Dear Symantec,
As long as we're burning digital books to mitigate our civil liability,
perhaps we could do a good job of it next time? Quietly disappearing
Russell Harding's advisory from the BugTraq archive didn't resolve your
potential liability for distributing links to material that
Sent from my Verizon Wireless BlackBerry
-Original Message-
From: Jason Coombs [EMAIL PROTECTED]
Date: Wed, 6 Jun 2007 04:13:33
To:[EMAIL PROTECTED]
Cc:[EMAIL PROTECTED],[EMAIL PROTECTED]
Subject: RE: [IACIS-L] Statement by Defense Expert
Dave_on_the_run [EMAIL PROTECTED] wrote
Problem:
DNS service ZoneEdit.com now owned by MyDomains.com has started forcing
JavaScript pop-Unders onto users' browsers when the domain owner uses
the ZoneEdit WebForward feature.
References:
www.zoneedit.com
www.mydomains.com/support.php
www.casalemedia.com/contact.html
Details:
AM
To: [EMAIL PROTECTED]
Subject: Re: [HTCC] Expert Info Sought
I am helping the Yuma County Attorney's Office with a case. The other
side has noticed an expert named Jason Coombs, who has offices in CA,
HI, and New Zealand. He is the director of forensics for PivX. If
anyone has had any
[Full-Disclosure] is dead.
Long live full disclosure.
-Original Message-
From: [EMAIL PROTECTED]
Date: Sat, 18 Mar 2006 00:01:39
To:[EMAIL PROTECTED]
Subject: You have been unsubscribed from the Full-Disclosure mailing list
For quality control purposes please send mail to [EMAIL
Don Bailey wrote:
Stop interrupting the spam, I'm trying to read.
The spam attacks would never have gotten through if Len Rose were still
in charge of FD.
___
Full-Disclosure - We believe in it.
Charter:
[EMAIL PROTECTED] wrote:
And I would have never shot hot steamy load of man juice inside you
if you were not fucking faggot
uh huh, and now we know the spam kiddie responsible. I pay by the KB to
receive all your junk, so you can expect a lawsuit in the near future.
Send your address for
key.
SSL does not implement any reasonable trust mechanism today because Verisign
dumbed it down in order to create a universal mechanism to tax the Internet.
Best,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http
that are
complicated so they can learn secret voodoo business trade secrets and grow new
business ventures.
People who really want security already have it, so distrust anyone who claims
to be able to sell it to you.
Regards,
Jason Coombs
[EMAIL PROTECTED
a URL would be offensive to me, so it's probably a
good thing you weren't the one hired to help the company in question locate a
buyer.
Best,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full
generating machine would kill 75% of the
existing computer industry.
I say let 'em die. Give us secure computing, and may every company that
intentionally harms people for profit die a horrible and painful death
that takes as many of its investors with it as possible in the process!
Sincerely,
Jason
of their knowledge of the problem.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
found in
their possession appears to incriminate their computer (and by
extension, the computer owner) as a tool of the alleged crime.
I'd like a better history of compromised hosts for this purpose, and
suggest that botnet operators be required to publish their logs. ;-)
Regards,
Jason Coombs
[EMAIL PROTECTED] wrote:
https://download.foundstone.com/?o=^2155
Now that's just plain sloppy.
But at least it's SSL-secured.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored
modern information security. I do not see how
any organization can believe itself to be adequately secured when the
simple ability to prove security measures are working, and quickly
determine the precise method of failure when they break down,
essentially does not exist today.
Sincerely,
Jason
J.A. Terranson wrote:
Invite the idiot in the
white house, I hear he's feeling unloved today :-)
Do you mean: invite the idiot in the white house ?
Or do you mean: invite the idiot in the white house ?
My favorite stupid hacker trick in the white house: getting POTUS to
call you by your
information security tricks from Microsoft.
Who in their right mind would focus their attention on software version
numbers and think that makes for better security?
Somebody tell the NSA they need to keep track of hash codes instead.
Regards,
Jason Coombs
[EMAIL PROTECTED
J.A. Terranson wrote:
An exe? No source??? Just setup.exe Are you crazy?
That's the way Microsoft does it, and you've got your trusty Anti-Virus
software to protect you, right? So what's the problem?
___
Full-Disclosure - We believe in it.
