Re: [Full-disclosure] SCADA Security Corruption
> Sure, we aren't always right... I quite > often have changed a position in the face of > irrefutable evidence. It is a mark of character to > admit when you are wrong. Fredrick Diggle imagines that happens quite often to you eh? Also the hippo says hello :D On Feb 17, 2008 9:21 PM, Bryan L. Singer <[EMAIL PROTECTED]> wrote: > I know Jonathan quite well ... As a public leader in > this space (one that is not afraid to stand up in > front of crowds and speak a message), you are bound to > make some enemies out there, it's inevitable. > > I can't remember where I heard it, but its a great > saying... if you stand for nothing, you'll fall for > anything... and its sage advice. > > The challenge is that once you expose yourself to the > peanut gallery like many of us do, someone that does > not have the same courage is likely to posit the voice > of the pessimist. It is much more easy to destroy > than create. Sure, we aren't always right... I quite > often have changed a position in the face of > irrefutable evidence. It is a mark of character to > admit when you are wrong. > > Any tactic involving slamming another peer, throwing > under the bus, or spreading uncorroborated > information, however, is deplorable. Sure, if JP or > anyone else shows up on "The Smoking Gun" with a > credible piece of information behind it.. then we can > have this conversation. But if we don't have solid > proof, better left to say nothing. > > I know JP quite well and would be happy to know that > he worked on my security program. > > > PS: asinine-sasion... that's good... > --- worried security <[EMAIL PROTECTED]> > wrote: > > > > On Feb 17, 2008 10:11 PM, <[EMAIL PROTECTED]> > > wrote: > > > So what's the point, Ghostrider, other than > > character assassination > > > (or is that asinine-sasion)? > > > > > > Simply by highlighting what is at most dubious > > information, you > > > present it as fact and leave the rest to > > now-public conjecture. > > > > > > What is your relation to the guy? Indeed, when > > were you > > > fired...and for what? > > > > > > Even if your grudge-specific accusation had a > > smidgen of truth, > > > exactly how many people sharing that name are in > > the US..or the > > > world for that matter? If you goto: > > > > > http://www.census.gov/genealogy/www/namesearch.html > > one can get a > > > pretty good idea how common the name is, and work > > the > > > statistics yourself... Better yet, if I goto a > > search engine > > > starting with Za...I find 5 different people with > > the same name, > > > residing anywhere from beautiful Bakersfield, Ca > > to McCalla, > > > Alabama (don't forget your Banjo, pig, and > > slobbering 'Tard, 'ya > > > hear?). > > > > > > The odds seem to be...lacking, Ghostrider. > > > > > > What a nasty, spiteful and cheap way to air your > > grievance against > > > someone -- one can only hope the groundwork you're > > laying doesn't > > > come back to bite you, hard, when the Karma PoPo > > demand unfettered > > > access inside 'yer head. > > > > > > Let's be honest here, perhaps a rare, seminal > > event for 'ya -- > > > you're not performing research, you're trying to > > throw this guy > > > under a bus, an inquisition by any other name -- > > and I'm calling > > > you out. > > > > > > Ghostrider, the question to everyone's answer is > > usually found from > > > within, and I hope the looking glass doesn't hurt > > too much when > > > it's pointed your way some day. > > > > > > -BeenThere > > > > > > p.s. Have you seen what the average SCADA admin > > looks like? One > > > guy in these parts looks like he could have walked > > off the AC/DC > > > Tour Bus...and I must say, I can tell when he > > comes on shift 'cause > > > the lights burn just a little brighter. > > > > > > If SecurityFocus Robert Lemos and HackerFactor Dr > > Neal Krawetz and the > > Funsec crowd can get away with character > > assassination without legal > > action, then some Ghost Rider guy on Full-Disclosure > > is small fry. > > > > You know what am sayin? ;) > > > > ___ > > Full-Disclosure - We believe in it. > > Charter: > > > http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - > > http://secunia.com/ > > > > > -- > Bryan L Singer > > Mufris, non Magister > > > > > Looking for last minute shopping deals? > Find them fast with Yahoo! Search. > http://tools.search.yahoo.com/newsearch/category.php?category=shopping > > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored
Re: [Full-disclosure] SCADA Security Corruption
