Re: [Full-disclosure] Facebook seems to think my Arch Linux box has malware on it
Hello, “Your computer has malware!” Facebook says to me. I am really curious to know, assuming that everything you've said is accurate, how they determine you've got malware. This is rather curious. The more I think about it, the more I wonder if something's come between you and facebook pretending to be official, hoping to trick you into downloading something. Cheers -- freebyron.org ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Rate Stratfor's Incident Response
Hello, Bad analogy. Closer would be if you have a house that's got a driveway on a public street, and you claim it's not breaking and entering if you walk up the driveway, try the doorknob, find it unlocked, and let yourself in without the permission of the residents. Saying that anybody could walk up and let themselves in the door doesn't make it legal. This is a pretty classic analogy that I've used many times myself, but for many years now I've found myself questioning it... I mean good analogies are valuable, but I think in this case it falls down. Mostly, there's the expectation of physical security or, at least, privacy, when it comes to a house. If someone's rattling door knobs, it's not unreasonable to expect that they could be there to rob or do you harm, as the human race does not have a significant history of peaceful/harmless door rattling practices (that I know of). Now, when it comes to the internet and networks in general, we've entered a whole new world where many old ways of looking at things, tempting as they are, don't fit. There's also no real relevance to fearing for your physical safety if someone's probing your net. To a good extent I might be talking out of my ass here, but I'd welcome feedback. Cheers, B -- freebyron.org ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Fwd: Rate Stratfor's Incident Response
Don't piss off a talented adolescent with computer skills. Amen! I love me some stylin' pwnage :) Whether they were skiddies or actual hackers, it's still amusing (and frightening to some) that companies who really should know better, in fact, don't. -- freebyron.org ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] R: Re: Symlink vulnerabilities
Sorry for the top posting. No, top posting is the *correct* way to do things, which most people on this list don't seem to realize. Instead they quote *everything* and then respond on the bottom. Yikes. In fedorable distro Almost pam namespace can do this. It was born from a selinux project, for mls need, but it can be used also for a selinux targeted policy. Its configuration is not the default, However. Yeah, I'm looking at this stuff now. I must admit I feel rather foolish for not knowing of it's existence earlier. Humiliated, actually :) -- freebyron.org ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Symlink vulnerabilities
If you are in charge of a distro, it would not hurt to nuke it altogether and change all packages in your control to use per-user $TMPDIR. Some third-party stuff will break - but it breaks every now and then anyway. Excellent suggestion, and you've piqued my curiosity. What distros exist that implement tmp dirs in such a way? I haven't come across any, and the more I think about it, the more I wish that this is something I would see. If you had your way, would you see it implemented as /tmp/USER /USER/tmp, or some other way? Cheers, B -- freebyron.org ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Possible German Governmental Backdoor found (R2D2)
I thought this was an unmoderated list? It appears my submission has been held back. Interesting... although that archive seems corrupt... id like to see abit more about this but, very interesting indeed.. specially skype id harvesting, what could this be for. I hope that was a sarcastic Now what could this *possibly* be for? :) Are there any statistics for how often this list has been used as an attack vector? I'm honestly curious. That would be an interesting metric to see. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Possible German Governmental Backdoor found (R2D2)
Interesting... although that archive seems corrupt... id like to see abit more about this but, very interesting indeed.. specially skype id harvesting, what could this be for. I hope that was a sarcastic Now what could this *possibly* be for? :) Are there any statistics for how often this list has been used as an attack vector? I'm honestly curious. That would be an interesting metric to see. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Congratulations Andrew
Looks like Andrew/weev/n3td3v finally gets to do what he likes the most Performing fellatio on his fellow inmates http://www.theregister.co.uk/2010/06/16/auernheimer_arrested/ Oh man, pretty sweet! I've been waiting years to see weev eat a dick, and the time has come at last. Maybe there is a god. -- Byron L. Sonne :: blso...@halvdan.com :: www.halvdan.com gpg: 0x69D9EAA6, C651 EF07 1298 58B3 615D 4019 E196 BAE1 69D9 EAA6 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Congratulations Andrew
