Re: [Full-disclosure] Fredrick Diggle has invited you to open a Google mail account

Wow free Gmail! I am signing up 10 times! On Wed, Nov 19, 2008 at 7:50 AM, rholgstad <[EMAIL PROTECTED]> wrote: > yes a new gmail account is born every minute and I would like to claim > another > > Salvador III Manaois wrote: > > is this one of those "there's one born every minute" kind of email

Re: [Full-disclosure] Fredrick Diggle has invited you to open a Google mail account

is this one of those "there's one born every minute" kind of email? =) ...badz... bytes & badz: http://badzmanaois.blogspot.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored b

Re: [Full-disclosure] Fredrick Diggle has invited you to open a Google mail account

yes a new gmail account is born every minute and I would like to claim another Salvador III Manaois wrote: > is this one of those "there's one born every minute" kind of email? =) > > ...badz... > bytes & badz: http://badzmanaois.blogspot.com > > __

[Full-disclosure] Fredrick Diggle has invited you to open a Google mail account

I've been using Gmail and thought you might like to try it out. Here's an invitation to create an account. --- Fredrick Diggle has invited you to open a free Gmail account. To accept this invitation and register for your account

Re: [Full-disclosure] Benachrichtung zum +ANw-bermittlungsstatus (Fehlgeschlagen)

if you don't stop I will pull PDP out of hiding and have him xss your web admin interface [EMAIL PROTECTED] wrote: > Dies ist eine automatisch erstellte Benachrichtigung über den Zustellstatus. > > Übermittlung an folgende Empfänger fehlgeschlagen. > >[EMAIL PROTECTED] > > > > > ---

Re: [Full-disclosure] Benachrichtung zum +ANw-bermittlungsstatus (Fehlgeschlagen)

if you are going to continually spam me please write in English [EMAIL PROTECTED] wrote: > Dies ist eine automatisch erstellte Benachrichtigung über den Zustellstatus. > > Übermittlung an folgende Empfänger fehlgeschlagen. > >[EMAIL PROTECTED] > > > > > -

Re: [Full-disclosure] Benachrichtung zum +ANw-bermittlungsstatus (Fehlgeschlagen)

why do you keep spamming me in a language I don't understand [EMAIL PROTECTED] wrote: > Dies ist eine automatisch erstellte Benachrichtigung über den Zustellstatus. > > Übermittlung an folgende Empfänger fehlgeschlagen. > >[EMAIL PROTECTED] > > > > >

Re: [Full-disclosure] Fredrick Diggle has invited you to open a Google mail account

It says the invite is already taken can you please send another? Fredrick Diggle wrote: > I've been using Gmail and thought you might like to try it out. Here's > an invitation to create an account. > > --- > > Fredrick Diggle has

[Full-disclosure] Fredrick Diggle has invited you to open a Google mail account

I've been using Gmail and thought you might like to try it out. Here's an invitation to create an account. --- Fredrick Diggle has invited you to open a free Gmail account. To accept this invitation and register for your account

[Full-disclosure] [ MDVSA-2008:231 ] libxml2

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2008:231 http://www.mandriva.com/security/

[Full-disclosure] [USN-673-1] libxml2 vulnerabilities

=== Ubuntu Security Notice USN-673-1 November 19, 2008 libxml2 vulnerabilities CVE-2008-4225, CVE-2008-4226 === A security issue affects the following Ubuntu releases: Ubuntu 6

Re: [Full-disclosure] Critical security email

Send the us-secret service the information dude! On Tue, Nov 18, 2008 at 11:50 PM, Fredrick Diggle <[EMAIL PROTECTED]> wrote: > Why are you sending Fredrick Diggle this informations? > > On Tue, Nov 18, 2008 at 3:47 PM, Steve McChortle > <[EMAIL PROTECTED]> wrote: >> SID=IIOSUDGIWEBUOUiewfiweubhiu

