Yeah... thumbs up for *New* users being moderated in FD until approved
by the moderator! :)
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[Archival purpose]
Author: Bipin Gautam (All Rights Reserved, Research Paper, 1'st DRAFT)
___
Background:
Any doctrine or philosophy is complete on its own rights. But, if we
start from this angle, anyone can defend anything out of anything.
Paradox are way of life... Hence
Disclaimer: With balance-transfer option around this hack can be
misused to ROB... real CASH in thousands(as balance-transfered for
cash), nevertheless this demonstration is just meant as information AS
lock-picking information (googleing?) is to doing actual burglary!
With liberty comes
The cyberspace if being militarized. When that is fully visible, Full
Disclosure community will face a CULTURAL SHOCK.
People talk about freedom of expression and a thousand different BS
about privacy but increasingly (in military books, in loose terms) it
seems writing anything that influences
Cor ,
Sometimes you need anarchy to spread awareness! Which is primary
priority... Rest are secondary issues.
What next? Government should keep an updated statistic of antivrus
software that can survive the wild (well most of the time) and those
softwares that fail to do so at largest occasions.
Try port knocking + shh and rest of the above suggestions?
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
]
---quote---
On Wed, Feb 20, 2008 at 11:45 PM, Bipin Gautam [EMAIL PROTECTED]
wrote:
Firstly, please don't expect this reply as a walkthrough on the
topic... just a small push in the right direction to the curious few,
if any. As said earlier, this topic is very vague and beyond the scope
@Christian : You, EFF research is no big deal. If you noticed the
article was written
[On Wed, Feb 20, 2008]
www.mail-archive.com/foss-ne...@googlegroups.com/msg04248.html
From open source only rare few people like Henrik Gemal, (
http://browserspy.dk/ ) are known people to have early knowledge
it's a *bad* sector, so reading and recovering the data is a bitch...
No, storing in Negative Disk, bad sector, stenography, slack space are
all bad places to store data!
In short, Flash memory may require multiple wipes before data is
securely deleted because many of them use uses
..
From: full-disclosure-boun...@lists.grok.org.uk
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of T Biehn
Sent: 27 January 2010 12:28
To: Bipin Gautam
Cc: full-disclosure
Subject: Re: [Full-disclosure] Disk wiping -- An alternate approach
Biehn tbi...@gmail.com wrote:
You made the argument against youself; apparently you didn't comprehend the
points made in 90% of the on-topic responces to this thread.
On Jan 27, 2010 9:34 AM, Bipin Gautam bipin.gau...@gmail.com wrote:
McGhee T Biehn !
Thankyou for putting up your best
Ok its time to move on. :)
Thanks Mr. Biehn, Mr. Thor and Mr. Michael .
with best regards,
-bipin
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia -
Enough noise, Lets wrap up:
Someone said: Forensics requires more than merely finding a phrase or
file on a hard drive - it requires establishing the context. If a
court accepts evidence without that context, then the defendant should
appeal on the basis of having an incompetent lawyer.
So, any
hahaha!
Ok, let a Alice/chatterbox run through your harddisk! :P
[1] http://alice.pandorabots.com/
On 1/25/10, valdis.kletni...@vt.edu valdis.kletni...@vt.edu wrote:
On Mon, 25 Jan 2010 01:09:40 +0545, Bipin Gautam said:
So, plausible deniability solution for disk wiping?:
Let, disk wiping
Ok, i extract wikipedia in my computer... then latter delete the
html... @hdd level the place is marked freespace. then i copy a few
videos, write a few emails and by then if most of the things gets
deleted and by bad luck if any such content is left unoverwritten
partially producing questionable
Ok, then why not encode the same keywords that these TOOLS look for
with your Markov chains idea and mix it to wipe a 1 TB hdd with alice
chatter-bot idea ?
Again this is all theory :P
On 1/25/10, valdis.kletni...@vt.edu valdis.kletni...@vt.edu wrote:
On Mon, 25 Jan 2010 23:07:57 +0545, Bipin
Ok, i know the obvious things Michael!
