2009 at 5:32 PM, j-f sentier 
> >> >> wrote:
> >> >> > You're a troll bitch, stop sniffing crack you loose your memory, i
> >> >> > guess
> >> >> > someone should make an wikipedia entry or something, just to remind
> >> >> > you
> >> >> > what
> >> >> > kind of piece of shit you are.
> >> >> >
> >> >> > Now you see that no one likes you here, so stop crying on such
> >> >> > useless
> >> >> > topics as this one, and get the fuck out.
> >> >> >
> >> >> >
> >> >> >
> >> >> > ___
> >> >> > Full-Disclosure - We believe in it.
> >> >> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> >> > Hosted and sponsored by Secunia - http://secunia.com/
> >> >> >
> >> >
> >> >
> >> > ___
> >> > Full-Disclosure - We believe in it.
> >> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> > Hosted and sponsored by Secunia - http://secunia.com/
> >> >
> >
> >
> > ___
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Why are you against n3td3v?

[andrew . wallace]

Defending myself against *actual* trolls like you.

On Sun, Jan 11, 2009 at 6:15 PM, j-f sentier  wrote:
> LOL, if someone is ruining FD it's you with these kind of stupid post twice
> a day :
> "Why are you against n3td3v?",
> "They don't realise I might work for MI5",
> "Full-Disclosure wouldn't let me post this message",
> "n3td3v is big in the security community protecting the UK against the
> threats.",
> etc
>
>
>
>
> 2009/1/11 andrew. wallace 
>>
>> Keep trolling it will do you no good, you didn't read what I initially
>> said "back off now not only are you not making
>> any difference to me but you are only ruining the full-disclosure
>> mailing list by the constant back and forward arguing thats going on"
>>
>> On Sun, Jan 11, 2009 at 6:00 PM, j-f sentier  wrote:
>> > i'm just tired as many here, to see you spamming shit around.
>> > You said, you will leave, and as a kid, you came back  5 days later,
>> > so let me guess:
>> > - your mailing-list is annoying ?
>> > - you went out of crack for a week ?
>> >
>> > 2009/1/11 andrew. wallace 
>> >>
>> >> Another *actual* troll I forgot to mention...
>> >>
>> >> On Sun, Jan 11, 2009 at 5:32 PM, j-f sentier 
>> >> wrote:
>> >> > You're a troll bitch, stop sniffing crack you loose your memory, i
>> >> > guess
>> >> > someone should make an wikipedia entry or something, just to remind
>> >> > you
>> >> > what
>> >> > kind of piece of shit you are.
>> >> >
>> >> > Now you see that no one likes you here, so stop crying on such
>> >> > useless
>> >> > topics as this one, and get the fuck out.
>> >> >
>> >> >
>> >> >
>> >> > ___
>> >> > Full-Disclosure - We believe in it.
>> >> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> > Hosted and sponsored by Secunia - http://secunia.com/
>> >> >
>> >
>> >
>> > ___
>> > Full-Disclosure - We believe in it.
>> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> > Hosted and sponsored by Secunia - http://secunia.com/
>> >
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Why are you against n3td3v?

[j-f sentier]

LOL, if someone is ruining FD it's you with these kind of stupid post twice
a day :
"Why are you against n3td3v?",
"They don't realise I might work for MI5",
"Full-Disclosure wouldn't let me post this message",
"n3td3v is big in the security community protecting the UK against the
threats.",
etc





2009/1/11 andrew. wallace 

> Keep trolling it will do you no good, you didn't read what I initially
> said "back off now not only are you not making
> any difference to me but you are only ruining the full-disclosure
> mailing list by the constant back and forward arguing thats going on"
>
> On Sun, Jan 11, 2009 at 6:00 PM, j-f sentier  wrote:
> > i'm just tired as many here, to see you spamming shit around.
> > You said, you will leave, and as a kid, you came back  5 days later,
> > so let me guess:
> > - your mailing-list is annoying ?
> > - you went out of crack for a week ?
> >
> > 2009/1/11 andrew. wallace 
> >>
> >> Another *actual* troll I forgot to mention...
> >>
> >> On Sun, Jan 11, 2009 at 5:32 PM, j-f sentier 
> wrote:
> >> > You're a troll bitch, stop sniffing crack you loose your memory, i
> guess
> >> > someone should make an wikipedia entry or something, just to remind
> you
> >> > what
> >> > kind of piece of shit you are.
> >> >
> >> > Now you see that no one likes you here, so stop crying on such useless
> >> > topics as this one, and get the fuck out.
> >> >
> >> >
> >> >
> >> > ___
> >> > Full-Disclosure - We believe in it.
> >> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> > Hosted and sponsored by Secunia - http://secunia.com/
> >> >
> >
> >
> > ___
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Why are you against n3td3v?

[andrew . wallace]

On Sun, Jan 11, 2009 at 5:54 PM,   wrote:
> On Sun, 11 Jan 2009 17:09:58 GMT, you said:
>
>> I'm not a troll and only serious researchers are subscribed to the
>> n3td3v mailing list group.
>
> What does the following read like?  A serious researcher? Or a troll/idiot?

You're doing yourself no good Valdis calling me an idiot you will only
lose your own resolve.