, and also refuse to disclose the source code so
that we can compile the code ourselves and therefore at least know where
our machine code came from and what its source looks like, then you're
the one who needs to stfu and go promptly out of business before you
hurt somebody.
Best,
Jason Coombs
of vulnerability
that was hinted at by Microserfs a few months ago... The attacks are
launched by way of source code distributions rather than binary code.
Sweet As.
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http
, aren't you? good luck with that...
Give me bugs that are well-understood and keep your stinking patches to
yourself. we don't need no stinking patches.
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http
the situation nor alert any customer to the risk.
This smells to me like a whole slew of intentional backdoors, and I
don't smoke anything.
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk
for writing the bad code and
deploying flawed architectures over and over again through the years.
Perhaps Microsoft has bothered to look into this by now, and has quietly
dismissed the perpetrators.
Beware of ex-Microsoft programmers.
Regards,
Jason Coombs
[EMAIL PROTECTED
Where do you want the United States to go today?
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
, failure, and decisions of the
business do not reflect directly on any one person, not even its CEO and
founder. There is always more to the story, for anyone who can think clearly
and can pay attention long enough to comprehend complex information.
Can you?
Regards,
Jason Coombs
[EMAIL PROTECTED
.
Regards,
Jason Coombs
[EMAIL PROTECTED]
-Original Message-
From: dave kleiman [EMAIL PROTECTED]
Date: Sun, 18 Dec 2005 11:23:38
To:[EMAIL PROTECTED]
Cc:'Samuel Norris' [EMAIL PROTECTED]
Subject: RE: Guidance Software Customer Database Hacked?
Samuel,
Inline..
Dave
attached wherever you go, because wherever you go, there you are.
Cheers,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http
.
Regards,
Jason Coombs
[EMAIL PROTECTED]
Sent from my BlackBerry wireless handheld.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
If you're looking for honest work then Orange County may not be the right place
to live.
Regards,
Jason Coombs
[EMAIL PROTECTED]
Sent from my BlackBerry wireless handheld.
-Original Message-
From: Day Jay [EMAIL PROTECTED]
Date: Wed, 7 Dec 2005 10:20:19
To:full-disclosure
on, Jay.
Cheers,
Jason Coombs
[EMAIL PROTECTED]
Sent from my BlackBerry wireless handheld.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Commercial pressures are just as harmful to security as are complexity and
ignorance.
Regards,
Jason Coombs
[EMAIL PROTECTED]
Sent from my BlackBerry wireless handheld.
-Original Message-
From: Curt Purdy [EMAIL PROTECTED]
Date: Mon, 5 Dec 2005 17:30:38
To:'wilder_jeff Wilder' [EMAIL
to society.
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
instructs
said programmer to author said spyware will ever have personal criminal
liability for giving said instruction.
If you don't like the world you live in, change it or get out.
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We
UNFAIRDISCLOSURE.NET
UNFAIRDISCLOSURE.INFO
and,
FULL-DISCLOSURE.INFO
Cheers,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
this misuse
of computer evidence, and whatever that something is, it is clear that
only an information security organization is going to be able to explain
it to law enforcement and legislators.
Regards,
Jason Coombs
[EMAIL PROTECTED]
--
http://news.independent.co.uk/uk/legal/article316391.ece
30
://www.getdata.com/
http://www.mountimage.com/
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
When will somebody get around to the important job of killing Microsoft?
Original Message
Subject:MM - #$%@ Kill Google!
Date: Thu, 8 Sep 2005 18:58:17 UT
From: Michael Robertson[EMAIL PROTECTED]
To: [EMAIL PROTECTED]
If this message is not displaying
of an 'electronic crime against a child' should find out the answer to
this question before they decide to try to report it to anyone.
Wipe your drives and get on with life. It is not your job to protect electronic
children from virtual harm.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
P.S. Tobin, does
,
Jason Coombs
[EMAIL PROTECTED]
-Original Message-
From: J.A. Terranson [EMAIL PROTECTED]
Date: Sat, 27 Aug 2005 15:38:11
To:[EMAIL PROTECTED] [EMAIL PROTECTED]
Cc:Full-Disclosure Full-Disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] RE: Example firewall script
http://www.google.com/talk/
Anyone looked at Google Talk?
