Re: [Full-disclosure] I'm not the troll i've been trolled
I will point out the faults in n3td3v's premises, read my last profile statement: On Jan 12, 2009, at 5:01 AM, n3td3v wrote: I've been the victim of trolls they see me as a good target to pick on because I run the n3td3v intelligence group and i'm going to apply for mi5. Victim, martyr fantasies, with the 'intel group' being a self-serve mailing lis that ANYONE can join (as I have under a different alias). It doesn't exist per se, it's all in his head. It's about as useful as tits on a boy. your everyday people can't run security because their ideas are too ordinary and they come up with nothing new. Typical -- exclusivity, it's all one big secret that a normal person cannot understand. they seen someone with an indepth underworld life that i can talk about that others don't believe because the secret world of spooks is often unbelievable to ordinary folks and thats where people think i must be trolling. Secret world of spooks reference, the whole intel agency thing, Mystery! the fact is i've never trolled the n3td3v group is real and i'll be applying for mi5 real soon. Real soon, yep, where have we heard this? there is no mental illness or anything else, thats just something thought up by trolls to get me to reply even more. DENIAL, of course there hasn't been mental illness, nope, not at all...OK, maybe a little... I research open source intelligence such as mailing lists and websites, television and radio. as well as monitoring folks in social situations online and offline building up profile of folks. Notice the subtle threat of 'researching and profiling other folks'? Usually when threats occur, this is the attempt to 'one-up' their last drama, just like I wrote about. We're getting to him, so the monkey has to perform a new and better trick. maybe thats because i run an intelligence group thats why i'm interested in it and i'll hope one day to collaborate with mi5 to share intelligence on people, hackers and the threats. MI5 fixation, again! this is a secret underworld you've had some insight to and the way we think, you will not understand us, you will never understand unless you are part of it. He has the secret key of the universe that mere mortals cannot understand. OK, now watch what happens, it will be right out of the handbook. Some kind of event will be precipitated. If this is worked right, we can alter the behavior to our liking. -oz ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] n3td3v profile...
Andrew is a special kind of crazya friend of mine and former colleague who I highly respect (practicing Psych., who profiles individuals for a real doggone intel agency...alas, not MI-Jive) labeled Andrew as a probable schizophrenic with grandiose idealizations. These types of people usually can't hold a job. The most active period of delusions occur from 17-33, some think the drop-off may be due to decreased levels of testosterone as they age. Intelligence agency intrigue innuendo is a classic manifestation, along with imaginary friends, martyr glamorizations, alternate personalities and repeated exclamations that they will curtail their behaviors, only to come back, roaringly, foisting themselves upon a group/friend circle with a different guise or mission. Some have said it resembles alcoholic behavior in the promises to quit... They constantly need an audience, since 'friends' are temporal at best...they churn through relationships like shit flowing through a goose...as people become estranged/exasperated with the constant epiphany's, revelations and God-like interpretations. Stranger yet is that people like this can be wonderfully charming in real-lifefunny for awhile, but as they age, they start losing boyish charms that previously were forgiven...promulgating even more outlandish behavior as grow older. Sound familiar? We have a baseline here, folks. Also notice he hasn't written anything technical -- it's mostly outlandish hypothesis with pointers to..not infosec...but Andrew. They usually refuse medications to control themselves, because it dulls the essence of what they're trying to portray: someone mysterious, withholding critical information, being the sole- source of knowledge that might somehow change the world. IMHO, I would venture to say Andrew has attempted suicide -- his type is usually unsuccessful, indeed, it's not a suicide attempt but an attention-seeking event. He's bat-shit-fucking-crazy-nuts, but sane enough to fool someone unfamiliar with his MO. That's what is so aggravating about this particular form of mental illness...once again, as long as there's a receptive audience, the monkey will feel the compulsion to perform. It's akin to sexual gratification for him to see he's the subject of people's ire...don't forget that. This type of person will emotionally soul-suck everyone he comes in contact with, and make up dramas if only to suck more people in, because really, it's all about the adulation of n3td3v/ Andrew/, nothing else. Solutions: There's a few, but I wouldn't want to be responsible for the end result; once again, n3td3v is a human たまごっち (Tamagotchi) and should be treated accordingly. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Observations from 10 days in Nov.