I know Jonathan quite well ... As a public leader in this space (one that is not afraid to stand up in front of crowds and speak a message), you are bound to make some enemies out there, it's inevitable. I can't remember where I heard it, but its a great saying... if you stand for nothing, you'll fall for anything... and its sage advice. The challenge is that once you expose yourself to the peanut gallery like many of us do, someone that does not have the same courage is likely to posit the voice of the pessimist. It is much more easy to destroy than create. Sure, we aren't always right... I quite often have changed a position in the face of irrefutable evidence. It is a mark of character to admit when you are wrong. Any tactic involving slamming another peer, throwing under the bus, or spreading uncorroborated information, however, is deplorable. Sure, if JP or anyone else shows up on "The Smoking Gun" with a credible piece of information behind it.. then we can have this conversation. But if we don't have solid proof, better left to say nothing. I know JP quite well and would be happy to know that he worked on my security program. PS: asinine-sasion... that's good... --- worried security <[EMAIL PROTECTED]> wrote: > On Feb 17, 2008 10:11 PM, <[EMAIL PROTECTED]> > wrote: > > So what's the point, Ghostrider, other than > character assassination > > (or is that asinine-sasion)? > > > > Simply by highlighting what is at most dubious > information, you > > present it as fact and leave the rest to > now-public conjecture. > > > > What is your relation to the guy? Indeed, when > were you > > fired...and for what? > > > > Even if your grudge-specific accusation had a > smidgen of truth, > > exactly how many people sharing that name are in > the US..or the > > world for that matter? If you goto: > > > http://www.census.gov/genealogy/www/namesearch.html > one can get a > > pretty good idea how common the name is, and work > the > > statistics yourself... Better yet, if I goto a > search engine > > starting with Za...I find 5 different people with > the same name, > > residing anywhere from beautiful Bakersfield, Ca > to McCalla, > > Alabama (don't forget your Banjo, pig, and > slobbering 'Tard, 'ya > > hear?). > > > > The odds seem to be...lacking, Ghostrider. > > > > What a nasty, spiteful and cheap way to air your > grievance against > > someone -- one can only hope the groundwork you're > laying doesn't > > come back to bite you, hard, when the Karma PoPo > demand unfettered > > access inside 'yer head. > > > > Let's be honest here, perhaps a rare, seminal > event for 'ya -- > > you're not performing research, you're trying to > throw this guy > > under a bus, an inquisition by any other name -- > and I'm calling > > you out. > > > > Ghostrider, the question to everyone's answer is > usually found from > > within, and I hope the looking glass doesn't hurt > too much when > > it's pointed your way some day. > > > > -BeenThere > > > > p.s. Have you seen what the average SCADA admin > looks like? One > > guy in these parts looks like he could have walked > off the AC/DC > > Tour Bus...and I must say, I can tell when he > comes on shift 'cause > > the lights burn just a little brighter. > > > If SecurityFocus Robert Lemos and HackerFactor Dr > Neal Krawetz and the > Funsec crowd can get away with character > assassination without legal > action, then some Ghost Rider guy on Full-Disclosure > is small fry. > > You know what am sayin? ;) > > ___ > Full-Disclosure - We believe in it. > Charter: > http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - > http://secunia.com/ > -- Bryan L Singer Mufris, non Magister Looking for last minute shopping deals? Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] SCADA Security Corruption
On Feb 17, 2008 10:11 PM, <[EMAIL PROTECTED]> wrote: > So what's the point, Ghostrider, other than character assassination > (or is that asinine-sasion)? > > Simply by highlighting what is at most dubious information, you > present it as fact and leave the rest to now-public conjecture. > > What is your relation to the guy? Indeed, when were you > fired...and for what? > > Even if your grudge-specific accusation had a smidgen of truth, > exactly how many people sharing that name are in the US..or the > world for that matter? If you goto: > http://www.census.gov/genealogy/www/namesearch.html one can get a > pretty good idea how common the name is, and work the > statistics yourself... Better yet, if I goto a search engine > starting with Za...I find 5 different people with the same name, > residing anywhere from beautiful Bakersfield, Ca to McCalla, > Alabama (don't forget your Banjo, pig, and slobbering 'Tard, 'ya > hear?). > > The odds seem to be...lacking, Ghostrider. > > What a nasty, spiteful and cheap way to air your grievance against > someone -- one can only hope the groundwork you're laying doesn't > come back to bite you, hard, when the Karma PoPo demand unfettered > access inside 'yer head. > > Let's be honest here, perhaps a rare, seminal event for 'ya -- > you're not performing research, you're trying to throw this guy > under a bus, an inquisition by any other name -- and I'm calling > you out. > > Ghostrider, the question to everyone's answer is usually found from > within, and I hope the looking glass doesn't hurt too much when > it's pointed your way some day. > > -BeenThere > > p.s. Have you seen what the average SCADA admin looks like? One > guy in these parts looks like he could have walked off the AC/DC > Tour Bus...and I must say, I can tell when he comes on shift 'cause > the lights burn just a little brighter. If SecurityFocus Robert Lemos and HackerFactor Dr Neal Krawetz and the Funsec crowd can get away with character assassination without legal action, then some Ghost Rider guy on Full-Disclosure is small fry. You know what am sayin? ;) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] SCADA Security Corruption