> ---
> Subject: Re: [Full-Disclosure] Why is IRC still around?
> Date: Mon, 22 Nov 2004 17:40:54 +
> To: full-disclos...@lists.netsys.com
>
> Vord from the in-famous script kiddie channel #hackphreak!! omg, thats
> the biggest no credibility lamer channel ever.
>
> Its channels like #hackphreak which give IRC a bad name, the exact
> reason this thread started probably!!
>
> Vord, go back to #hackphreak kiddo.
> ---
>
> Oh, and if you can't remember, it was From: n3td3v 

There is nothing there that anyone with a clue would disagree with.

>
>> I have and I see me saying things that people thought I was saying to
>> get a reaction when they are actually real things that are going on
>> and my actual opinion on things.
>
> Unfortunately for your reputation, that's quite close to "No, I'm not a troll,
> I really had such stupid opinions on things".
>
> >From there, it's just a short jump to "He's consistently clueless on *this*
> list - if he actually *has* 4500 people on another list, he's either equally
> clueless there and people read it for the humor value, or he's actually
> intelligent there - in which case he's a troll playing an idiot here".

I'm not clueless on this list everything I say is pretty accurate.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Why are you against n3td3v?

[andrew . wallace]

Keep trolling it will do you no good, you didn't read what I initially
said "back off now not only are you not making
any difference to me but you are only ruining the full-disclosure
mailing list by the constant back and forward arguing thats going on"

On Sun, Jan 11, 2009 at 6:00 PM, j-f sentier  wrote:
> i'm just tired as many here, to see you spamming shit around.
> You said, you will leave, and as a kid, you came back  5 days later,
> so let me guess:
> - your mailing-list is annoying ?
> - you went out of crack for a week ?
>
> 2009/1/11 andrew. wallace 
>>
>> Another *actual* troll I forgot to mention...
>>
>> On Sun, Jan 11, 2009 at 5:32 PM, j-f sentier  wrote:
>> > You're a troll bitch, stop sniffing crack you loose your memory, i guess
>> > someone should make an wikipedia entry or something, just to remind you
>> > what
>> > kind of piece of shit you are.
>> >
>> > Now you see that no one likes you here, so stop crying on such useless
>> > topics as this one, and get the fuck out.
>> >
>> >
>> >
>> > ___
>> > Full-Disclosure - We believe in it.
>> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> > Hosted and sponsored by Secunia - http://secunia.com/
>> >
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Why are you against n3td3v?

[j-f sentier]

i'm just tired as many here, to see you spamming shit around.
You said, you will leave, and as a kid, you came back  5 days later,
so let me guess:
- your mailing-list is annoying ?
- you went out of crack for a week ?


2009/1/11 andrew. wallace 

> Another *actual* troll I forgot to mention...
>
> On Sun, Jan 11, 2009 at 5:32 PM, j-f sentier  wrote:
> > You're a troll bitch, stop sniffing crack you loose your memory, i guess
> > someone should make an wikipedia entry or something, just to remind you
> what
> > kind of piece of shit you are.
> >
> > Now you see that no one likes you here, so stop crying on such useless
> > topics as this one, and get the fuck out.
> >
> >
> >
> > ___
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Why are you against n3td3v?

[Valdis . Kletnieks]

On Sun, 11 Jan 2009 17:09:58 GMT, you said:

> I'm not a troll and only serious researchers are subscribed to the
> n3td3v mailing list group.

What does the following read like?  A serious researcher? Or a troll/idiot?
---
Subject: Re: [Full-Disclosure] Why is IRC still around?
Date: Mon, 22 Nov 2004 17:40:54 +
To: full-disclos...@lists.netsys.com

Vord from the in-famous script kiddie channel #hackphreak!! omg, thats
the biggest no credibility lamer channel ever.

Its channels like #hackphreak which give IRC a bad name, the exact
reason this thread started probably!!

Vord, go back to #hackphreak kiddo.
---

Oh, and if you can't remember, it was From: n3td3v 

> I have and I see me saying things that people thought I was saying to
> get a reaction when they are actually real things that are going on
> and my actual opinion on things.

Unfortunately for your reputation, that's quite close to "No, I'm not a troll,
I really had such stupid opinions on things".

>From there, it's just a short jump to "He's consistently clueless on *this*
list - if he actually *has* 4500 people on another list, he's either equally
clueless there and people read it for the humor value, or he's actually
intelligent there - in which case he's a troll playing an idiot here".



pgpib73cL9iU7.pgp
Description: PGP signature
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Why are you against n3td3v?

[andrew . wallace]

Another *actual* troll I forgot to mention...

On Sun, Jan 11, 2009 at 5:32 PM, j-f sentier  wrote:
> You're a troll bitch, stop sniffing crack you loose your memory, i guess
> someone should make an wikipedia entry or something, just to remind you what
> kind of piece of shit you are.
>
> Now you see that no one likes you here, so stop crying on such useless
> topics as this one, and get the fuck out.
>
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Why are you against n3td3v?

[j-f sentier]

You're a troll bitch, stop sniffing crack you loose your memory, i guess
someone should make an wikipedia entry or something, just to remind you what
kind of piece of shit you are.