To sum up what full-disclosure has become: random arrested and charged with drug possession = 30+ posts unreal ircd backdoored = 4? responses. There's nothing surprising about software that has a bug - all software is shit and shot through with holes. We expect that (please forgive the arrogance of me using 'we' as if I speak for a group). Like I should care that much about some shite IRC daemon? The fact that it got any responses at all is interesting. Holy cow, water's wet? I better respond! :) Whereas the issue with andrew/weev/soon-to-be-assgaped is a bit of a surprise and hilarious. I dunno what you mean by 'random' but sadly, at the risk of feeding his ego, he has some history around these parts. -- Byron L. Sonne :: blso...@halvdan.com :: www.halvdan.com gpg: 0x69D9EAA6, C651 EF07 1298 58B3 615D 4019 E196 BAE1 69D9 EAA6 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Fingerprinting Paper with Laser
All technology and software is crap... it can't prevent anything from happening as long as humans are involved. If a man can make it, a man can break it... and if not, there's always rubber-hose cryptanalysis. Security _is_ snake oil -- Byron L. Sonne :: blso...@halvdan.com :: www.halvdan.com gpg: 0x69D9EAA6, C651 EF07 1298 58B3 615D 4019 E196 BAE1 69D9 EAA6 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] How Prosecutors Wiretap Wall Street
I said that illegal wiretapping will get thrown out of court and the perpetrators jailed. That's a separate issue from whether or not agents will all act within the law. Except that illegal wiretapping DOESN'T get thrown out in court for the most part that I can see, or it gets retroactively made legal. If we even get to find out it happened in the first place. -- Byron L. Sonne :: blso...@halvdan.com :: www.halvdan.com gpg: 0x69D9EAA6, C651 EF07 1298 58B3 615D 4019 E196 BAE1 69D9 EAA6 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] How Prosecutors Wiretap Wall Street
I seriously doubt the FBI will be wiretapping anyone on this list that isn't doing something illegal. If you're innocent, you have nothing to fear! Step aside, Citizen. :( -- Byron L. Sonne :: blso...@halvdan.com :: www.halvdan.com gpg: 0x69D9EAA6, C651 EF07 1298 58B3 615D 4019 E196 BAE1 69D9 EAA6 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] List of security conferences
Where can I find a list of security conferences that I can attend? I came across this a while back, it's been pretty handy: http://infosecevents.net/calendar/ -- Byron L. Sonne :: blso...@halvdan.com :: www.halvdan.com gpg: 0x69D9EAA6, C651 EF07 1298 58B3 615D 4019 E196 BAE1 69D9 EAA6 For Good, return Good. For Evil, return Justice ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] The BBC acquired a botnet, but was it legal? - Update
Anyone from Canada/America who laughs at the English for nanny state needs to look at their own country...your just a bad. Keep on believing that, my friend. Keep on believing. Your country will slide into fascism before either one of ours, of that I'm sure. Your excessive, excessive use of video cameras, firework laws, mercury in barometer issues, drug laws, gun laws, alcohol regulation, legally required to have anti-scalding devices on your bathub, warnings on eggs for containing eggs... Attempts at crypto regulation - having to be forced to give up crypto to the police on demand and if you don't 2 years jail, even though you've committed no offence. Pretty disgusting for a country that gave us the Magna Carta. Yes, our countries suck ass, but England... well, at least your not as bad as Australia for censorship, or attempts to censor. Or are you? The one area I will grant you that Canuckistan is worse is in terms of declassifying materials. Our gov't can keep them secret, or deny their existence, for what seems like forever. they talk about noise on these lists but come on... Yet you reply! -- Byron L. Sonne :: blso...@halvdan.com :: www.halvdan.com gpg: 0x69D9EAA6, C651 EF07 1298 58B3 615D 4019 E196 BAE1 69D9 EAA6 For Good, return Good. For Evil, return Justice ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] The BBC acquired a botnet, but was it legal? - Update
my TV licence money isnt for paying criminals. Bwahahaha! You suckers have to pay for TV licenses? That's some fucked up shit. Then again, it IS the nanny state... -- Byron L. Sonne :: blso...@halvdan.com :: www.halvdan.com gpg: 0x69D9EAA6, C651 EF07 1298 58B3 615D 4019 E196 BAE1 69D9 EAA6 For Good, return Good. For Evil, return Justice ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] The BBC acquired a botnet, but was it legal? - Update
You're in Canada, right? So your TV stations have 15 minutes per hour I don't watch TV. And I certainly wouldn't pay for a license. Even if it were commercial free. In any case, what's that dessicated old tart Lizzie gonna do if you don't pay? Send the bobbies to throw you in TV jail? By the way, shouldn't you have to provide a copy of your email in French? It IS the nanny state after all. No, as I'm not a federal gov't service. Six TV channels, and 7 radio stations? That's awful, but then again, it's not like there's anything worthwhile on the hundreds we get over here. Touché, good sir. -- Byron L. Sonne :: blso...@halvdan.com :: www.halvdan.com gpg: 0x69D9EAA6, C651 EF07 1298 58B3 615D 4019 E196 BAE1 69D9 EAA6 For Good, return Good. For Evil, return Justice ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Free Tibet..