Re: [Full-disclosure] Critical security email

It is either a gesture of friendship or a trap. On Tue, Nov 18, 2008 at 6:50 PM, Fredrick Diggle <[EMAIL PROTECTED]> wrote: > Why are you sending Fredrick Diggle this informations? > > On Tue, Nov 18, 2008 at 3:47 PM, Steve McChortle > <[EMAIL PROTECTED]> wrote: > > > SID=IIOSUDGIWEBUOUiewfiweubh

Re: [Full-disclosure] Critical security email

Why are you sending Fredrick Diggle this informations? On Tue, Nov 18, 2008 at 3:47 PM, Steve McChortle <[EMAIL PROTECTED]> wrote: > SID=IIOSUDGIWEBUOUiewfiweubhiughOUhdoisfISDGOfiGHoIFBvODISFyuoWUbieLJKHDSFaskldfh29834bnfj23f90f2jkadjkhKJHdLKdfh978o9dSHFkjh; > > Full Name: Steve McChortle > Credi

Re: [Full-disclosure] New hackers defacing the internets

well i just felt you were making fun of the group with the postings you were making and your nickname is questionable. On Tue, Nov 18, 2008 at 10:46 PM, Trollie Fingers <[EMAIL PROTECTED]> wrote: > Btw: since I have been off your list I have been missing the daily emails _

Re: [Full-disclosure] New hackers defacing the internets

N3td3v, Please refrain from making fun of mustaches, coca-cola products & new kids on the block. Otherwise, you will be off of my buddylist. How would you feel if we starting making fun of pimples? Btw: since I have been off your list I have been missing the daily emails of natural male en

Re: [Full-disclosure] New hackers defacing the internets

who the hell is juha-matti anyway, some new kid on the block? On Tue, Nov 18, 2008 at 10:13 PM, rholgstad <[EMAIL PROTECTED]> wrote: > Juha will be updating his blog as soon as he gets material from symantec > or ISS to copy/paste > > [EMAIL PROTECTED] wrote: >> -BEGIN PGP SIGNED MESSAGE-

Re: [Full-disclosure] New hackers defacing the internets

Juha will be updating his blog as soon as he gets material from symantec or ISS to copy/paste [EMAIL PROTECTED] wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Sup. Valdis' mustache and I would like to share information with > you. It is obvious this hacker group has taken control

Re: [Full-disclosure] New hackers defacing the internets

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 We call that telepathy. On Tue, 18 Nov 2008 17:13:19 -0500 rholgstad <[EMAIL PROTECTED]> wrote: >Juha will be updating his blog as soon as he gets material from >symantec >or ISS to copy/paste > >[EMAIL PROTECTED] wrote: >> -BEGIN PGP SIGNED MESSA

Re: [Full-disclosure] New hackers defacing the internets

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dear sir, Your logic is flawed. Observe: http://www.smashbros.com/en_us/characters/images/mario/mario.jpg = mustache http://www.sitcomsonline.com/photos/hewett-bw1.jpg = mustache http://www.losanjealous.com/wp-content/uploads/2007/11/borat06a.jpg =

Re: [Full-disclosure] New hackers defacing the internets

Looks like he drinks far too much coca cola. On Tue, Nov 18, 2008 at 9:56 PM, Fredrick Diggle <[EMAIL PROTECTED]> wrote: > http://www.oxide.org/unix/pics/sysprog-valdis.jpg = MUSTACHE! DO > NOT TRUST > > On Tue, Nov 18, 2008 at 3:37 PM, <[EMAIL PROTECTED]> wrote: >> -BEGIN PGP SIGNED

Re: [Full-disclosure] Firefox cross-domain image theft (CESA-2008-009)

no one cares Chris Evans wrote: > Hi, > > Firefox 2.0.0.18 fixes a cross-domain theft of image > data. Firefox 3 unaffected. It's another interesting case where a > redirector confuses the browser about the true origin of a piece of > content. If evil.org hos

Re: [Full-disclosure] New hackers defacing the internets

Fredrick would advise you not to trust a mustache at a time like this. Let's rehash "This is believed to be linked to terrorism and possibly communism." - Fredrick Diggle (Nov 18th 2008) http://www.lazarusrising.com/wp-content/uploads/2007/01/osama.jpg = mustache http://www.marxists.org/referen