Now you see that no one likes you here, so stop crying on such useless
topics as this one, and get the fuck out.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Why are you against n3td3v?

[andrew . wallace]

On Sun, Jan 11, 2009 at 4:51 PM,   wrote:
> On Sun, 11 Jan 2009 16:09:45 GMT, "andrew.wallace" said:
>
>> I can't help if Robert Lemos, Neal Krawetz gave false reports about
>> n3td3v, that seems to have damaged us a lot and having to defend my
>> position constantly to a bunch of aliases on full-disclosure because
>> they believed something that was written in the media and had an
>> expectation and when that expectation couldn't be met, they thought
>> I'm a lie and a fake and the members of the n3td3v mailing list can't
>> be real.
>
> I hate to inject some actual reality, but a few things to consider:
>
> 1) 'n3td3v' was *already* widely regarded as a troll when Krawetz did
> his research - he picked 'n3td3v' *specifically because* it was regarded
> as the biggest security troll since Gobbles.

I'm not a troll and neither was Gobbles.

> 2) I suspect that the vast majority of full-disclosure readers either
> didn't know or didn't care about Krawetz's posting until you made a
> point of complaining about it and invoked the Streisand Effect on yourself.

You don't know the vast majority, you social with a few names on
full-disclosure who are active posters.

> 3) The high troll factor of 'n3td3v' on the full-disclosure list scared
> off a very high percentage of the full-disclosure people who concluded that
> any list of 4,500+ run by a troll/idiot of the caliber seen on full-disclosure
> *must* be composed mostly of sock puppets and other trolls.
>

I'm not a troll and only serious researchers are subscribed to the
n3td3v mailing list group.

That was the mistake made people thought I was a troll, n3td3v isn't a
troll its been real the whole time.

> Seriously - go back and re-read your postings over the past several years,
> and then ask yourself "What would *I* think about this poster if I didn't
> know who he was?".

I have and I see me saying things that people thought I was saying to
get a reaction when they are actually real things that are going on
and my actual opinion on things.

The only actual troll i've seen *ever* on full-disclosure is "Ureleet"
thats your troll, neither n3td3v or Gobbles have ever been trolls.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Why are you against n3td3v?

[Valdis . Kletnieks]

On Sun, 11 Jan 2009 16:09:45 GMT, "andrew.wallace" said:

> I can't help if Robert Lemos, Neal Krawetz gave false reports about
> n3td3v, that seems to have damaged us a lot and having to defend my
> position constantly to a bunch of aliases on full-disclosure because
> they believed something that was written in the media and had an
> expectation and when that expectation couldn't be met, they thought
> I'm a lie and a fake and the members of the n3td3v mailing list can't
> be real.

I hate to inject some actual reality, but a few things to consider:

1) 'n3td3v' was *already* widely regarded as a troll when Krawetz did
his research - he picked 'n3td3v' *specifically because* it was regarded
as the biggest security troll since Gobbles.

2) I suspect that the vast majority of full-disclosure readers either
didn't know or didn't care about Krawetz's posting until you made a
point of complaining about it and invoked the Streisand Effect on yourself.

3) The high troll factor of 'n3td3v' on the full-disclosure list scared
off a very high percentage of the full-disclosure people who concluded that
any list of 4,500+ run by a troll/idiot of the caliber seen on full-disclosure
*must* be composed mostly of sock puppets and other trolls.

Seriously - go back and re-read your postings over the past several years,
and then ask yourself "What would *I* think about this poster if I didn't
know who he was?".


pgpXNTTTj81nY.pgp
Description: PGP signature
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Full Disclosure of What ?

[sexyazngrl69]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

hiya:

On Sat, 10 Jan 2009 21:24:40 -0500 Gomer Stackseg
 wrote:
>G'day to the FD list:

g'day to you too<3

>I find the interplay between netdev and ureleet to be a defining
>element of inanity, misanthropy and sheer waste of bandwidth.  Who
>cares about the pissing between what appears to be two colossal
>noise
>generating clowns ?

/me *giggles* and loves n3td3v

:))
-BEGIN PGP SIGNATURE-
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQMCAAYFAklqHGQACgkQynWwk3/AtyOh8wP/cORU7iy80FZ6T85VogkFnowrwLAT
O3ucTMYxVDbU0LMU+jHTJyeMkQI/GBpVA2Hk43eUkk0pQ4ebiNsSFcv6Vx0yVmqltgNd
qUsOtLRV9OGC1gtglDrmiKmwSdwOxZO0Y/H5ry1Ps2ZLR3dAfhpZlXXe48Q7bpKNtjwh
KDjQP6k=
=XHKI
-END PGP SIGNATURE-

--
Click for free info on online masters degrees and make up to $150K/ year
 
http://tagline.hushmail.com/fc/PnY6qxtpjYl3OpqOwoCiWdrStDDVtxz04lCOZn3MYTFsovqw5Nxck/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Why are you against n3td3v?

[Anders B Jansson]

andrew.wallace wrote:
> We're a mailing list of government, business and academia folks pretty
> much the same as here. We monitor threat reports and give analysis
> from time to time on what's going on and offer advice to folks. Why
> would you be against us?

Because you are a complete moron who hasn't contributed in any other way 
than spewing pointless uninformed rants.