This list is about whatever I want it to be. You see any moderation around here? Everything is political, my friend. Get your head out of the sand, and let's do something about those murderous thugs called the Chinese government. Did you forget Tiananmen square? You seen how Falun Gong members are treated? Did you forget that the Chinese have been attacking USA sites, gov't and commercial? Well, I think it's time to do some more 'Full Disclosure' and start disclosing China's infrastructure weaknesses. For folks in the Cell 'Primary': XAHGS-KDJGQ-OIUQA-MMASD-TTXPN-GQPFJ, 23:00 UTC, hopping: mu Dead drops to follow, schema: blue ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] *** OFF LIST *** Re: in Memory of Dude VanWinkle / Justin Plazzo
respected member of the online community (now you have something to aspire to) I couldn't care less what you think I ought to aspire to. I'm perfectly content being a 36 year old immature prick. So fuck off, and keep your aspirations for yourself. Dead is dead. Move on. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] in Memory of Dude VanWinkle / Justin Plazzo
Would all of y'all get a fucking grip? This is a mailing list, not a group rub-and-tug 'cos someone that just about no-one here knows peronally died. People die all the time, I don't care, and I don't need to hear about it. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Minute of Silence
Not exactly Info-sec but I think many can relate. Bobby Fischer has passed away. W00t! One less anti-semitic moron in the world. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] on xss and its technical merit
Naysayers of XSS want some elegant exciting actions. Its not. Its a case of not sanitizing input that allows arbitrary code to be executed. Simple things like umm secure coding, url scan, mod_security, noscript could combat this easily. That is probably the largest part of what makes it such a boring topic. The easier an attack is to defend against, probably the less exciting it is. It's hardly exciting to 'break into' someone's house through an unlocked door; there's no challenge. Its like someone walking past a car and seeing a million dollars sitting in the front seat. Thief opens unlocked door and takes money. Now a more elegant way would be to manipulate the chemical composition of the glass back to a gaseous form and reaching through. Ah, now THAT would be cool :) I really dont understand why some in this community are so quick to say this is no find, this isnt new, this is insert blah. You deal with this kind of crap professionally for a couple years and then tell me how excited you are to come into work in the morning just so you can pour over hours and hours of crud to make your customers happy. It's boring. There's no meat to it. It's rote. It sucks the life out of your day. I regret ever saying that nothing could be worse than writing CGI checks. I guess it makes them feel intelluctually superior to tear down the ideas of others whether they deserve it or not. In some cases they do. That might be part of it, who knows, for myself or maybe others. I'm not a shrink. But to me it's more about wanting to see the boundaries pushed and being exposed to new, exciting stuff. Are members of this community so starved for their own self worth that they strive to squash the ideas of others instinctively? Would make for a interesting study. Would probably just show that there's alot of pubescent teenagers jockeying for social position. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] on xss and its technical merit
coderman wrote: so perhaps xss should be discussed much less is the only concrete thing we all agree on? FTW It's pretty obvious that finding XSS has a low entrance barrier; this explains its popularity. It's just not very impressive. At the same time, if finding an xss gets some kid interested in security, then I suppose it can't be all bad. In any case, wikipedia has something interesting on this, I never thought about how to categorize them, but then again, I usually start vomiting from boredom at the mere site of the word 'xss' in a subject line. From http://en.wikipedia.org/wiki/Xss, take it as you will: Type 0 This form of XSS vulnerability has been referred to as DOM-based or Local cross-site scripting, and while it is not new by any means, a recent paper (DOM-Based cross-site scripting) does a good job of defining its characteristics. With Type 0 cross-site scripting vulnerabilities, the