Re: [Full-disclosure] New hackers defacing the internets

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Sup. Valdis' mustache and I would like to share information with you. It is obvious this hacker group has taken control of securiteam.com. The absence of a blog entry from Juha Evron on the group proves their successful hack. - -al On Tue, 18 Nov

Re: [Full-disclosure] New hackers defacing the internets

On Tue, Nov 18, 2008 at 9:34 PM, Fredrick Diggle <[EMAIL PROTECTED]> wrote: > Fredrick Diggle has recently noted an upswelling of defacement on the > internet and believes it is worth noting. Most notably Matasano > Security has apparently been "owned" and their popular internet "blog" > replaced w

Re: [Full-disclosure] Firefox cross-domain image theft (CESA-2008-009)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dear Petro D. Petro, Fascinating work. I will try to understand it when Juha provides a digest on his security team website. - -al On Tue, 18 Nov 2008 16:26:13 -0500 Chris Evans <[EMAIL PROTECTED]> wrote: >Hi, > >Firefox 2.0.0.18 fixes a cross-doma

Re: [Full-disclosure] New hackers defacing the internets

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Valdis' mustache and I are skeptical. - -al On Tue, 18 Nov 2008 16:32:06 -0500 Fredrick Diggle <[EMAIL PROTECTED]> wrote: >As a supplement to your revealing md5 hash Fredrick Diggle >security >has also identified the following encrypted string as par

Re: [Full-disclosure] New hackers defacing the internets

Matasano seems to be doing forensic investigation of this issue " www.matasano.com technical difficulties Jeremy Rauch | October 24th, 2008 We're still working on recovering content. Please be patient. " On Tue, Nov 18, 2008 at 3:32 PM, Fredrick Diggle <[EMAIL PROTECTED]> wrote: > As a suppleme

[Full-disclosure] Firefox cross-domain image theft (CESA-2008-009)

Hi, Firefox 2.0.0.18 fixes a cross-domain theft of image data. Firefox 3 unaffected. It's another interesting case where a redirector confuses the browser about the true origin of a piece of content. If evil.org hosts a redirector, e.g. evil.org/redir, and an image is loaded via this redirector, t

Re: [Full-disclosure] New hackers defacing the internets

As a supplement to your revealing md5 hash Fredrick Diggle security has also identified the following encrypted string as paramount to this investigation. Ij48c2NyaXB0PmRvY3VtZW50LmxvY2F0aW9uPSJtYWlsdG86ZmRpZ2dsZUBnbWFpbC5jb20/c3ViamVjdD1Dcml0aWNhbCUyMHNlY3VyaXR5JTIwZW1haWwmYm9keT0iICsgZG9jdW1lbnQ

[Full-disclosure] Black Hat November News: CFPS Now Open, Webinar 5 and Japan on-line.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Full Disclosure, here are some updates on upcoming Black Hat briefings as well as ways to get involved - The Call for Papers is now open for D.C. and Amsterdam. BLACK HAT FREE WEBINAR Nov 20th https://www.blackhat.com/html/webinars/clickjacking.htm

Re: [Full-disclosure] Updates for SSH Tectia plaintext recovery vulnerability released

you're banned from the n3td3v group. On Tue, Nov 18, 2008 at 7:36 PM, Trollie Fingers <[EMAIL PROTECTED]> wrote: > n3td3v, > > you are a dummy. and you are mean. > > your ex-best friend, > trollie > > On Tue, Nov 18, 2008 at 1:14 PM, n3td3v <[EMAIL PROTECTED]> wrote: >> >> he never done anything

Re: [Full-disclosure] Speculation over back door in Skype

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Did you get my message? - -al On Tue, 18 Nov 2008 15:15:36 -0500 James Matthews <[EMAIL PROTECTED]> wrote: >That would be boring and we like to have fun on FD > >On Tue, Nov 18, 2008 at 6:02 PM, <[EMAIL PROTECTED]> wrote: > >> -BEGIN PGP SIGNED M