Modern forensic tools are good enough to find your needle in that
haystack in short order, regardless of how well you try to hide it in
plain sight among the contents of wikipedia, et.al.
You are telling me Modern forensic examiners DRAW CONCLUSIONS
Ok, thanks Michael !
I call off all the theories, except: As you told Possession is
9/10ths of the law BUT the texts they find can very likely come from
the internet while you browse the internet and not your own possession
and someone typed it from online and it lands on your disk while you
So to the point, the techniques of forensic examiners were flawed from
day one given that any text/evidence found on your computer is NOT
NECESSARILY yours! Does that break digital forensics?
oops.
___
Full-Disclosure - We
ok, this all adds nothing but another layer of plausible deniability
to ANY data found in your computer
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia -
Rohitji,
Before: From the prosecutor's perspective, everything your hard drive is yours
I just proved : everything your hard drive is NOT NECESSARILY YOURS.
DOES THAT CHANGE ANYTHING? LOGIC MAYBE???
___
Full-Disclosure - We believe in it.
Charter:
Could DIGITAL FORENSICS be fundamentally FLAWED ( and they dont explain more?)
Think : http://en.wikipedia.org/wiki/Chain_of_custody
Main Point: The keywords and texts found in a suspects harddisk is by
NO guarantee belonging to the OWNER OF THE COMPUTER instead it could
be leftover chunks from
Ok, this is the best i can explain you all.
so it looks like sometimes just browsing online is as bad/good as
Getting Infected from Plausible deniability prospective? How is it any
different? :)
___
Full-Disclosure - We believe in it.
Charter:
No, look: wear-levelling and error correction...
http://en.wikipedia.org/wiki/Flash_memory
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Dear all,
(I need some feedbacks/insights/comments? on this design concept)
Problem:
- The absence of evidence 9 times out of 10 is just as bad as the
evidence itself in court.
- What you type text or email can, and will, be used against you in a
court of law.
But: Digital Communication has
Another suggestion, lets get easy on kaminsky! ;)
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
+1
WE NEED MORE DISCUSSION ON THIS!!!
-bipin
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
it too hard on the keyboard
it will reflect back to your identity as a habit
BUT of-course we can always tease eachother sometimes!
RELAX!!! :P
On 1/25/10, Bipin Gautam bipin.gau...@gmail.com wrote:
Another suggestion, lets get easy on kaminsky
Ok,
+0 as the right hand doesnt know the other...
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
m.. Read Books!
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Sorry, --as per the title, you got it all wrong:
http://www.youtube.com/results?search_query=ylmf
;)
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia -
So, What is the cost of buying a fighter jet? What would be the cost
of hardening windows (say) by default,straight out of Microsoft, with
good defense in depth strategy (or least an ad-on)?
( Sometimes identifying your enemy is difficult than the battle itself
and sometimes the battle exists
(This is a 15 day old news, some of you already know...0-day for few :)
Hint : It looks like, not ALL linkedin back-end servers are updated still!
Last year DIA[1] run into an almost similar problem but the problem of
Linkedin is worst among all.
Facebook doesnt have this problem (but we all
google is evil : http://news.zdnet.co.uk/internet/0,100097,39625962,00.htm
These ads will associate categories of interest — say sports,
gardening, cars, pets — with your browser, based on the types of sites
you visit and the pages you view,
...
As with any other cookie, this tracking file
On 1/31/09, Georgi Guninski gunin...@guninski.com wrote:
2. you fail to realize that blacklisting is not a solution - ask the
antivirus sellers. it is much cpu-wise to filter the *known* few
accounts of n3td3v instead of reading every email saying *X* sux much
sent from a pseudo dummy email
Any company /country /research that can influence national security is
on intrest of an agency working on national security. i studied some
US gov report related to the recent bombing in india and concluded US
government will/have offer india to build wholesale survillance
capability. News?
Stop acting like in adolescence. I am 23, how old are you guys? DONT
YOU GET IT, FD is a professional forum for GOD's shake!