problem exists within a page's client-side script itself. Type 1 This kind of cross-site scripting hole is also referred to as a non-persistent or reflected vulnerability, and is by far the most common type. These holes show up when data provided by a web client is used immediately by server-side scripts to generate a page of results for that user. If unvalidated user-supplied data is included in the resulting page without HTML encoding, this will allow client-side code to be injected into the dynamic page Type 2 This type of XSS vulnerability is also referred to as a stored or persistent or second-order vulnerability, and it allows the most powerful kinds of attacks. It is frequently referred to as HTML injection. A type 2 XSS vulnerability exists when data provided to a web application by a user is first stored persistently on the server (in a database, filesystem, or other location), and later displayed to users in a web page without being encoded using HTML entities. Cheers, B ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] on xss and its technical merit
Its amazing the last 2 posters even have to time to read FD. It's not without it's uses :) With all the super important super secret projects they must be working. LOL believes XSS and XSRF as viable attack vectors The other side thinks its rubbish. That's a disingenuous distortion. I happen to think they are both viable attack vectors AND rubbish. the folks who are so bored yawn with XSS and CSRF can post their remarkable works and amaze us all. The second I can think of, or accomplish, something that's both more interesting than this xsscsrfbbqwtf slop and hasn't been done before, I will. It is not easy to come up with cool new stuff or wicked ass shit. That's kinda my point, and why we see so much of this derivative crap. Now obviously there's a ton of folks around with way better resumes than me and a far better skill set, but don't go telling me to stand in awe of someone who found this kind of hole in some big name website. Wanting fame and respect for XSS on stuff like Goggle is like asking for respect 'cos you lifted Paris Hilton's wallet, or jimmied the door on the back of Microsoft's shipping warehouse. There is nothing gloriously technical about it, there is no elegance, only a clever trick. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] n3td3v denounces the actions of www.derangedsecurity.com
fellow scots stick up for each other, so remember that the next time you talk to a scotsman, because we're tough and bold and we'll kick you in the teeth you swedish fuck. You know why Scots wear kilts, right? Sheep can hear zippers. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Hushmail == Narqz
Paul, This hardly means that the hushmail crew are narqz, it just means that they are cooperating with the law like any legitimate business would. No, it doesn't mean they're narqa, but it does mean they're spineless pussies that eagerly sell people out. If a friend did that to you, what would you think of them? Take 'em down. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Right, or wrong?
This way as much damage, mischief and chaos as possible can be sown. Would you still feel that way if the resulting worm took out your bank's ATM network, and as a result you couldn't get to your money? Or if your identity got stolen and you found yourself liable for $4,000 of credit card or cell-phone charges? Yes, absolutely. I wouldn't wish anything on anyone that I'm not prepared to try and endure myself. Additionally, as a result of sensible planning I'm in no position where I am dependent on any of those for day to day living requirements, nor would I be liable for anything incurred as a result of identity theft. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Right, or wrong?
Is it morally right, wrong, don't know, don't care, good business, bad business, etc.? Either way we're moving away from that model, but I was just curious how others on FD see it. It's lame, as I see it. IMO, as soon as a bug/vuln is found it should be released into the public domain, with as wide a circulation as possible, and free of charge. This way as much damage, mischief and chaos as possible can be sown. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] flag as cyber terrorism
Sigh... I thought you said you were going to shut the fuck up and never bother us again? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [OT] Shellcoder's Handbook, 2nd edition?