Re: [Full-disclosure] Speculation over back door in Skype

That would be boring and we like to have fun on FD On Tue, Nov 18, 2008 at 6:02 PM, <[EMAIL PROTECTED]> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Dear Phil, > > Wouldn't English have been a better language for him to use than > telepathy? > > On Tue, 18 Nov 2008 08:58:22 -0500

Re: [Full-disclosure] New hackers defacing the internets

Aww i was hoping for a new face on the block. On Tue, Nov 18, 2008 at 10:10 PM, <[EMAIL PROTECTED]> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Dear Fred, > > Valdis' mustache and I have been following this group of hackers > for a long time. As proof I offer a md5 hash[1] and u

Re: [Full-disclosure] New hackers defacing the internets

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dear Fred, Valdis' mustache and I have been following this group of hackers for a long time. As proof I offer a md5 hash[1] and url[2]. Thanks for your time, - -al [1] abcdefghijklmnopqrstuvwxyz [2] http://www.zone-h.net/defaced/2007/03/05/www.or-b

[Full-disclosure] New hackers defacing the internets

Fredrick Diggle has recently noted an upswelling of defacement on the internet and believes it is worth noting. Most notably Matasano Security has apparently been "owned" and their popular internet "blog" replaced with a defacement page. http://www.matasano.com/log/ The group goes by a number of

Re: [Full-disclosure] Updates for SSH Tectia plaintext recovery vulnerability released

n3td3v, you are a dummy. and you are mean. your ex-best friend, trollie On Tue, Nov 18, 2008 at 1:14 PM, n3td3v <[EMAIL PROTECTED]> wrote: > he never done anything good for infosec. > > R.I.P. > > On Tue, Nov 18, 2008 at 5:57 PM, <[EMAIL PROTECTED]> wrote: > > -BEGIN PGP SIGNED MESSAGE---

Re: [Full-disclosure] Updates for SSH Tectia plaintext recovery vulnerability released

he never done anything good for infosec. R.I.P. On Tue, Nov 18, 2008 at 5:57 PM, <[EMAIL PROTECTED]> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Speaking of Gadi, does anyone know how the operation went? I've > not heard from him since he went in for the surgery and I am > gett

Re: [Full-disclosure] Updates for SSH Tectia plaintext recovery vulnerability released

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Speaking of Gadi, does anyone know how the operation went? I've not heard from him since he went in for the surgery and I am getting a bit concerned. - - al On Tue, 18 Nov 2008 12:54:06 -0500 n3td3v <[EMAIL PROTECTED]> wrote: >why should i like secu

Re: [Full-disclosure] Updates for SSH Tectia plaintext recovery vulnerability released

why should i like securiteam when gadi evron is a member? On Tue, Nov 18, 2008 at 5:41 PM, <[EMAIL PROTECTED]> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Dear n3td3v, > > I feel as though you have ripped my asshole wide open and shoved > your mustache in there. The experience i

Re: [Full-disclosure] Updates for SSH Tectia plaintext recovery vulnerability released

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dear n3td3v, I feel as though you have ripped my asshole wide open and shoved your mustache in there. The experience is somehow humbling and erotic all at once. - -al On Tue, 18 Nov 2008 11:44:16 -0500 [EMAIL PROTECTED] wrote: >On Tue, 18 Nov 2008

Re: [Full-disclosure] Updates for SSH Tectia plaintext recovery vulnerability released

On Tue, Nov 18, 2008 at 4:44 PM, <[EMAIL PROTECTED]> wrote: > On Tue, 18 Nov 2008 11:01:16 EST, [EMAIL PROTECTED] said: > >> I used to depend on your website as my single source of relevant >> information security news > > Obviously you've never heard of the concept of security via diversity. > >

Re: [Full-disclosure] Updates for SSH Tectia plaintext recovery vulnerability released

