hi all,
I've written a little article on detecting not-so-passive voip tapping systems.
probably it won't work in the most cases... I think/hope police uses
well coded sniffers that can't be detected. anyway, who knows, maybe
somewhere in this sick sad world it may work.
have fun!
*** Intro
The
n3td3v wrote:
> My poll is doing well, keep voting guys and ignore the trolls.
Done. You are ignored. Should have done this ages ago.
-Jeff
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Host
>> Hate to burst your bubble, but insider threats have been understood as an
>> issue since well before you were born.
>
>
> So has the concept of security threater, but that doesn't stop Bruce
> Schneier talking about it in essays
>
> http://www.schneier.com/essay-155.html and at security
> http
==
Secunia Research 08/04/2008
- Lotus Notes EML Reader Buffer Overflows -
==
Table of Contents
Affected Software...
==
Secunia Research 08/04/2008
- Autonomy Keyview Folio Flat File Parsing Buffer Overflows -
==
Table of Contents
Affected Software.
==
Secunia Research 14/04/2008
- ClamAV Upack Processing Buffer Overflow Vulnerability -
==
Table of Contents
Affected Software...
==
Secunia Research 08/04/2008
- Autonomy Keyview EML Reader Buffer Overflows -
==
Table of Contents
Affected Software.
==
Secunia Research 08/04/2008
- Adobe Flash Player "Declare Function (V7)" Heap Overflow -
==
Table of Contents
Affected Software.
==
Secunia Research 08/04/2008
- Internet Explorer Data Stream Handling Vulnerability -
==
Table of Contents
Affected Software
==
Secunia Research 08/04/2008
- Lotus Notes kvdocve.dll Path Processing Buffer Overflow -
==
Table of Contents
Affected Software.
==
Secunia Research 08/04/2008
- Symantec Mail Security Folio Flat File Parsing Buffer Overflows -
==
Table of Contents
Affected Softwa
==
Secunia Research 08/04/2008
- Lotus Notes htmsr.dll Buffer Overflows -
==
Table of Contents
Affected Software..
==
Secunia Research 08/04/2008
- Symantec Mail Security Applix Graphics Parsing Vulnerabilities -
==
Table of Contents
Affected Softwa
==
Secunia Research 08/04/2008
- Autonomy Keyview Applix Graphics Parsing Vulnerabilities -
==
Table of Contents
Affected Software.
==
Secunia Research 08/04/2008
- activePDF DocConverter Folio Flat File Parsing Buffer Overflows -
==
Table of Contents
Affected Softwa
==
Secunia Research 08/04/2008
- Lotus Notes Applix Graphics Parsing Vulnerabilities -
==
Table of Contents
Affected Software
==
Secunia Research 08/04/2008
- Lotus Notes Folio Flat File Parsing Buffer Overflows -
==
Table of Contents
Affected Software...
On Sat, Apr 12, 2008 at 5:06 PM, imipak <[EMAIL PROTECTED]> wrote:
> Schneier coined the phrase, dolt.
>
> http://en.wikipedia.org/wiki/Security_theatre
Forwarded conversation
Subject: Security Threater: reader comment from n3td3v
From: n3td3v <[EMAIL PROTECTED]>
Date: Th
I like what you say about a chinese IP space attacks or cyber crime
might not be the chinese government or its people,but could as easily
be another government who is carrying out cyber attacks and cyber
crime and making all evidence point towards China.
On the point of romanian teenagers, I don't
On Mon, Apr 14, 2008 at 12:56 PM, n3td3v <[EMAIL PROTECTED]> wrote:
>
> Security Threater: reader comment from n3td3v
>
> Posted on: April 10, 2008, 9:17 AM PDT
> Story: Bruce Schneier's new view on Security Theater
>
> Security threater is good because it scares potential terrorists from
> being
On Mon, 14 Apr 2008 13:54:29 EDT, "G. D. Fuego" said:
> Do you understand the point of terrorism? The end goal is not to kill
> people. There are plenty of more effective methods to kill people than
> they've been using. No, the end goal is to cause TERROR. They want us to
> be afraid to live
I appreciate Valdis's point and agree with it. I'll posit that there is an
optimal balance that can be achieved vis-a-vis security. I'll use airport
security as my example. In this case, security theater becomes a political
necessity (fed gov't needs to look responsive after 9/11 to re-assure pe
On Mon, 14 Apr 2008 17:56:20 BST, n3td3v said:
> Security threater is good because it scares potential terrorists from
> being caught. It keeps the terrorists on their toes and worrying all
> the time.