New sender adress added to idiot filter.

-- 
// hdw

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Please STOP this THREAD!

[Michael Weinert]

Am Freitag, 9. Januar 2009 schrieb Martin Allert:

Hello Martin,

start using filters like:

email contains n3td3v => Trash
email contains ureleet => Trash
and so on...

Best wishes.

Michael Weinert

> Dear Ladies and Gentlemen,
>
>
> I am not interested in you philosophical and informational warfare on
> this mailinglist - information on this war can be easily retrieved
> through the Internet. I am sure there are plenty of boards where you can
> discuss more ore less objective about the current political situation.
>
> But for heavens sake - this is a SECURITY mailing list, not a discussion
> board!
>
> Please STOP this! Or this mailinglist will end like bugtraq some years ago.
>
> Best regards, but annoyed.
>
> Martin Allert



-- 

  SysQuadratSysteme mit Sicherheit
Michael Weinert Stuttgart Filderstadt-Plattenhardt
  Tel.: 0711-9970288 Fax: 5360559 Mobil: 0170-4141273
   http://www.linux-firewall.de  wein...@sys2.de
   KeyServer hkp://pgp.mit.edu


Disclaimer:

Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen.
Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich 
erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie 
diese Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser 
Mail ist nicht gestattet.
 
This e-mail may contain confidential and/or privileged information.
If you are not the intended recipient (or have received this e-mail in error)
please notify the sender immediately and destroy this e-mail. Any unauthorised
copying, disclosure or distribution of the material in this e-mail is strictly
forbidden.


signature.asc
Description: This is a digitally signed message part.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Why are you against n3td3v?

[andrew . wallace]

We're a mailing list of government, business and academia folks pretty
much the same as here. We monitor threat reports and give analysis
from time to time on what's going on and offer advice to folks. Why
would you be against us?

I can't help if Robert Lemos, Neal Krawetz gave false reports about
n3td3v, that seems to have damaged us a lot and having to defend my
position constantly to a bunch of aliases on full-disclosure because
they believed something that was written in the media and had an
expectation and when that expectation couldn't be met, they thought
I'm a lie and a fake and the members of the n3td3v mailing list can't
be real.

I'm on the same side as you as is the members of the n3td3v mailing
list. We're good guys like you are so why all this fighting all the
time on full-disclosure?

There is a n3td3v group, the mailing list that is on Google Groups---
but not in the way it was reported in the media as being.

I don't know who Gobbles is have no connections to him don't want to
be like him or have association with hackers.

It's time this back and forward fighting stopped and we all worked at
a common goal to stop the hackers.

I have always been the person to collect intelligence on the hackers
and pass them to the authorities, this all started when I was 18 on
Yahoo where I got to be friends with many folks involved with
protecting Yahoo's security and passed them important intelligence
about what was going on.

I moved on from Yahoo and started the Google Group for my own self
purpose to read all the mailing lists in one place that I didn't need
to keep logging into my email account all the time to read.

Gradually from there I noticed members had started to join, although
when I started the group I hadn't thought about members and people
joining, it was completely accidental to me that the group started to
form, they must of enjoyed the same intelligence I did. That
intelligence was open-source intelligence reports from
full-disclosure, bugtraq, media website news letters and breaking news
alert email services from places such as the BBC.

As i've grown up since I was 18 my interests matured now I hope to get
into a proper intelligence agency such as MI5 to continue my work as
an intelligencer in a professional capacity.

I'm a good guy not like is being made out to be by some folks on
full-disclosure and by Robert Lemos and Neal Krawetz. What they said
about me was not only damaging to my online presence but was damaging
to me in real life as well. This is because I was part of an ethical
hacking course where I left to goto and then the report about n3td3v
appeared and it made me mad because it made me out to be a hacker that
was withholding zero-day and other stuff was written about me.

It made me mad because i'm the opposite of what I was made to look by
Neal Krawetz and Robert Lemos, they didn't even contact me for an
interview to get my side of the story, it was a one sided malicious
report into someone they didn't research into properly before reaching
their conclusions.

What i'm saying to you is to back off now not only are you not making
any difference to me but you are only ruining the full-disclosure
mailing list by the constant back and forward arguing thats going on,
because you don't think that n3td3v is real or meet your expectation.

I have recently been looking at people who may be spying in
corporations and in government departments as well as monitoring
hackers who have been passing on programming knowledge to people such
as Akill's social circle of friends who was a bot net herder who is
now likely to get work in the secret intelligence service industry.
There are still elements of Akill's group that can reform without him
being a part of it anymore and that kind of thing has to be monitored
by folks.

It's all about getting inbetween the hackers and passing the
information to the authorities or leaving the intelligence to be
picked up on the wire tap as folks are being spoke with.

n3td3v isn't at the moment a professional intelligence group but will
be in the future if and when i'm employed into the British
intelligence community if they choose to accept my application form.

n3td3v mailing list group is now a self driven mailing list of threat
reports and analysis of what's going on, in the future it may evolve.
There are no 'kids' on it, the membership base is of information
security amatuers and professionals. The group is open membership so
potentially anyone can join, but any spam or horse play will be
removed.