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by
stop putting so much of attention to 0-day and possible use of it by
government to get into a terrorist pc.
if breaking into someones pc was a matter of national security
importance 0-day may provide a easy leverage but you really dont need
a 0-day to get into someones pc, neither you'd need a
I've been hearing about, FD is getting boring with similar postings
but so less disclosures.
Anyone want to participate to make this thread exciting? :)
xyber...@xyberpix.com dropped in FD asking for security contact of
google without making some disclosures on the info-sec issue for what
he
ok... looks like you have some good credibility. so we listen you and
close this thread then :)
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
n3td3v tends to stop thinking from the point where others start
thinking. This really dont fall in the SCOPE of FD (except its some
random news/humor)
lets all apologize to Ureleet and stop this thread HERE before he
decides its time to litter the post. :)
peace
On 12/9/08, Ureleet [EMAIL PROTECTED] wrote:
ok, so we need 2 chalk up bipin as being a n3td3v athletic supporter as wel.
yeah!
You have a passion to abuse least someone all the time ? So you were
like this to all you EX-girlfriend in real life as well?
If you treat n3td3v like a cat with no
And if n3td3v suddenly happen to keep noise low Ureleet, you promise
to keep noise low with him and treat him with respect? :) Give him
some grounds to negotiate upon!
n3td3v should really consider doing some certification like CCNA,
RHCE, MCSE ed-all to start with. Lets all respect his
On 12/9/08, n3td3v [EMAIL PROTECTED] wrote:
On Tue, Dec 9, 2008 at 4:53 AM, j-f sentier [EMAIL PROTECTED] wrote:
You started that shit at least 3 years ago.
Now as the wind blow in another way, you play the mature game ?
let us laugh, you dont know shit and you're fucking far away from any
for
wanting the same thing, except on a more unbiased level. I'm pretty positive
Cartwright doesn't give a shit about the quality of the list as I'm guessing
he unsubbed himself a looong time ago.
On Sun, Dec 7, 2008 at 1:30 AM, n3td3v [EMAIL PROTECTED] wrote:
On Sun, Dec 7, 2008 at 6:25 AM, Bipin
why dont you just quit with Ureleet? If he is that bad lets all
other(and you) ignore him like he doesnt exist. This will keep noise
low. If he bitches about your post let it be. we all have judgments
too. you neednt defend each and every of your point and make it look
on your favor. Sometimes
--
x-no-archive: yes
---
I'm your best best friend.
Usually I like it when you contradict me, it might help me learn. Just
don't be so angry.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted
n3td3v see this is the problem. Your are bringing your personal ego to
FD. You speak loose and leave lots of room for everyone (not just
Ureleet) to comment! When someone does that you get offended and cant
resist top-posting.
You fight, you put your opinions but post your email like one
On 12/7/08, j-f sentier [EMAIL PROTECTED] wrote:
Pwoouwawa ... n3td3v you do really suck.
you need to create fake users as ghost, mike.c, andrew wallace, to prove
some point ?
you're useless dude, no one like you, get the fuck out of here.
People with multiple personalities! Split
On 12/7/08, n3td3v [EMAIL PROTECTED] wrote:
What's John Cartwright got to do with an unmoderated mailing list? You
joined F-D because you thought it would be partially moderated when
someone *you~* don't agree with annoys you? lolcopter. You know where
the unsubscribe button is if you don't
Guys,
This mailing list lives up to its name Full Disclosure for
tolerating the monkeys and their chattering in this list for quite
some time now without moderation or any action! This mailing list had
a culture, the audience base and that was the only reason we all
subscribed to it!