One thing is 'fer sure...since I can't simply skim over the messages due to over-zealous subject lines, I read the messages. Most of 'em, anyway. I find myself assaulted with word salad, burying myself in interesting expressions of hatred, grief, aggravation and amusement. ..So hey, I thought I would share, in between hostile Palestinian verbal-fire and absolute assumptions that n3td3v is a sleeper MI-5 agent. You can't fool me, n3td3v, I have experience in these things. In no particular order, here is a mean sample from a 10-day period in November...I'd write more, but this is a security list: ...to learn about security, its just expected by the user that the system is 1) not **break in able** and 2) hasn't already been compromised. if you turn your computer on and everything looks in place and as it should, you suggest to yourself you haven't been hacked, howe... -n3td3v now i am going back to my real job, doing real things and you can go back to playing with lego and waiting for your mother to bring in some sandwiches cut into triangles. without the crustfaggot -Biz Marqee Unfortunately, the Joe Sixpacks tend to marry Jill Sixpacks, and reproduce. -Valdis i have a power base of nearly 5000 members on the n3td3v mailing list, and i don't work for the government but i very much believe in what the uk intelligence services are doing. so i suggest you don't fuck with n3td3v but its your choice at the end of the day. thank you and good day. -n3td3v They don't realise I might work for MI5. And then again, I might work for MI5. -n3td3v Actually I think a new game should be created that revolves around stalking n3td3v. At the end of the month a Stalker of the Month could be selected and given a prize. I think it could be a lot of fun. -vulcanius Look at the 7 days without you - no one was asking wheres n3td3v were they? No, everyone was enjoying the fact that you were in hospital having the guards do reruns of your drunk uncles night time visits your bedroom. That shit fucked you up for life didn't it, faggot? -Biz Marqee What's a n3td3v? -Paul Ferguson Does this mean you are wanting the vendors to be fucked? -n3td3v Let us all rejoice by following Gadi Evron in his love of the cock and all things whitehat. -not dev I'm not sure this is a good idea as it gives a heads up to hackers. you may think its not long but its actually 5 days for a hacker to figure out potentially a vulnerability in said area. -n3td3v maybe we should have a discussion on what a drug addled cock lover you are? -Biz Marqee Note: Like a bad acid trip or some kind of heinous, immutable INFOSEC Phoenix, n3td3v Will Not Die. As soon as he announces he's going away, he comes back. Tossed, tattered, abused and perhaps prancing around your flat with a but-plug up his ass reminiscing about a phantasmagorical guy named Clyde, n3td3v is Eternal, n3td3v is MI5, n3td3v Is All Things to Everyone. I'll end this with a prophetic statement by the aforementioned from 2006: Subject: [Full-disclosure] n3td3v: viva end of n3td3vand security group From: n3td3v xploita...@gmail.com Date: Fri Sep 1 20:13:50 BST 2006 n3td3v with the beginning Spetember 1st 2006 is the end of n3td3v commentry via Full-Disclosure list or any other medium. This is because n3td3v is moving into the professional scene, so underground hacker scene isn't suitable for the n3td3v agenda. Fearlessly, -oz - - “Condoleezza Rice is a very cruel, offended woman who lacks men's attention. She needs to be taken to a company of man-soldiers and it would be just fine. Releasing such stupid remarks gives her the feeling of being fulfilled. This is the only way for her to attract men's attention. Show me that Rice is a woman? The only thing she attracts is reindeer. The States needs to practice the old Soviet tradition when both single women and single men were not allowed to take responsible state positions... --Vladimir Zhirinovsky, Russian politician, leader of the Liberal and Democratic Party of Russia (LDPR ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] The war in Palestine