I believe in being open as possible about intelligence, of course
certain elements of secret intelligence agency's need to be kept
secret but I think the future is to be more transparent with the
population about what's going on and professional agency's have
started to do this especially as far as their recruitment drive is
going. Now more than ever they are releasing more information about
the workings of their agency's and no longer do people need

Re: [Full-disclosure] e-Holocaust

[e . hitler]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hello lolwut,

Your IP is : 87.113.101.182

Your "fail image" has been replaced for you, let this make you
think twice about our resources and power over the web.

Have a good day.

- - http://img301.imageshack.us/img301/6840/cyberwarwrongwp6.jpg

On Sun, 11 Jan 2009 17:41:56 +0300 lol...@hush.ai wrote:
>http://img301.imageshack.us/img301/6840/cyberwarwrongwp6.jpg
>
>--
>Click for free info on criminal justice degrees, $150K/ year
>potential.
> http://tagline.hushmail.com/fc/PnY6qxtpLI097N1EbMNhYiIAKCzRbq9zBrS
>6XjZeM27MYdQOtfEdq/
>
>___
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
-BEGIN PGP SIGNATURE-
Charset: UTF8
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 3.0

wpwEAQMCAAYFAklqFKsACgkQiG0lprPxISpm+AP+L4eNFGe8NT2gC1mGoPBGPJSk26g8
p04UUJ5vv/RVM27i/vZCNYSLoPEVaO0AaZM0TGe4zTFMA6zXPaEwaxlrxI9f6MbjGZvh
7qncfc9m8+Y6+seiYMHtP5o21nhLIZQ4uRoyZwiHrmpH3xnBYBJaCGfis0xfhuDAsxp6
TRJKG0s=
=mh7O
-END PGP SIGNATURE-

--
Free information on becoming a Graphic Designer. Click Now!
 
http://tagline.hushmail.com/fc/PnY6qxunKhktZQbINbaTbzHbDdWeN2bPvvweIj9n4GD05oaR4W9fy/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] e-Holocaust

[Mainbox Notif]

Very good job!
I wish that there where more like you.

well done, *keep the good work*!



11 

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
>  To Whom it may concern:
>
> Peace be upon all you.
>
> Behold the e-Holocaust:
>
> http://israelcivillaw.com/
> http://israelcommerciallaw.com/
> http://www.israel-forum.co.il/
> http://mynotebook.co.il/
> http://ada-art.co.il/
> http://harambam.co.il/
> http://sigalit-studio.co.il/
> http://sgms.co.il/
> http://two.org.il/
> http://magia-li.co.il/
> http://plastikim.co.il/
> http://maasik.co.il/
> http://vision-art.co.il/
> http://man-go.co.il/
> http://drabba.co.il/
> http://gal-alpron.co.il/
> http://djgazala.com/
> http://eseknet.biz/
> http://michlala.co.il/
> http://yd-albert.co.il/
> http://refaeli-art.com/
>
>
> As for who we are, as far as the world is concerned, we do not
> exist, we are not a group, we are a state of mind, do not try to
> track us down, as we shall stay in the undergrounds, watching them
> and taking them down where necessary...
>
> We do what we do because we can, and as it is the fair judgement.
> As it can be implied we have access to resources that should not be
> taken lightly.
>
> As for what we want, we want nothing but the world to see this (
> and we will make sure the world does see it ).
> What we'll do is take down tens of Israeli servers daily, and burn
> them to the ground, every bit of information on them will be
> deleted...
>
> That will only be the beginning, when that is done, next step would
> be the full publicising of every all information gathered.
>
>
>  This is our war now.
> -BEGIN PGP SIGNATURE-
> Charset: UTF8
> Version: Hush 3.0
> Note: This signature can be verified at https://www.hushtools.com/verify
>
> wpwEAQMCAAYFAklpMH4ACgkQiG0lprPxISpBMgQAhA5c6ydTowzBcD1EEWrYsv6dIuLx
> T2ULI3W+fNstMY38G0Bp2rjc2KaVcGGUrtX5x0Ic7KNEtfFOf9UAPatnE6YOwaM5Xl27
> kpvIePf3LHirLHx36uHgkazmZwM25wpLnhgrFTFTAuFd88uO7ZEbzXjYA3BJ7KE9SJvd
> tdOu234=
> =H3kv
> -END PGP SIGNATURE-
>
> --
> Become a medical transcriptionist at home, at your own pace.
>
> http://tagline.hushmail.com/fc/PnY6qxthN5KaG9cIzZbORL2U4Bn8ziSqE3rgbpXdvLsZgRLQdj3hG/
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Full-Disclosure Digest, Vol 47, Issue 24

[Line Noise]

On 1/11/09, Yigit Turgut  wrote:
> This is a list that I've been following for years but I see that it turned
> to some kind of a circus.I do not like setting spam filters, I am saying to
> those who created this situation ; get a life and don't make me come after
> you.

Considering what a cess pool this list has become, I encourage you to
go after whichever of the little creatures you think you can reach.
Please.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] [ GLSA 200901-05 ] Streamripper: Multiple vulnerabilities

[Pierre-Yves Rofes]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory   GLSA 200901-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

   Severity: Normal
  Title: Streamripper: Multiple vulnerabilities
   Date: January 11, 2009
   Bugs: #249039
 ID: 200901-05

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis


Multiple buffer overflows have been discovered in Streamripper,
allowing for user-assisted execution of arbitrary code.