No, it wastes lots of resources and keeps us from deploying security that
actually works. Ther
On Mon, Apr 14, 2008 at 6:54 PM, G. D. Fuego <[EMAIL PROTECTED]> wrote:
> On Mon, Apr 14, 2008 at 12:56 PM, n3td3v <[EMAIL PROTECTED]> wrote:
>
> >
> > Security Threater: reader comment from n3td3v
> >
> > Posted on: April 10, 2008, 9:17 AM PDT
> > Story: Bruce Schneier's new view on Security Theat
Every new post further reveals the depth of your stunning intellect.
- Bad guys would never think to, you know, go to the campus and look around?
- Car tags are personally identifiable information and therefore should
remain private, right? Oh, except they are prominently displayed on your
car's b
##
- S21Sec Advisory -
##
Title: Cezanne SW Cross-Site Scripting (login required)
ID: S21SEC-042-en
Severity: Medium
History:
02.Jan.2008 Vulnerability discovered
Authors:
##
- S21Sec Advisory -
##
Title: Cezanne SW (login required) Blind SQL Injection
ID: S21SEC-043-en
Severity: High
History:
02.Jan.2008 Vulnerability discovered
Authors:
Ju
n3td3v,
Are you Bin Laden? You're doing his job for him! If we can't even park
without being afraid someone is going to blow up our building, wtf?
Pictures of the parking lot? Big fucking deal!
Nate
On 4/14/08, n3td3v <[EMAIL PROTECTED]> wrote:
>
> On Mon, Apr 14, 2008 at 6:54 PM, G. D. Fueg
On Mon, Apr 14, 2008 at 3:04 PM, n3td3v <[EMAIL PROTECTED]> wrote:
>
> There are many ways the parking setup could be used against Yahoo
> adversaries, think car bomb, or truck bomb? It was hugely
> irresponsible of Yahoo to allow such photos to be taken by on-the-fly
> employees.
>
The biggest p
##
- S21Sec Advisory -
##
Title: Cezanne SW Cross-Site Scripting
ID: S21SEC-041-en
Severity: Medium
History:
02.Jan.2008 Vulnerability discovered
Authors:
Juan de la Fuente
On Mon, 14 Apr 2008 17:56:20 BST, nEtdEv said:
> Security threater is good because it scares potential terrorists from
> being caught. It keeps the terrorists on their toes and worrying all
> the time.
...
> Usually airports combine security threater and real security together,
> and thats got to
On Mon, 14 Apr 2008 20:04:37 BST, n3td3v said:
> There are many ways the parking setup could be used against Yahoo
> adversaries, think car bomb, or truck bomb? It was hugely
> irresponsible of Yahoo to allow such photos to be taken by on-the-fly
> employees.
For the wannabe bomber, the fact that
===
Ubuntu Security Notice USN-601-1 April 14, 2008
squid vulnerability
CVE-2008-1612
===
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 6.1
On Mon, Apr 14, 2008 at 8:31 PM, Kurt Dillard <[EMAIL PROTECTED]> wrote:
> - Bad guys would never think to, you know, go to the campus and look around?
You forget, the intelligence services are indepth with Yahoo already,
and some of their senior software engineers are in the service.
I have spok
On Mon, Apr 14, 2008 at 5:05 PM, n3td3v <[EMAIL PROTECTED]> wrote:
> On Mon, Apr 14, 2008 at 8:31 PM, Kurt Dillard <[EMAIL PROTECTED]> wrote:
> > - Bad guys would never think to, you know, go to the campus and look
> around?
>
> You forget, the intelligence services are indepth with Yahoo already,
On Mon, Apr 14, 2008 at 9:05 PM, <[EMAIL PROTECTED]> wrote:
> On Mon, 14 Apr 2008 20:04:37 BST, n3td3v said:
>
> > There are many ways the parking setup could be used against Yahoo
> > adversaries, think car bomb, or truck bomb? It was hugely
> > irresponsible of Yahoo to allow such photos to be t
On Mon, Apr 14, 2008 at 5:17 PM, n3td3v <[EMAIL PROTECTED]> wrote:
>
> Ok, my comment above was slightly a drop in the sky to get attention
> of the problem, but look let's concentrate more on something else,
> which you seem to have purposely bypassed and snipped out, even though
> it was one of
On Mon, Apr 14, 2008 at 10:08 PM, G. D. Fuego <[EMAIL PROTECTED]> wrote:
> On Mon, Apr 14, 2008 at 5:05 PM, n3td3v <[EMAIL PROTECTED]> wrote:
>
> >
> >
> > On Mon, Apr 14, 2008 at 8:31 PM, Kurt Dillard <[EMAIL PROTECTED]> wrote:
> > > - Bad guys would never think to, you know, go to the campus and
On Mon, Apr 14, 2008 at 10:22 PM, G. D. Fuego <[EMAIL PROTECTED]> wrote:
> On Mon, Apr 14, 2008 at 5:17 PM, n3td3v <[EMAIL PROTECTED]> wrote:
>
> >
> >
> >
> >
> > Ok, my comment above was slightly a drop in the sky to get attention
> > of the problem, but look let's concentrate more on something e
Removing your private mailing list that none of us can actually post to.