On Tue, 18 Nov 2008 11:01:16 EST, [EMAIL PROTECTED] said: > I used to depend on your website as my single source of relevant > information security news Obviously you've never heard of the concept of security via diversity. pgpDJjECj25Y2.pgp Description: PGP signature __

[Full-disclosure] Fwd: Three London hospitals have been forced to shut down their entire computer systems for at least 24 hours after being hit by a virus

-- Forwarded message -- From: n3td3v <[EMAIL PROTECTED]> Date: Tue, Nov 18, 2008 at 3:54 PM Subject: Three London hospitals have been forced to shut down their entire computer systems for at least 24 hours after being hit by a virus To: n3td3v <[EMAIL PROTECTED]> Three London hosp

Re: [Full-disclosure] Bad CNN. No cookie for you!

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dear CNN, Even though you still have not responded directly to me, I want to thank you for responding so quickly to the Full Disclosure exploit. I see that you have removed the entire section titled "CNN.com Extras". This removes the "My recently view

Re: [Full-disclosure] Speculation over back door in Skype

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dear Phil, Wouldn't English have been a better language for him to use than telepathy? On Tue, 18 Nov 2008 08:58:22 -0500 Phil Frederick <[EMAIL PROTECTED]> wrote: >Uh, the date is at the top of the linked article. I think he's >trying >to say this

Re: [Full-disclosure] Updates for SSH Tectia plaintext recovery vulnerability released

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dear Juha, Is there a reason that you and your security team decided not to cover these breaking bits of important information security news in your blog? What merits security news being reposted to this list, vs the quality of security news that ear

Re: [Full-disclosure] Updates for SSH Tectia plaintext recovery vulnerability released

There is no any blog entry and there is no entry related to Skype issue mentioned in Heise.de's article. Juha-Matti [EMAIL PROTECTED] kirjoitti: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Dearest Juha, > > I am unable to find a blog entry on your website regarding this > advisory.

Re: [Full-disclosure] Updates for SSH Tectia plaintext recovery vulnerability released

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dearest Juha, I am unable to find a blog entry on your website regarding this advisory. Please advise. - -al On Tue, 18 Nov 2008 08:19:43 -0500 Juha-Matti Laurio wrote: >It appears that a patch for SSH Tectia plaintext recovery >vulnerability >(re

Re: [Full-disclosure] Speculation over back door in Skype

Uh, the date is at the top of the linked article. I think he's trying to say this is old news. Which it is. On Mon, Nov 17, 2008 at 2:39 PM, <[EMAIL PROTECTED]> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Dearest Juha-Matti Laurio, > > Could you please point the community to you

Re: [Full-disclosure] FOIA docs show feds can lojack mobiles without telco help

if its just "tracking" capability you could borrow it from THC_GSM project. http://wiki.thc.org/gsm Even cellphone companies knew it for years -bipin -- x-no-archive: yes ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/f

[Full-disclosure] Updates for SSH Tectia plaintext recovery vulnerability released

It appears that a patch for SSH Tectia plaintext recovery vulnerability (reference: http://www.cpni.gov.uk/Docs/Vulnerability_Advisory_SSH.txt ) has been released: November 14, 2008 - Plaintext Recovery Attack Against SSH http://www.ssh.com/company/news/article/953/ Juha-Matti __

Re: [Full-disclosure] FOIA docs show feds can lojack mobiles without telco help

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Incorrect. On Mon, 17 Nov 2008 17:25:25 -0500 "Ivan ." <[EMAIL PROTECTED]> wrote: >http://arstechnica.com/news.ars/post/20081116-foia-docs-show-feds- >can-lojack-mobiles-without-telco-help.html > >___ >Full-

[Full-disclosure] rPSA-2008-0322-1 gnutls

rPath Security Advisory: 2008-0322-1 Published: 2008-11-17 Products: rPath Linux 2 Rating: Minor Exposure Level Classification: Indirect User Deterministic Weakness Updated Versions: [EMAIL PROTECTED]:2/2.2.5-1.1-1 rPath Issue Tracking System: https://issues.rpath.com/browse/RPL-2