Fantastic book - great stuff and an excellent read. Does anyone know if a 2nd edition is planned to correct the errors in the book and/or fine tune the examples? Didn't find anything on the wiley.com. Cheers, B ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] blog.ncircle.com
No harm intended. Hope no offense was taken. None at all! :) Personally, you couldn't pay me enough to work at Microsoft. One must be careful that when you lie down with dogs, you don't get fleas. Cheers, B ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] blog.ncircle.com
My God at the spin I've got to quit drinking. Some of us there know or have met Adam, and so it's just a passing on of congrats. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] yahoo messenger deinal of service
Could you guys at least pick something more interesting to attack? These are stupid applications with stupid bugs, and it's incredibly boring. Up the ante a little and do something big! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] yahoo messenger deinal of service
When the stupid application is connected to the biggest e-mail provider on the planet, the ante is already upped... Yeah, but it's boring. It's like running around to every Starbucks in town and putting toothpicks and glue in the washroom locks. Childish. Weak on imagination. Enough with these parlour tricks. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] terrorists have invaded the united states
Why don't you folks just put up some filters for 'n3td3v'? I did months ago along with everyone else I know and it's been a blessing. Either fire up firefox and add the filter, or locate your msgFilterRules.dat and add this (change the to your username, duh): name=n3td3v crap enabled=yes type=1 action=Move to folder actionValue=mailbox://[EMAIL PROTECTED]/Trash condition=OR (subject,contains,n3td3v) OR (from,contains,n3td3v) OR (to or cc,contains,n3td3v) OR (body,contains,n3td3v) The condition line should be a single line, but my mailer wraps it. Problem solved. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] terrorists have invaded the united states
Err, I meant to say 'thunderbird'... ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Steve Gibson smokes crack?
Concious decision? So you are in the Microsoft meetings? Do tell...didn't think so. Never ascribe to malice what can be explained by stupidity, or perhaps in this case, laziness and neglect. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Spy Agency Mined Vast Data Trove
just willing to hear your views on what are the rules to check/tackle such issues in other foreign countries??? Well, one of the tricks these bastards play with Echelon is how they get around the typical illegality of spying on people in their own country. For instance, I'm from Canada, and our spy agencies are not allowed to spy on people inside our own country (technically). It's much the same in the USA, probably worse, as we're both pissing away our privacy. So anyways, what they do is agree to help each other out by spying on each other's citizens, then sharing the information. So, the UK will spy on Australian and American citizens, Canada will spy on US and US on Canadian citizens, Australia on UK and such, etc. That way they're not breaking the letter of the law. Twisted, huh? Perhaps your country has similar agreements with neighbouring countries. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] An uncontrolled ***OFFTOPIC*** thread ... America's future under George Bush
And - about permitting Iran to develop nuclear power because the US is a bully ... WTF? More than one side to the story, homes... everyone has the right to peacable nuclear power. Even if they did develop nukes, it's in their right. If the USA, Russia + satellite states, France, UK, India, Pakistan and Israel are allowed to do it, why not anyone else? Good for the goose, good for the gander. The USA failed to lead by example, and are now reaping the rewards. You are talking about Iran, a nation whose leader is delusional and has voiced support of destroying another nation outright. Susbistute 'USA' for 'Iran' and the sentence sounds like the same crap other people say about the USA. You sound just like the jerks that your troops are allegedly fighting against. Ever consider there's some brown skinned dude in a turban thinking almost the same kind of thoughts as you, except it's about America instead? The USA has made it's bed, and now you're finding it uncomfortable to sleep in? Haha. You may disagree with my position, and that is fine ... but this forum is not the correct place to debate the issue - can we please let this list return to topic now? So as long as you get your last word in, everyone has to shut up? Feh. Weak dude. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] A CALL FOR FULL-DISCLOSURE TO BECOME A MODERATED LIST
Seriously folks, just set some spam filters. Out of the 1640 FD messages I had, I set a filter on 'n3t' and it snagged 225 messages, or in other words, 13.7% of messages got junked. Total time: 1 minute ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Re: Requirements for Security Companies to Perform Federal Penetration Testing
I'm doing some research about performing federal level work. What federal government are you talking about? The world's a big place. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Was: n3td3v.com, now: C.Meinel
Please don't ever think to put the discussion on the level of personal attacks. It's not an attack; it's karma. Also a way of looking after the community. No one is interested, and it's only in the interests of that I beg to differ. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Was: n3td3v.com, now: C.Meinel
Carolyn Meinel wrote: I'd be wary of anything Ms. Meinel has to say: http://attrition.org/errata/charlatan/shame/index2.html The info's old but some leopards don't change their spots. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [FLSA-2005:158801] Updated bzip2 packages fix security issues
Could you please stop mailing your Bug-Fix-Reports aka Package xyz updated to the Full*-Mailinglist? I don't find those mailings objectionable. I think this is an appropriate forum. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