> I have to contest, at Yahoo--- Mark Seiden and others said Sunnyvale
> isn't MI5/MI6 and that people shouldn't be stopped on premises without
> permission for taking photos.
>
> And I was angry that Mark Seiden and others a
On Mon, 14 Apr 2008 22:17:31 BST, n3td3v said:
> Ok, my comment above was slightly a drop in the sky to get attention
> of the problem, but look let's concentrate more on something else,
> which you seem to have purposely bypassed and snipped out, even though
> it was one of the key points...
I t
n3td3v wrote:
>
> I could go further indepth but I don't think it would be appropriate
> without having to name names in public.
>
> n3td3v
>
You are an idiot. So tired of your crap showing up in my box. Say
hello to yet another kill file.
--Blaine
_
On Mon, Apr 14, 2008 at 2:36 PM, n3td3v <[EMAIL PROTECTED]> spewed
forth the following drug infused ramblings:
> ...
> The whole topic(s) have obviously swept over your head entirely...
i love my psychotomimetic mind expanders as much as the next guy, but
r4td3ad is really over doing it here!
ba
On Mon, Apr 14, 2008 at 10:44 PM, G. D. Fuego <[EMAIL PROTECTED]> wrote:
> Removing your private mailing list that none of us can actually post to.
You could subscribe then you wouldn't hit the bouncer server? Its a
public mailing list as long as you register your google account to the
group.
>
>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200804-13
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200804-14
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
Man, and I thought your tin-foil hat conspiracy bullsh*t was bad enough
before.
Do you, as a PERSONAL MATTER, oppose to Google Street View too, because
showing who parked where is a matter of national security or some other such
bullsh*t?
On a more serious note, PLEASE take your personal opinions
On Mon, Apr 14, 2008 at 6:23 PM, n3td3v <[EMAIL PROTECTED]> wrote:
> On Mon, Apr 14, 2008 at 10:44 PM, G. D. Fuego <[EMAIL PROTECTED]> wrote:
> > Removing your private mailing list that none of us can actually post to.
>
> You could subscribe then you wouldn't hit the bouncer server? Its a
> publi
On Sun, Apr 13, 2008 at 4:23 AM, <[EMAIL PROTECTED]> wrote:
> On Sat, 12 Apr 2008 17:06:28 BST, n3td3v said:
>
> > Any criminal hackers who go are just stupid and don't realise what
> > they are actually attending.
> >
> > The U.S Security Services will have hidden cameras and befrienders in
>
On Tue, 15 Apr 2008 01:57:18 BST, you said:
> On Sun, Apr 13, 2008 at 4:23 AM, <[EMAIL PROTECTED]> wrote:
> > On Sat, 12 Apr 2008 17:06:28 BST, n3td3v said:
> >
> > > Any criminal hackers who go are just stupid and don't realise what
> > > they are actually attending.
> > >
> > > The U.S Secur
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200804-15
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
==
Secunia Research 14/04/2008
- HP OpenView Network Node Manager OpenView5.exe Directory Traversal -
==
Table of Contents
Affected Soft
==
Secunia Research 08/04/2008
- activePDF DocConverter Applix Graphics Parsing Vulnerabilities -
==
Table of Contents
Affected Softwa
On Tue, Apr 15, 2008 at 2:04 AM, <[EMAIL PROTECTED]> wrote:
> On Tue, 15 Apr 2008 01:57:18 BST, you said:
> > On Sun, Apr 13, 2008 at 4:23 AM, <[EMAIL PROTECTED]> wrote:
> > > On Sat, 12 Apr 2008 17:06:28 BST, n3td3v said:
> > >
> > > > Any criminal hackers who go are just stupid and don't r
conspriacy theorist much? probablt not a good thing to post from ur work
email address. good thing you have that long obnoxious sig that tells me
that your theories are not your employeers! whew!