Background
==

Streamripper is a tool for extracting and recording mp3 files from a
Shoutcast stream.

Affected packages
=

 ---
  Package   /  Vulnerable  / Unaffected
 ---
   1  media-sound/streamripper  < 1.64.0  >= 1.64.0

Description
===

Stefan Cornelius from Secunia Research reported multiple buffer
overflows in the http_parse_sc_header(), http_get_pls() and
http_get_m3u() functions in lib/http.c when parsing overly long HTTP
headers, or pls and m3u playlists with overly long entries.

Impact
==

A remote attacker could entice a user to connect to a malicious server,
possibly resulting in the remote execution of arbitrary code with the
privileges of the user running the application.

Workaround
==

There is no known workaround at this time.

Resolution
==

All Streamripper users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=media-sound/streamripper-1.64.0"

References
==

   [ 1 ] CVE-2008-4829
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4829

Availability


This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

   http://security.gentoo.org/glsa/glsa-200901-05.xml

Concerns?
=

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
secur...@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.

License
===

Copyright 2009 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5





signature.asc
Description: OpenPGP digital signature
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Full-Disclosure Digest, Vol 47, Issue 24

[Yigit Turgut]

This is a list that I've been following for years but I see that it turned
to some kind of a circus.I do not like setting spam filters, I am saying to
those who created this situation ; get a life and don't make me come after
you.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] [SECURITY] [DSA 1699-1] New zaptel packages fix privilege escalation

[Florian Weimer]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

- 
Debian Security Advisory DSA-1699-1  secur...@debian.org
http://www.debian.org/security/   Florian Weimer
January 11, 2009  http://www.debian.org/security/faq
- 

Package: zaptel
Vulnerability  : array index error
Problem type   : local
Debian-specific: no
CVE Id(s)  : CVE-2008-5396 CVE-2008-5744
Debian Bug : 507459 510583

An array index error in zaptel, a set of drivers for telephony hardware,
could allow users to crash the system or escalate their privileges by
overwriting kernel memory (CVE-2008-5396).

For the stable distribution (etch), this problem has been fixed in version
1.2.11.dfsg-1+etch1.

For the unstable distribution (sid) and the testing distribution
(lenny), this problem has been fixed in version 1.4.11~dfsg-3.

We recommend that you upgrade your zaptel package.

Upgrade instructions
- 

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- ---

Source archives:

  
http://security.debian.org/pool/updates/main/z/zaptel/zaptel_1.2.11.dfsg-1+etch1.diff.gz
Size/MD5 checksum:   112903 deb886bbf7ec5183a8b8f2acdb282aca
  
http://security.debian.org/pool/updates/main/z/zaptel/zaptel_1.2.11.dfsg.orig.tar.gz
Size/MD5 checksum:  1192239 a8b32a69e6c6dd1caf526eef4d0c4487
  
http://security.debian.org/pool/updates/main/z/zaptel/zaptel_1.2.11.dfsg-1+etch1.dsc
Size/MD5 checksum: 1273 a76cdc21eb9bcecf25dcd5815f65fc2d

Architecture independent packages:

  
http://security.debian.org/pool/updates/main/z/zaptel/zaptel-source_1.2.11.dfsg-1+etch1_all.deb
Size/MD5 checksum:   928098 804dbf80db1756a21d25e78b339d04c6

alpha architecture (DEC Alpha)

  
http://security.debian.org/pool/updates/main/z/zaptel/libtonezone-dev_1.2.11.dfsg-1+etch1_alpha.deb
Size/MD5 checksum:28412 da608a05b2dc20dc78ac7869d96ac8d9
  
http://security.debian.org/pool/updates/main/z/zaptel/libtonezone1_1.2.11.dfsg-1+etch1_alpha.deb
Size/MD5 checksum:27152 dc847d4d989985cc64de8cf5ddc9c278
  
http://security.debian.org/pool/updates/main/z/zaptel/zaptel_1.2.11.dfsg-1+etch1_alpha.deb
Size/MD5 checksum:   118832 52a926c91d66dc696ceb1adcde3e8766

amd64 architecture (AMD x86_64 (AMD64))

  
http://security.debian.org/pool/updates/main/z/zaptel/zaptel_1.2.11.dfsg-1+etch1_amd64.deb
Size/MD5 checksum:   112450 b97b640e292ec75039d88a149048bf37
  
http://security.debian.org/pool/updates/main/z/zaptel/libtonezone1_1.2.11.dfsg-1+etch1_amd64.deb
Size/MD5 checksum:26040 4644fc0debb57cb63d0ecd2a065628d2
  
http://security.debian.org/pool/updates/main/z/zaptel/libtonezone-dev_1.2.11.dfsg-1+etch1_amd64.deb
Size/MD5 checksum:26898 a816ba6f8001ce15f21436e55086c0ba

arm architecture (ARM)

  
http://security.debian.org/pool/updates/main/z/zaptel/zaptel_1.2.11.dfsg-1+etch1_arm.deb
Size/MD5 checksum:   111358 1ea716a259d884d2f60587e0c0bff0d5
  