# Standard,
On 11/23/08, Mike C [EMAIL PROTECTED] wrote:
Of course, blindly thwacking people / dragging them to HR by the hair
when they're really just trying to do their jobs is
counter-productive. The calls also show us where we, security, are
falling down. Perhaps it's poor awareness training (if the
to this problem?
thanks,
-bipin
On Sun, Nov 23, 2008 at 10:05 PM, Bipin Gautam
[EMAIL PROTECTED]wrote:
On 11/23/08, Mike C [EMAIL PROTECTED] wrote:
Of course, blindly thwacking people / dragging them to HR by the hair
when they're really just trying to do their jobs is
counter-productive
USB / FLOPPY are attractive means for virus/worm to propagate. Here is
a workaround to stop a successful infection from happening (well ~99%
of the time least)
1. if you dont use wscript.exe disable/rename it.
2. start menu control pannel administrative tools local security
policy software
if its just tracking capability you could borrow it from THC_GSM
project. http://wiki.thc.org/gsm
Even cellphone companies knew it for years
-bipin
--
x-no-archive: yes
___
Full-Disclosure - We believe in it.
Charter:
I am more concerned about IP address of people who visit .mil website
leaking to third party/intelligence.
If you have it, you could do some traffic analysis. Are some people
visiting the website too often? Time of day ? What are their IP's?
What are other websites /network on your control do
On 10/28/08, Gary E. Miller [EMAIL PROTECTED] wrote:
A US intelligence agency is basically betting the bank that
statcounter.com,
a company apparently based in Ireland, doesn't get pwned or subverted.
And betting that the plain text from the DIA job applicants to
statcounter.com is not
ref: http://www.usace.army.mil/publications/armytm/tm5-690/
On 10/20/08, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
Hello,
An interesting article concerning the compromising of electrical
emanations (TEMPEST) of wired keyboards:
http://lasecwww.epfl.ch/keyboard/
Cheers,
kralor - HiC
hi list,
i was reading the article, http://www.f-secure.com/weblog/archives/1293.html
but just an example.
why do many people out there think password hash can't be as good as
the password itself and needs to be computed/cracked first before it
can be used?
Consider the fact, many
On 7/1/07, Peter Ferrie [EMAIL PROTECTED] wrote:
The problem is that she wants the money upfront, in order to develop the 100%
undetectable thing that she doesn't have right now. So that's a problem.
Peter thanks for the paper...
hi guys,
ref: http://blogs.zdnet.com/security/?p=334
so are they teasing by making her the impossible challenge at this date? :)
honeypot developers have been trying to battle the same issue of
making the virtual machine emulate guest OS like the it is run in real
hardware since some years now.
So I stick to my personal opinion of the great man -
1. One person
2. Good intentions overall
3. Not great communication skills (depends how drunk he is)
4. Too paranoid for his own good
5. Living in Ediburgh
6. Most likely Scottish
ok despite everything (assuming he isnt suffering from
Microsoft Virtual Machine VMWARE information disclosure Vulnerability
Note: Though not limited to these two products, this trick can be used
as an genetic method to detect the presence of any virtual machine
regardless of the OS used at this date. But (from a friendly source) i
came to know
as an genetic method to detect the presence of any virtual machine
Gene*R*ic. The word you're looking for is generic. Genetic means to do
with DNA and stuff. Generic means universal, widespread, non-branded.
( Output inside VMWARE )
Company Brnad Name: Microsoft Corporation Virtual
, winxp
now this threat.
http://72.14.203.104/search?hl=zh-TWq=cache%3Ahttp%3A%2F%2Fbipin.securityhead.com%2Fall.html
--
Bipin Gautam
http://bipin.tk
Zeroth law of security: The possibility of poking a system from lower
privilege is zero unless until there is possibility of direct,
indirect
be found here:
http://michaeldaw.org/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
Bipin Gautam
http://bipin.tk
Zeroth law of security
With double layered windows (double glazed), the ability to use
triangulation between laser TX and rx means it may be possible to capture
vibrations from the inner glass panel.
Infra-red absorbtive/scattering glass makes the most sense, or external
curtain materials, but we are int purpose
Ok, here is something from the book that I was trying to assemble/write.
Some Links: http://www.eskimo.com/~joelm/tempest.html
http://www.erikyyy.de/tempest/
Lets begin…
Faraday cages may be used to provide protection from HERF and EMP effects.