On Mon, Apr 14, 2008 at 4:15 PM, Pete Simpson <[EMAIL PROTECTED]>
wrote:
> On Mon, 14 Apr 2008 17:
see:
On Mon, Apr 14, 2008 at 8:57 PM, n3td3v <[EMAIL PROTECTED]> wrote:
>
>
> See
> http://lists.grok.org.uk/pipermail/full-disclosure/2008-April/061450.html
> to see how the bedroom hacker is no longer the threat and that the new
> threat to the internet is world government's and its intelligenc
Let me get this strait... You just ranted about how security conferences
like this are out-of-date and nobody cares about them. Then you said you
want them to be shutdown. Are you really that bored or are you fading
out of the spotlight so you want to keep your name in the
full-disclosure eye?
I usually keep the links of some interesting vulnerabilities posted in
this mailing list. But when I try to access them after 6 months or so,
I find that some of the links are invalid and some of them are
pointing to different posts? Why does this happen?
It seems, the URLs are shuffled every few
##
- S21Sec Advisory -
##
Title: Cezanne SW Cross-Site Scripting (login required)
ID: S21SEC-042-en
Severity: Medium
History:
02.Jan.2008 Vulnerability discovered
Authors:
On Mon, Apr 14, 2008 at 5:44 PM, G. D. Fuego <[EMAIL PROTECTED]> wrote:
>
> >
>
> And here you seem to be stating that the bad guys already work at Yahoo,
> which would make the photos piece irrelevant.
>
>
thank you for saying that. i was going to say it because i noticed that he
was contradicti
what opinion do u have anyway, ur not a hacker, you are just a political
copy and paster right? the conferences are about two things, networking,
and beer. since you dont understand number one, and arent old enuff for
number 2..
On Mon, Apr 14, 2008 at 9:34 PM, n3td3v <[EMAIL PROTECTED]> wrote:
> Security conferences no longer have the meaning they used to, and
> thats why i'm calling for Def Con to be shutdown.
n3td3v - 14 Apr 2008
> If I was in gov, I would shut a site down that looks
> remotely
> hax0rish, even if they've done nothing wrong. All
> these crews and
> hacker groups, fk
jeff can you just boot em? we know he'll be back with another email
address, as he did when he went from n3td3v to xploitable to worried
security. either he has an identity crisis, or he's been blocked so many
times he has to keep changing it.
i don't know much about him, but damn i tired of it.
gadi has a different set of issues. at least hes just self absorbed, you
are just a moron.
On Sat, Apr 12, 2008 at 1:17 PM, n3td3v <[EMAIL PROTECTED]> wrote:
>
> What about Gadi Evron threadjacks? He is as bad as me:
>
> Impressive vulnerability, new. Not a 0day.
>
> Not to start an argument aga
That was one of the nerdiest, most amazing things I have ever read.
Sent from my iPod touch.
On Apr 14, 2008, at 18:12, coderman <[EMAIL PROTECTED]> wrote:
> On Mon, Apr 14, 2008 at 2:36 PM, n3td3v <[EMAIL PROTECTED]> spewed
> forth the following drug infused ramblings:
>> ...
>> The whole topic
not if ur netdev and are apparently a child or a student trying to be bigger
than he is.
On Fri, Apr 11, 2008 at 9:40 PM, Randal T. Rioux <[EMAIL PROTECTED]>
wrote:
> On Fri, April 11, 2008 4:41 pm, n3td3v wrote:
>
> > I'm an unemployed working class dude, i'm not part of the industry.
>
> Can on
: I usually keep the links of some interesting vulnerabilities posted in
: this mailing list. But when I try to access them after 6 months or so, I
: find that some of the links are invalid and some of them are pointing to
: different posts? Why does this happen?
When the list administrators
On Tue, Apr 15, 2008 at 2:28 AM, Ureleet <[EMAIL PROTECTED]> wrote:
> On Mon, Apr 14, 2008 at 8:57 PM, n3td3v <[EMAIL PROTECTED]> wrote:
> > See
> http://lists.grok.org.uk/pipermail/full-disclosure/2008-April/061450.html
> > to see how the bedroom hacker is no longer the threat and that the new
> >
On Tue, Apr 15, 2008 at 2:43 AM, Ureleet <[EMAIL PROTECTED]> wrote:
> n3td3v, seriously, i just googled ur name, and you seriously took out a
> google ad for your name? and pointed it to security.yahoo.com? really?
> everyone google n3td3v and click on his link, if we cant make him hush up,
> mayb
69 matches
Mail list logo