Yet another exposed endpoint... Let's bring all those vulnerable
processors together in one place so they're easier to find? Hmm.
When will users demand something fundamentally safer to use?
Regards,
Jason Coombs
[EMAIL PROTECTED
so as not to display such script
errors.
Furthermore, the use of an IP address that is outside of the RFC 1918 private
subnet address range appears very irresponsible.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe
performing a forensic review of
IIS 5.0 -- you'll find my analysis contained within my book about IIS security:
http://www.science.org/jcoombs/
http://www.forensics.org/IIS_Security_and_Programming_Countermeasures.pdf
Best,
Jason Coombs
[EMAIL PROTECTED]
-Original Message-
From: Kurt
of convictions overturned, and
prisoners released, based on faulty computer forensic evidence, that
will make wrongful convictions based on faulty DNA evidence seem
insignificant by comparison.
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full
must know something that the
general public doesn't know, and their knowledge must be proof of your
guilt, right?
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure
Paul Schmehl wrote:
Is there a compelling reason for posting this pissing contest to the list?
Yes, there is, Paul. But you weren't paying attention, as usual.
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter
, and will remain so, by something other than the
worms' code -- where the victim won't even bother to investigate that
possibility because they feel like the worm was the incident.
Regards,
Jason Coombs
[EMAIL PROTECTED]
-Original Message-
From: Larry Seltzer [EMAIL PROTECTED]
Date: Wed
/technet/security/bulletin/MS05-039.mspx
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Kurt Seifried wrote:
Actually it really is that simple. Disabling Null sessions is entirely
possible, quite easy, and doesn't break a lot (at least in my previous
Then why doesn't Microsoft provide these instructions in the workarounds
section of the vulnerability announcement? Are you
job for them? No way.
It's painful that I'm not able to stop using their crap software
entirely, and I wish they would just go away.
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full
.
Not that this hasn't already been happening as a result of porn-related
spyware and adware, but is this the first porn worm?
Cheers,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full
No statement made by me with respect to Mr. Lawson has been false.
Mr. Lawson *IS* an incompetent computer forensic expert who
misrepresents his work as something that it is not.
The facts prove this beyond any doubt. Good luck in your lawsuit.
Sincerely,
Jason Coombs
[EMAIL PROTECTED
Original Message
Subject: Re: Global CompuSearch
Date: Tue, 16 Aug 2005 15:02:10 -1000
From: Jason Coombs [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: Matthew Ries [EMAIL PROTECTED]
CC: Marcus Lawson [EMAIL PROTECTED]
I have also reviewed the emails that you have sent
VIA MAIL AND EMAIL [EMAIL PROTECTED]
Mr. Jason Coombs
59-088 Kamehameha Hwy.
Haleiwa, HI 96712
Re: Global CompuSearch, L.L.C.
Dear Mr. Coombs:
Our firm has been retained by Global CompuSearch, L.L.C., to address the
false and slanderous statements that you have made to various third
thought and then publish the arbitrary text and call it a
'dictionary' should be shot.
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored
to marketing efforts, lobbyist
campaigns to get new legislation enacted, and disinformation spread by
self-interested bad people.
(I know you're not one of them)
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
“A Trojan is malicious code that gives an attacker future unauthorized access
to a computer
than by planting a Trojan, so there needs to be a distinction between
the two.
Cheers,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored
.
Nobody today would avoid using the term spyware just because the term
Trojan was the way in which that malware would have been labeled in the
past. As I said, everyone I know understands what a Trojan is, and their
understanding is not what you suggest it should be.
Sincerely,
Jason Coombs
not include the broader definition. That causes a real problem, in
practice, since if the anti-Trojan doesn't stop spyware then how can
spyware be a Trojan?
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http
to the infected box.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
. You and people like you are evil and
you must be stopped.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http
Solutions appeared to be stealing money from investors.
My intervention saved your job, you dickweed.
It also saved your company. The investors who backed you now control
your company. Do you think that happened by accident?
Shit, you're a gigantic moron.
Sincerely,
Jason Coombs
[EMAIL
detail?
Thank you kindly,
Jason Coombs
[EMAIL PROTECTED]
--
Stale warrants doom porn cases
Exclusive: Searches that turned up images of children ruled illegal
09:55 PM CDT on Wednesday, July 13, 2005
By ROBERT THARP / The Dallas Morning News
When Dallas police and federal agents wrapped up
are today. Stupid fucks.