Countermeasures:
It is easy to defeat ordinary
I'd still argue... If the malicious code is a known variant and
recides in the computer exploiting the stated flaw, here are ppl.
argueing the AV will catch it during execution anyways. BUT there are
many scenerios when ADVANCE HERCULES SCAN, suspecious activity scans
etc are only (mostly)
This is similar to the problem of alternative data streams.
Essentially, the work needed to solve this problem isn't worth the
expenditure of time and effort, because the file, in order to infect the
system, has to be executed. Once the file is executed normal
on-access scanning will catch the
Instead of going through the
regular file open process AV should instead directly read the SECTORS
of the hdd holding the locked file and examine if there is sething
malicious (which still some AV don't do instead just report the
file(s) as locked!)
am i clear??? Discussions, welcome!
---
Bipin
) other possibilities of remote
exploitation.
try experimenting with:
cmd.exe
c:\ mshta.exe longg string
After upgrading to Outpost Firewall Pro ver. 3.51.759.6511 (462) the
issue seems fixed.
so secret fix huh ?
---
Bipin Gautam
http://bipin.tk
Zeroth law of security
latest) other possibilities of remote
exploitation.
try experimenting with:
cmd.exe
c:\ mshta.exe longg string
After upgrading to Outpost Firewall Pro ver. 3.51.759.6511 (462) the
issue seems fixed.
so secret fix huh ?
---
Bipin Gautam
http://bipin.tk
Zeroth law of security
this is the story of small businesses many ICT service
providers around here. how do u expect a school will figure it out
sooo soon its a necessity until something bad befalls them!!!
---
Bipin Gautam
http://bipin.tk
Zeroth law of security: The possibility of poking a system from lower
privilege
reported: Mar 24, 2006
Patch release: Apr 4, 2006 (Version 2.51.26)
POC video detail description: http://bipin.securityhead.com/NOD32.zip
--
Bipin Gautam
http://bipin.tk
Zeroth law of security: The possibility of poking a system from lower
privilege is zero unless until there is possibility
n3td3v, not everyone likes s much of noise and you can understand
that without loosing your temper. (maybe there are many older ppl. in
the list :) And you sometimes make half of the message of the day in
FULL-DISCLOSURE SECURITY MALING LIST... about you/on you.
SOMETIMES too much is JUST TOO
comps per 5 hours (2400/hour,
40/minute). If it is based on some worm, then this rate could grow
exponential... Interesting to see how it spreads.
--
Bipin Gautam
http://bipin.tk
Zeroth law of security: The possibility of poking a system from lower
privilege is zero unless until there is possibility
Contact
Bipin Gautam [EMAIL PROTECTED]
GSAE SSP-CNSA SSP-MPA GIPS CAP
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
are annoyed by
those bruteforce attacks?
--
Bipin Gautam
http://bipin.tk
Zeroth law of security: The possibility of poking a system from lower
privilege is zero unless until there is possibility of direct,
indirect or consequential communication between the two
On 2/13/06, Dave Korn [EMAIL PROTECTED] wrote:
Joel R. Helgeson [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Is anyone else seeing/experiencing this?
When it scanned each system it found a Trojan called PWS.Bancos.A
(Password Stealer) - Level: Severe
When it quarantined
but guys the old 'Gutmann's research paper' doesn't properly clearify
a PRACTICAL way to sanatise the RAM. Ya ofcource, without physically
destroying it.
(anyone? who good idea on this topic???)
say; i have to sanatize my 512mb RAM. Which would be more better to
implement in immidiate emergency?
trademarks are the property of their respective
owners/COPYRIGHT
/MISCDESCRIPTION/
/RES
De: bipin gautam [mailto:[EMAIL PROTECTED]
Enviado el: jueves, 05 de enero de 2006 10:38
Para: [EMAIL PROTECTED]
Asunto: RE: Download Accelerator Plus can be tricked
important files. Or either force your download
manager and check whether the file is being downloaded from the
original URL or not.