On Feb 17, 2008 10:28 AM, Ghost Rider <[EMAIL PROTECTED]> wrote: "After some offline discussion and a bit more research I agree that the credibility doesn't seem very reliable. It looks like it was on a (non-google) server archive where somebody was manually saving chat archives. Who knows... they could have been forged or manipulated. The only way to know for sure would be to see the actual google server archive." So what's the point, Ghostrider, other than character assassination (or is that asinine-sasion)? Simply by highlighting what is at most dubious information, you present it as fact and leave the rest to now-public conjecture. What is your relation to the guy? Indeed, when were you fired...and for what? Even if your grudge-specific accusation had a smidgen of truth, exactly how many people sharing that name are in the US..or the world for that matter? If you goto: http://www.census.gov/genealogy/www/namesearch.html one can get a pretty good idea how common the name is, and work the statistics yourself... Better yet, if I goto a search engine starting with Za...I find 5 different people with the same name, residing anywhere from beautiful Bakersfield, Ca to McCalla, Alabama (don't forget your Banjo, pig, and slobbering 'Tard, 'ya hear?). The odds seem to be...lacking, Ghostrider. What a nasty, spiteful and cheap way to air your grievance against someone -- one can only hope the groundwork you're laying doesn't come back to bite you, hard, when the Karma PoPo demand unfettered access inside 'yer head. Let's be honest here, perhaps a rare, seminal event for 'ya -- you're not performing research, you're trying to throw this guy under a bus, an inquisition by any other name -- and I'm calling you out. Ghostrider, the question to everyone's answer is usually found from within, and I hope the looking glass doesn't hurt too much when it's pointed your way some day. -BeenThere p.s. Have you seen what the average SCADA admin looks like? One guy in these parts looks like he could have walked off the AC/DC Tour Bus...and I must say, I can tell when he comes on shift 'cause the lights burn just a little brighter. <-cut---org message below--> On Feb 17, 2008 10:28 AM, Ghost Rider <[EMAIL PROTECTED]> wrote: I was trying to do a little research on SCADA security and I noticed this one guy's name (Jonathan Pollet) kept coming up. It seems he is one of the leading experts and it also looks like he is a Vice President at Industrial Defender (www.industrialdefender.com). It looks like they are a leading SCADA security company. Well through my Google searching I also came across an interesting archived Google Talk chat with his name in it. I guess not only is this guy a leader in SCADA Security it seems he is into drug trafficking also (pasted below). These are the people protecting critical networks like power grids and nuclear plants!?!?!?! Chat with Jonathan Pollet show details 7/29/07 Jonathan Pollet to me (SNIP…) 11:51 PM Jonathan: nice speaking of drugs...ha ha i felt weird asking you about that today me: yeah we'll have to hook up 'morrow i don't care Jonathan: but I really didn't know where to turn so thanks 11:52 PM me: yeah i have shady friends lol Jonathan: I've got to figure out the best way to transport it through Chicago and onto Vegas me: oh shit you have a destination before vegas? well don't put it in your checked bags 11:53 PM Jonathan: yeah that's what i heard too me: you'll have about an 80 to 90% chance of getting popped Jonathan: i was thinking of splitting all the flaps up me: best way is to tape it to your leg Jonathan: into different places in my laptop bad bag ah cool didn't think about that me: don't put it in ANY bag if you get popped for a random search they can find it 11:54 PM Jonathan: can you have Ross break it up into small bagges me: yeah Jonathan: or paper flaps just not foil me: it'll be tiny tiny ziplocks you can tape those to your leg Jonathan: sweet 11:55 PM i can handle that me: chances of you getting strip searched is probably zero Jonathan: yeah, I've flown thousands of times me: chances of you walking past a drug dog is zero Jonathan: never strip searched at all me: yeah you'll be 100% safe taping it to you Jonathan: i've ran into a god beforebut only going in and out of canada dog 11:56 PM me: i've never found god in an airport :P Jonathan: haha (..SNIP) -- Study law at a school near you. Click for more info. http://tagline.hushmail.com/fc/Ioyw6h4fKhBmwTxkG1GxgO4tXaRPeE5Zi8RiCkKEuNI60sr8rWnWZq/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] SCADA Security Corruption