See:
http://www.wired.com/news/technology/0,1282,68435,00.html
http://www.granick.com/blog/
http://www.granick.com/blog/lynncomplaint.pdf
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter
to their old e-mail address...
Practically-speaking, Cisco has little choice but to personally phone
every single member, or dump their entire registration database and
force the users to re-apply for new member accounts.
This automatic password reset thing is fatally-flawed.
Regards,
Jason
on the Internet?
maybe you should go reread the wiretap act.
Wiretap Act doesn't apply to stored electronic communications.
Kohl's owns all of those communications, whether stored temporarily in
RAM or stored persistently to a hard drive.
Regards,
Jason Coombs
[EMAIL PROTECTED
least any possible criminal charges against Lynn dropped.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http
the
pointed question Why did Cisco do this? It renders their product
permanently defective, and here's the proof.
Somebody needs to explain this clearly to the FBI.
Cisco should be criminally prosecuted for telling lies to their
customers and for abuse of process.
Regards,
Jason Coombs
[EMAIL
statements to the press, then Lynn
willfully gave up that protection prior to his disclosure.
Now that is truly patriotic and brave, to sacrifice oneself in order to
demonstrate that there are holes in the criminal justice system...
Regards,
Jason Coombs
[EMAIL PROTECTED
ahead of time, before they deploy a
product, what code that product should be allowed to execute.
Do you think there is no way in hardware to limit the code that gets
executed? Maybe you should join the FBI.
Sincerely,
Jason Coombs
[EMAIL PROTECTED
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
this engineering challenge, presumably because it would cut
into profits.
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http
secrets.
However, techworld.com is a UK-based publisher, apparently, and so
should be fine until a UK court concurs with the U.S. court's granting
of the injunction.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter
J.A. Terranson wrote:
On Fri, 29 Jul 2005, Jason Coombs wrote:
reverse engineered.
*millions* of copies of these secrets in general circulation. Nobody
can assert with a straight face that anything about Lynn's presentation is
not completely and totally within the public view
[EMAIL PROTECTED] wrote:
On Fri, 29 Jul 2005 15:02:51 -1000, Jason Coombs said:
redesign, fundamentally, the turing machine so that before each
operation is performed a verification step is employed to ensure that
Ahem. No. You *can't* ensure it (although you *can* do things like bounds
and we'll see how well you
are able to convince the court that you did not engage in espionage
because the material was no longer a trade secret.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http
of a single file of source code?
How much more complicated do you need to make it in order to feel safe?
3Com needs it to be so complicated that a 'Digital Vaccine' is required
in order to make you feel healthy again. Bull. Crap. Lies.
Regards,
Jason Coombs
[EMAIL PROTECTED
fancy trick to
convince the shareholders to keep the faith and not dump the stock.
Obviously, buying iDEFENSE makes VeriSign far more valuable. Hoorah!
Who do you want the stock market to eat, today?
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full
the Nokia 770 Linux Internet
Tablet until the neocomputer industry emerges.
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http
CSI and
visions of fat bank accounts have deceived everyone temporarily...)
Please get a clue before you hurt somebody.
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure
waste of time and money, and they only
help the bad guys on all sides of the bellum omnium contra omnes. The
good guys get what they need by reading glossy print magazines.
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe
[EMAIL PROTECTED] wrote:
On Thu, 30 Jun 2005 04:00:40 +0930, [EMAIL PROTECTED] said:
I will respond to your email when I return.
If, of course, the e-mail is still there when Jack returns. ;)
Does this form a binding contract?
You may be able to sue Jack if he doesn't respond.
I'll pay more than they will.
Contact me instead.
Jason Coombs
[EMAIL PROTECTED]
metesi wrote:
Dear All,
for ethical penetration testing purpose we need to get a client-side
undisclosed vulnerability for windows platform.
We are interested in:
- internet explorer
- outlook
- microsoft
negative consequences of
expanding the power of law enforcement to act in secret in order to comply with
our country's senseless mandates that compel us to create as many prisoners as
possible.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
http://www.science.org/jcoombs
unwise. ;-)
Would you suggest debriefing TSA at the airport at one's destination upon
arrival?