Regards,
-Bipin Gautam
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure
Hello list,
does anyone have contacts for speedbit.com
I wanted to talk to them on an issue... on their product 'Download
Accelerator Plus' I've tried to contact them through
[EMAIL PROTECTED] and info@@speedbit.com but failed.
regards,
-bipin
___
such issues in other foreign countries???
regards,
-bipin
--
Bipin Gautam
Zeroth law of security: The possibility of poking a system from lower
privilege is zero unless until there is possibility of direct,
indirect or consequential communication between the two
;
Partiality… shortsightedness…
best regards,
-Bipin Gautam
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
Bipin Gautam
http://bipin.tk
Zeroth law of security: The possibility of poking a system from lower
privilege is zero unless until there is possibility of direct,
indirect
Another alternate is 'bidiblah'
http://www.sensepost.com/research/bidiblah/
though a badly written code that ties together Metasploit and Nessus.
It does its job
--
Bipin Gautam
http://bipin.tk
Zeroth law of security: The possibility of poking a system from lower
privilege is zero unless until
.
(O;
--
Bipin Gautam
http://bipin.tk
Zeroth law of security: The possibility of poking a system from lower
privilege is zero unless until there is possibility of direct,
indirect or consequential communication between the two...
___
Full-Disclosure - We
a coincidence, Infact me too never heard :P
Use an antivirus program or an IDS for this job.
Nice suggestion !!! Which products are you going to suggest to the home pc
users and corporate end-users??
Andrei
Bah ... D
--
Bipin Gautam
Zeroth law of security: The possibility of poking a system
. All other rights, including the use of other media, are
reserved by Zone Labs LLC.
--
Bipin Gautam
Zeroth law of security: The possibility of poking a system from lower
privilege is zero unless until there is possibility of direct,
indirect or consequential communication between the two
flow? No that ain't against the law... or is it?
--
Bipin Gautam
http://bipin.tk
Zeroth law of security: The possibility of poking a system from lower
privilege is zero unless until there is possibility of direct,
indirect or consequential communication between the two
there is another way in?) Your explanation is
confusing!
DEP That's turned ON by default... most of us choose to turn it on
for all service softwares.
--
Bipin Gautam
http://bipin.tk
Zeroth law of security: The possibility of poking a system from lower
privilege is zero unless until
through most* spam filters criteria.
its gonna end in junk anyways... will most* likely go unread!
---
Bipin Gautam
http://bipin.tk
Zeroth law of security: The possibility of poking a system from lower
privilege is zero unless until there is possibility of direct,
indirect or consequential
/
--
---
Bipin Gautam
http://bipin.tk
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Looking at the current record, what makes you guys think firefox won't
beat IE 6 for security holes. (o;
---
Bipin Gautam
http://bipin.sosvulnerable.net/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure
have let the world know earlier man... i've discovered this
for over few years.. letting you private tricks let-go will always
keep you creative.Maybe this was almost lost somewhere in my
sleaves. Anyways, http://zone-h.org huh! I UNDERSTAND ;D
---
Bipin Gautam
http://bipin.tk
agent.
a basic test could be,
User Agent: h1 Hello World! /h1 or some java script... better try
PHP instead!!!
regads,
bipin
http://bipin.tk
---
Bipin Gautam
http://bipin.tk
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full
On 4/15/05, n3td3v [EMAIL PROTECTED] wrote:
-- Forwarded message --
From: n3td3v [EMAIL PROTECTED]
Date: Apr 3, 2005 11:00 PM
Subject: Social engineering alert on Yahoo IM
To: Yahoo Security Contact [EMAIL PROTECTED]
markiseiden (21:18:41): hi
markiseiden (21:18:42): i
hardened OS it could save
your day
BUT i was woundering, to what extent adding these extra security
measures are effective against the real attacks bugs discovered in
the kernel. i hope you got my point. (Though, se-linux got
features. lets me not re-describe it all rite now)
regards,
Bipin
1 - 100 of 106 matches
Mail list logo