On Jan 4, 2009, at 10:31 PM, Avraham Schneider wrote: When there is no choice, there is no choice - Israel has to defend it's own civilian population as a first priority. Let me tell you a little of the latest events - 1) IDF calls a family in Gaza, to let them know they are about to bomb the house from the air - demanding that the family members leave immediately. (the IDF had inteligence that weapons were stored in that family's house) 2) Family members climb to the roof of the house as they know the IDF pilots would not want to harm civilians 3) The IDF pilot fires a rocket to the corner of the roof, making it clear that if they don't leave, they will die, 4) The family get the point and run away 5) House is fired at 6) Explosions ocur due to ammunition and rockets stored there. Correction #3: The MC actually dispatched MIGCAP to fire 20mm cannon, not 'rocket' -- at the next building over. The kill ratio from a rocket's shrapnel would have killed anyone on the roof, hence, 20mm fire to ward off the family and scare the dickens out of them so they would bail from the structure. #4: Family found Jesus right away, no, Common Sense...and bailed from the roof. #5: Cool fireworks display courtesy of your local IDF #6: Kudos to family for making a media moment of defiance, but it was really time to leave before someone was killed. 2009/1/4 valdis.kletni...@vt.edu: You people can't even agree to stop a flame war. It's not a flame war - it's an off-topic propaganda started by a Muslim and defended by a Jew. Just add the subject to a filter rule in Outlook/gmail/whatever client you use, and forget about it. Defended by two Jews now, Mazel tov -- “Condoleezza Rice is a very cruel, offended woman who lacks men's attention. She needs to be taken to a company of man-soldiers and it would be just fine. Releasing such stupid remarks gives her the feeling of being fulfilled. This is the only way for her to attract men's attention. Show me that Rice is a woman? The only thing she attracts is reindeer. The States needs to practice the old Soviet tradition when both single women and single men were not allowed to take responsible state positions... --Vladimir Zhirinovsky, Russian politician, rabid leader of the Liberal and Democratic Party of Russia (LDPR) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] FD subject line/name of org suggestion...
On Dec 12, 2008, at 12:13 AM, Knud Erik Højgaard wrote: On Thu, Dec 11, 2008 at 9:28 PM, - o z - . o...@hotmail.com wrote: I don't want to read it with Lynx, either. I've got some damn good SMTP clients, like Pine v.01a, OK? How do you read anything with an SMTP client? -- You're right. It should be pop, imap, or simply client. And while your comment displays a level of technical acumen, I occasionally forget that not everyone speaks/comprehends the subtleties of English, probably about as good as me trying to get satire spoken in Danish. It's a joke. Satire. My mail client rant, whether or not the underlying protocols used smtp, pop, imap, http, https or little blue elves carrying 7 or 8 mime-bits out my bunghole...didn't have an option for crayon fonts big and colorful enough so an international audience would understand laugh...when I used Pine as the kicker, masturbatorily using a pre-Alpha version moniker, even calling Pine a great way to read email...I guess u took that seriously? That's OK, I learned a long time ago not to #%*^ with the Vikings. Your comment did make me think back...way back to 1995...using Trumpet Windsock with a win SMTP client that *did* use SMTP to both send and receivesomehow?...written in Pascal of all things...compiled and supported by a David C(K)ornit was very, very slow. But not funny. At least your average SMTP server was way more friendly back then after HELO, and damn it all, were they more xploitable or what? When I think back to all the crazy...never mind. It was an astounding time be alive is all, and writing about it makes me feel very, very old. Thanx for the clarification, Knud. -oz ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [SECURITY] [DSA 1685-1] New uw-imap packages fix multiple vulnerabilities
On Dec 11, 2008, at 10:36 PM, Steffen Joeris wrote: Debian Security Advisory DSA-1685-1 secur...@debian.org http://www.debian.org/security/ Steffen Joeris December 12, 2008 http://www.debian.org/security/faq - Package: uw-imap Vulnerability : buffer overflows, null pointer dereference Problem type : remote Debian-specific: no CVE Id(s) : CVE-2008-5005 CVE-2008-5006 Two vulnerabilities have been found in uw-imap, an IMAP implementation. The Common Vulnerabilities and Exposures project identifies the following problems: This alert is an excellent example of what I've been ranting about, e.g.: Re: [Full-disclosure] [SECURITY] [DSA 1685-1] New uw-imap packages fix multiple vulnerabilities - 24-25 characters that could have been appended to the end of the subject line instead of the beginning. In a perfect world, the message would read like this, with [Full- disclosure] abbreviated to [FD]: Re: [FD] New uw-imap packages fix multiple vulnerabilities [SECURITY] [DSA 1685-1] Oi, I know this makes too much sense, sorry. -oz ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] FD subject line/name of org suggestion...