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted
hahahaha!
Over time, software will learn what information people use -- and what
they don't want to know -- and will adjust its behavior and its output
accordingly.
...
very funny.
Original Message
Subject:The New World of Work
Date: Thu, 19 May 2005 10:53:29 -0700
such a secret even if you could, is moronic and it's wrong-headed.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http
that any person above the mental age
of 14 has no trouble understanding when the facts are presented clearly?
Cheers,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
I'm glad you wrote again, 'Lor'.
You missed the press release? Or maybe you fail to comprehend good news when
you see it.
I'll send a copy of the press release. Please let us all know what you think.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED
Lotus Fund Acquires Controlling Interest in PIVX Solutions From
Co-Founders; Seeks to Leverage Company's Unique Windows Security Technology
NEWPORT BEACH, Calif.--(BUSINESS WIRE)--April 7, 2005--PIVX Solutions,
Inc. (OTCBB:PIVX), the leader in next generation Windows Host-Based
Intrusion
the truth.
MICROSOFT: STOP THE WAR! NO MORE SECRETS!
Regards, and best wishes,
Jason Coombs
[EMAIL PROTECTED]
-Original Message-
From: Georgi Guninski [EMAIL PROTECTED]
Date: Fri, 8 Apr 2005 23:17:08
To:full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] How to Report
[EMAIL PROTECTED] wrote:
What is this a press release mailing
list? Full-pivx-disclosure?
So it's okay for anonymous cowards who want to perpetrate financial crimes to
post nonsense to the list, but I'm not allowed to?
Nice.
Jason Coombs
[EMAIL PROTECTED
by absolutes.
By design, and by intent, the world is not a level playing field - if you are a
consumer, a renter, and a worker then you are a slave to producers, owners, and
employers.
Live with it, or don't, but to live while grossly misunderstanding it is truly
absurd.
Regards,
Jason Coombs
[EMAIL
'Security' is ENTIRELY philosophical.
Go use a dictionary. You'll learn something.
Jason Coombs
[EMAIL PROTECTED]
-Original Message-
From: Thierry Zoller [EMAIL PROTECTED]
Date: Fri, 8 Apr 2005 01:25:42
To:Jason Coombs [EMAIL PROTECTED]
Cc:full-disclosure@lists.grok.org.uk
Subject: Re
specialist firm.
Reacting to problems rather than preparing for them forensically is a mistake
nobody can afford to make today.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED]
Date: Tue, 5 Apr 2005 02:07:44
To:full-disclosure@lists.grok.org.uk
Subject
specialist firm.
Reacting to problems rather than preparing for them forensically is a mistake
nobody can afford to make today.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED]
Date: Tue, 5 Apr 2005 02:07:44
To:full-disclosure@lists.grok.org.uk
Subject
profit from victims
by causing them unnecessary problems and then selling inadequate fixes.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
[1] MSDN Security Developer Center: Execution Protection
http://msdn.microsoft.com/security/productinfo/XPSP2/memoryprotection/execprotection.aspx
[7] Why Was Intel
suggesting that companies should encrypt the information they store in
databases. That would have taken too few words to recommend, and if it's that
easy to solve the underlying problem, who will hire you?
Cheers,
Jason Coombs
[EMAIL PROTECTED]
-Original Message-
From: Atom Smasher [EMAIL
reverse hashing
By reverse hashing you mean defeating the protection by forward hashing all
possible SSNs, presumably.
-Original Message-
From: [EMAIL PROTECTED]
Date: Sat, 19 Mar 2005 17:38:09
To:Atom Smasher [EMAIL PROTECTED]
Cc:Jason Coombs [EMAIL PROTECTED], Full-Disclosure
Good job! You've reduced by 99% the number of people who understand that the
SSN is still being stored as plaintext in the database.
This should result in 100% efficacy for defense against lawsuits and other
complex liability that would otherwise arise out of pure neglect and
incompetency.
I
what you believe is right, and get advice from legal
counsel but don't forget that they are just making an educated guess about how
a jury or a judge will respond, or interpret the law. Your attorney is not you,
and it is not their decision to make in the end.
Sincerely,
Jason Coombs
[EMAIL
1 - 100 of 101 matches
Mail list logo