After some offline discussion and a bit more research I agree that the credibility doesn't seem very reliable. It looks like it was on a (non-google) server archive where somebody was manually saving chat archives. Who knows... they could have been forged or manipulated. The only way to know for sure would be to see the actual google server archive. On Feb 17, 2008 10:28 AM, Ghost Rider <[EMAIL PROTECTED]> wrote: > I was trying to do a little research on SCADA security and I noticed > this one guy's name (Jonathan Pollet) kept coming up. It seems he is > one of the leading experts and it also looks like he is a Vice > President at Industrial Defender (www.industrialdefender.com). It > looks like they are a leading SCADA security company. Well through my > Google searching I also came across an interesting archived Google > Talk chat with his name in it. I guess not only is this guy a leader > in SCADA Security it seems he is into drug trafficking also (pasted > below). These are the people protecting critical networks like power > grids and nuclear plants!?!?!?! > > > Chat with Jonathan Pollet show details 7/29/07 > > Jonathan Pollet to me > > > (SNIP…) > > > 11:51 PM Jonathan: nice > > speaking of drugs...ha ha > > i felt weird asking you about that today > > me: yeah we'll have to hook up 'morrow > > i don't care > > Jonathan: but I really didn't know where to turn > > so thanks > > 11:52 PM me: yeah i have shady friends > > lol > > Jonathan: I've got to figure out the best way to transport it through > Chicago and onto Vegas > > me: oh shit you have a destination before vegas? > > well don't put it in your checked bags > > 11:53 PM Jonathan: yeah that's what i heard too > > me: you'll have about an 80 to 90% chance of getting popped > > Jonathan: i was thinking of splitting all the flaps up > > me: best way is to tape it to your leg > > Jonathan: into different places in my laptop bad > > bag > > ah > > cool > > didn't think about that > > me: don't put it in ANY bag > > if you get popped for a random search they can find it > > 11:54 PM Jonathan: can you have Ross break it up into small bagges > > me: yeah > > Jonathan: or paper flaps > > just not foil > > me: it'll be tiny tiny ziplocks > > you can tape those to your leg > > Jonathan: sweet > > 11:55 PM i can handle that > > me: chances of you getting strip searched is probably zero > > Jonathan: yeah, I've flown thousands of times > > me: chances of you walking past a drug dog is zero > > Jonathan: never strip searched at all > > me: yeah you'll be 100% safe taping it to you > > Jonathan: i've ran into a god beforebut only going in and out of canada > > dog > > 11:56 PM me: i've never found god in an airport > > :P > > Jonathan: haha > > > (..SNIP) > ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] SCADA Security Corruption
huh ?? could you pls share the search term / final URL of archived page !! On Feb 17, 2008 12:28 PM, Ghost Rider <[EMAIL PROTECTED]> wrote: > Well through my > Google searching I also came across an interesting archived Google > Talk chat with his name in it. > ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] SCADA Security Corruption
I was trying to do a little research on SCADA security and I noticed this one guy's name (Jonathan Pollet) kept coming up. It seems he is one of the leading experts and it also looks like he is a Vice President at Industrial Defender (www.industrialdefender.com). It looks like they are a leading SCADA security company. Well through my Google searching I also came across an interesting archived Google Talk chat with his name in it. I guess not only is this guy a leader in SCADA Security it seems he is into drug trafficking also (pasted below). These are the people protecting critical networks like power grids and nuclear plants!?!?!?! Chat with Jonathan Pollet show details 7/29/07 Jonathan Pollet to me (SNIP…) 11:51 PM Jonathan: nice speaking of drugs...ha ha i felt weird asking you about that today me: yeah we'll have to hook up 'morrow i don't care Jonathan: but I really didn't know where to turn so thanks 11:52 PM me: yeah i have shady friends lol Jonathan: I've got to figure out the best way to transport it through Chicago and onto Vegas me: oh shit you have a destination before vegas? well don't put it in your checked bags 11:53 PM Jonathan: yeah that's what i heard too me: you'll have about an 80 to 90% chance of getting popped Jonathan: i was thinking of splitting all the flaps up me: best way is to tape it to your leg Jonathan: into different places in my laptop bad bag ah cool didn't think about that me: don't put it in ANY bag if you get popped for a random search they can find it 11:54 PM Jonathan: can you have Ross break it up into small bagges me: yeah Jonathan: or paper flaps just not foil me: it'll be tiny tiny ziplocks you can tape those to your leg Jonathan: sweet 11:55 PM i can handle that me: chances of you getting strip searched is probably zero Jonathan: yeah, I've flown thousands of times me: chances of you walking past a drug dog is zero Jonathan: never strip searched at all me: yeah you'll be 100% safe taping it to you Jonathan: i've ran into a god beforebut only going in and out of canada dog 11:56 PM me: i've never found god in an airport :P Jonathan: haha (..SNIP) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/