From: nytrok...@gmail.com Subject: Re: [Full-disclosure] FD subject line/name of org suggestion... This is quite simple to do on Gmail. All you need to do is open any full-disclosure email. Then click on show details and select filter messages from this mailing list. On Thu, Dec 11, 2008 at 6:10 PM, valdis.kletni...@vt.edu wrote: On Thu, 11 Dec 2008 10:39:51 EST, Phillip Partipilo said: Could try a separate folder and using rules to segregate FD emails. There really arent *that* many emails, I mean, compared to nearly insane volume of ntsysadmin or activedir. Nytrokiss, are you really suggesting, as a general rule, to use a *web-browser* on an unmoderated security forum that occasionally includes live exploit codethat runs in said browser?Call me old fashioned, but man, I don't think that's a good idea. I don't want to read it with Lynx, either. I've got some damn good SMTP clients, like Pine v.01a, OK? (Slapping-Self, 'cause the G5 no workie, again...! Do as I say, not as I do, hah! Slap!) Getting back to the org. premise, some of you here don't think the org. ID's are getting a little out of hand in their length? I meekly submit the notion that this practice may have something to do with Ego/Promo...I dunno, really, what is the requirement for an extra space/length [ blah-blah1371117 ] between the charactersif only to center the eye on the author? Indeed, instead of [Full-disclosure] wouldn't [FD] work just the same for filtering? And give us more space? Yeah, I think it would. ...and it's a ton of emails, especially if you run a few flavors of 'Nix and do your best not to become a bad Netizen. Or if someone posts, ranting they've been Fed-Poizoned...? Think how many wage-drones you've worked with that have no care of exploits on FD, and suffered the consequences because of it? I stand by my suggestions. -oz _ Explore the seven wonders of the world http://search.msn.com/results.aspx?q=7+wonders+worldmkt=en-USform=QBRE___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] FD subject line/name of org suggestion...
Hi everyone! Is it just me, or is it normal for everyone else *not* to usually see the entire exploit notification, e.g., subject line in client: [Full-disclosure] [ GL** #-0* ] Critical Squirrel Meat Timer v. 371117a Threat to Earth and All Inhabitants '(cut off right about @Meat Timer) [date]' What has happened over time (10+ years) is that while average desktop space has grown, font real-estate has shrunk. Way more stuff is on-screen. We're bombarded with even more info, some of it critical, and yeah, maybe some of us like to keep current 'cause we live breath infosec and have to kill -s netdev 666 just to make sense of it all sometimes. Belay that, nothing, nothing makes sense there...makes my orange run like clockwork. That's it! Using an informal survey method, most of my peers display FD the same waycritical version info is usually obscuficated (or it's something else dearly important...say what you want...the community is creative with names). It would be easier on the eyes and achieve a better productivity metric for my capitalist oppressors if the sub. line read: [Full-disclosure] Warning goes here .xxx [good job, now put your name/date thingy here, right here!] When my FD mailbox has 1000+ messages, many of them pertaining to software I'm responsible for, it would make it easier if the subject line devoted as much space possible for the 'sploit...firstfollowed by the author's naming convention. Credit will be remembered no matter what, since if it affects you, it will be opened. If it's been a long night or day, whoa, it's easy to overlook something I shouldn't. Right now it's like, Wow, that was some exploit I saw by 'insert name here and date' -- sure wish I could have read it at one glance, damn... Somebody might be screaming, Dude, change your settings -- and they're right. I should and do...but still have the same issue, on a variety of clients -- increasing available subject line space helps, regardless. Some org. ID's rent *16!* characters in the subj. line, and the last five can be a real bitch, i.e., v.371117 -- etc. Maybe some of 'ya think this is persnickety, and hell, it might be, it's just the 'best job, least amount of time thing.' It just makes more sense to me is all, quite unlike my apparent deteriorating cognitive grammatical abilities. -oz ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/