http://security.debian.org/pool/updates/main/z/zaptel/libtonezone1_1.2.11.dfsg-1+etch1_arm.deb
Size/MD5 checksum:26418 53817f46e87cdffc0ff1f7f552f0abcd
  
http://security.debian.org/pool/updates/main/z/zaptel/libtonezone-dev_1.2.11.dfsg-1+etch1_arm.deb
Size/MD5 checksum:26830 2b3cfe526622aef8c8a013ed488a3618

i386 architecture (Intel ia32)

  
http://security.debian.org/pool/updates/main/z/zaptel/libtonezone-dev_1.2.11.dfsg-1+etch1_i386.deb
Size/MD5 checksum:27560 c83b30d1fa4c97736612490b4a3315a5
  
http://security.debian.org/pool/updates/main/z/zaptel/libtonezone1_1.2.11.dfsg-1+etch1_i386.deb
Size/MD5 checksum:26514 9512ab4bcdefd131908e5dcba7544054
  
http://security.debian.org/pool/updates/main/z/zaptel/zaptel_1.2.11.dfsg-1+etch1_i386.deb
Size/MD5 checksum:   109262 0be95fc29308efcbc541d4666caf77c4

ia64 architecture (Intel ia64)

  
http://security.debian.org/pool/updates/main/z/zaptel/libtonezone-dev_1.2.11.dfsg-1+etch1_ia64.deb
Size/MD5 checksum:28766 58c733396e6c7306917ae9afba6ad500
  
http://security.debian.org/pool/updates/main/z/zaptel/zaptel_1.2.11.dfsg-1+etch1_ia64.deb
Size/MD5 checksum:   136616 f09671965e51b3a0c6151735b5a470bc
  
http://security.debian.org/pool/updates/main/z/zaptel/libtonezone1_1.2.11.dfsg-1+etch1_ia64.deb
Size/MD5 checksum:28400 8c55b47382faede9b16afd6ecca8f883

mips architecture (MIPS (Big Endian))

  
http://security.debian.org/pool/updates/main/z/zaptel/zaptel_1.2.11.dfsg

Re: [Full-disclosure] Full-Disclosure Elementary School: WAS YELLING AT EACH OTEHR

[James Matthews]

This list has become a political list this month. I might spawn a mailing
list for political in site as to give people a place to vent.

On Sat, Jan 10, 2009 at 2:48 AM, Ureleet  wrote:

> okay, well in the interest of not totally pissing off every1.  ill lay
> off.  only because i was asked 2.  not because i dont want to continue
> fucking with andrew.
>
> not giving up andrew, im being polite and respecting ppls wishes.  u
> should try it.
>
> On Fri, Jan 9, 2009 at 7:42 PM, RandallM  wrote:
> >
> >
> >
> >>
> >> --
> >>
> >> Message: 1
> >> Date: Fri, 9 Jan 2009 17:02:52 +
> >> From: n3td3v 
> >> Subject: Re: [Full-disclosure] The war in Palestine && Pointless
> >>noise.
> >> To: Ureleet , full-disclosure@lists.grok.org.uk
> >> Message-ID:
> >><4b6ee9310901090902t7168aebrb25f707a3b32...@mail.gmail.com>
> >> Content-Type: text/plain; charset=ISO-8859-1
> >>
> >> On Fri, Jan 9, 2009 at 4:58 PM, Ureleet  wrote:
> >> >  we simply care that u die.  slowly and painfully.
> >>
> >> You've got a long time to wait then ;) I'm just seeing how far you
> >> take your abuse, it won't be long until your brain degenerates enough
> >> and you start making actual threats.
> >>
> >>
> >>
> >> --
> >>
> >> Message: 2
> >> Date: Fri, 9 Jan 2009 17:19:05 +
> >> From: "Prototype This" 
> >> Subject: Re: [Full-disclosure] The war in Palestine && Pointless
> >>noise.
> >> To: n3td3v 
> >> Cc: full-disclosure@lists.grok.org.uk
> >> Message-ID:
> >>
> >> Content-Type: text/plain; charset=UTF-8
> >>
> >> N3tsh1t.
> >> Why you speak like you are an 3rd person . You know if you ever burn
> >> you face , you can ask doctors to move your ass skin to your face .
> >> BECAUSE THAT WHAT YOU ARE AN ASSHOLE. You think you are smart but in
> >> fact i think you just discovered computer 2 or 3 years ago. make
> >> something interesting or Shut the fuck off.
> >>
> >> 2009/1/9 n3td3v :
> >> > On Fri, Jan 9, 2009 at 4:07 PM, j-f sentier 
> wrote:
> >> >> Ya well, 3/4 of this list doesn't like you at all
> >> >
> >> > A few aliases who have never talked about security you mean and just
> >> > look to stir up trouble and harass the founder of n3td3v
> >> >
> >> > ___
> >> > Full-Disclosure - We believe in it.
> >> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> > Hosted and sponsored by Secunia - http://secunia.com/
> >> >
> >>
> >>
> >>
> >> --
> >>
> > THANK GOD FOR FULL DISCLOSURES OR THIS LIST WOULD BE BORING. ITS LIKE
> BEING
> > IN GRADE SCHOOL!
> >
> >
> > --
> > been great, thanks
> > Big R a.k.a System
> >
> > ___
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



-- 
http://www.astorandblack.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] e-Holocaust

[e . hitler]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

We are pretty far away from them, if it was possible for us to go
and fight, we would.

It is not worthless, it is merely the beginning.. every file,
database, email, paypal or bank account... the more damage, the
better... maybe one site is worthless for you, but its someone
else's job, years of effort to build, etc etc... and as long as
that someone is an Israeli, then his site is a target.

We expected people to call this "script kiddie", but it is alright,
that is the typical response from a "rants" person like yourself,
we will overlook that..

- -- QUOTE --
>Then to prove just how pathetic you really are, you don't even
>have the
>balls to publicly show your face and have to hide behind an
>anonymous email
>address- all while real men are out there on the streets in harms
>way.
- -- / QUOTE --

That is coming from the person who replied to our email from his
"Rants n Raves" email account? please take a seat.

We do have what it takes to make a difference, we believe actions
speak louder than words, so you can just sit back and watch.

~ The E-Holocaust

On Sun, 11 Jan 2009 06:20:03 +0300 Rants nRaves
 wrote:
>Wow, congratulations.  While people on both sides are risking
>their lives
>and in some cases making the ultimate sacrifice by loosing their
>life for
>their friends, family and country; you've hacked some worthless
>Israeli
>websites- thus once again proving lawyers and artists in all
>countries don't
>know how to apply security patches to their servers.I'm sure
>the IDF is
>cowering in fear over your awesome power, amazing resources and
>limitless
>influence- just like every other script kiddie out there.
>Can we all now schedule the parade and present you with your medal
>for being
>the lamest excuse of a terrorist / freedom fighter / human being
>of the
>week?
>
>Then to prove just how pathetic you really are, you don't even
>have the
>balls to publicly show your face and have to hide behind an
>anonymous email
>address- all while real men are out there on the streets in harms
>way.  Even
>the worthless politicians are doing more and taking bigger risks
>then you.
>
>Normally I'd suggest to go crawl back into your hiding hole, but
>since
>you've never actually came out; I'll just say shut up and let the
>adults
>deal with it, because clearly you don't have what it takes to make
>a real
>difference in the world.
>
>- Rants
>
>On Sat, Jan 10, 2009 at 3:34 PM,  wrote:
>
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>>  To Whom it may concern:
>>
>> Peace be upon all you.
>>
>> Behold the e-Holocaust:
>>
>> http://israelcivillaw.com/
>> http://israelcommerciallaw.com/
>> http://www.israel-forum.co.il/
>> http://mynotebook.co.il/
>> http://ada-art.co.il/
>> http://harambam.co.il/
>> http://sigalit-studio.co.il/
>> http://sgms.co.il/
>> http://two.org.il/
>> http://magia-li.co.il/
>> http://plastikim.co.il/
>> http://maasik.co.il/
>> http://vision-art.co.il/
>> http://man-go.co.il/
>> http://drabba.co.il/
>> http://gal-alpron.co.il/
>> http://djgazala.com/
>> http://eseknet.biz/
>> http://michlala.co.il/
>> http://yd-albert.co.il/
>> http://refaeli-art.com/
>>
>>
>> As for who we are, as far as the world is concerned, we do not
>> exist, we are not a group, we are a state of mind, do not try to
>> track us down, as we shall stay in the undergrounds, watching
>them
>> and taking them down where necessary...
>>
>> We do what we do because we can, and as it is the fair
>judgement.
>> As it can be implied we have access to resources that should not
>be
>> taken lightly.
>>
>> As for what we want, we want nothing but the world to see this (
>> and we will make sure the world does see it ).
>> What we'll do is take down tens of Israeli servers daily, and
>burn
>> them to the ground, every bit of information on them will be
>> deleted...
>>
>> That will only be the beginning, when that is done, next step
>would
>> be the full publicising of every all information gathered.
>>
>>
>>  This is our war now.
>> -BEGIN PGP SIGNATURE-
>> Charset: UTF8
>> Version: Hush 3.0
>> Note: This signature can be verified at
>https://www.hushtools.com/verify
>>
>>
>wpwEAQMCAAYFAklpMH4ACgkQiG0lprPxISpBMgQAhA5c6ydTowzBcD1EEWrYsv6dIuL
>x
>>
>T2ULI3W+fNstMY38G0Bp2rjc2KaVcGGUrtX5x0Ic7KNEtfFOf9UAPatnE6YOwaM5Xl2
>7
>>
>kpvIePf3LHirLHx36uHgkazmZwM25wpLnhgrFTFTAuFd88uO7ZEbzXjYA3BJ7KE9SJv
>d
>> tdOu234=
>> =H3kv
>> -END PGP SIGNATURE-
>>
>> --
>> Become a medical transcriptionist at home, at your own pace.
>>
>>
>http://tagline.hushmail.com/fc/PnY6qxthN5KaG9cIzZbORL2U4Bn8ziSqE3rg
>bpXdvLsZgRLQdj3hG/
>>
>> ___
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
-BEGIN PGP SIGNATURE-
Charset: UTF8
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 3.0

wpwEAQMCAA