Dear Symantec,
As long as we're burning digital books to mitigate our civil liability,
perhaps we could do a good job of it next time? Quietly disappearing
Russell Harding's advisory from the BugTraq archive didn't resolve your
potential liability for distributing links to material that violate
Sent from my Verizon Wireless BlackBerry
-Original Message-
From: "Jason Coombs" <[EMAIL PROTECTED]>
Date: Wed, 6 Jun 2007 04:13:33
To:[EMAIL PROTECTED]
Cc:[EMAIL PROTECTED],[EMAIL PROTECTED]
Subject: RE: [IACIS-L] Statement by Defense Expert
Dave_on_the_run <[EMAI
Problem:
DNS service ZoneEdit.com now owned by MyDomains.com has started forcing
JavaScript pop-Unders onto users' browsers when the domain owner uses
the ZoneEdit WebForward feature.
References:
www.zoneedit.com
www.mydomains.com/support.php
www.casalemedia.com/contact.html
Details:
C
AM
To: [EMAIL PROTECTED]
Subject: Re: [HTCC] Expert Info Sought
I am helping the Yuma County Attorney's Office with a case. The other
side has noticed an expert named Jason Coombs, who has offices in CA,
HI, and New Zealand. He is the director of forensics for PivX. If
anyone has ha
[Full-Disclosure] is dead.
Long live full disclosure.
-Original Message-
From: [EMAIL PROTECTED]
Date: Sat, 18 Mar 2006 00:01:39
To:[EMAIL PROTECTED]
Subject: You have been unsubscribed from the Full-Disclosure mailing list
For quality control purposes please send mail to [EMAIL PROTECT
ants security, do they? People just want things that are
complicated so they can learn secret voodoo business trade secrets and grow new
business ventures.
People who really want security already have it, so distrust anyone who claims
to be able to sell it t
relied on in the past to engage in
communication with the party they believe to be the owner of a particular
public key.
SSL does not implement any reasonable trust mechanism today because Verisign
dumbed it down in order to create a universal mechanism to tax the Internet.
Best,
Jason Coombs
[
[EMAIL PROTECTED] wrote:
And I would have never shot hot steamy load of man juice inside you
if you were not fucking faggot
uh huh, and now we know the spam kiddie responsible. I pay by the KB to
receive all your junk, so you can expect a lawsuit in the near future.
Send your address for ser
Don Bailey wrote:
Stop interrupting the spam, I'm trying to read.
The spam attacks would never have gotten through if Len Rose were still
in charge of FD.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-cha
from interested parties.
Your tactic of supplying a URL would be offensive to me, so it's probably a
good thing you weren't the one hired to help the company in question locate a
buyer.
Best,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - W
hhold
disclosure of their knowledge of the problem.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
profit die a horrible and painful death
that takes as many of its investors with it as possible in the process!
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
dence found in
their possession appears to incriminate their computer (and by
extension, the computer owner) as a tool of the alleged crime.
I'd like a better history of compromised hosts for this purpose, and
suggest that botnet operators be required to publish their logs. ;-)
Regards,
Ja
[EMAIL PROTECTED] wrote:
https://download.foundstone.com/?o=^2155
Now that's just plain sloppy.
But at least it's SSL-secured.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored
ally alter modern information security. I do not see how
any organization can believe itself to be adequately secured when the
simple ability to prove security measures are working, and quickly
determine the precise method of failure when they break down,
essentially does not exist today.
Sincere
J.A. Terranson wrote:
Invite the idiot in the
white house, I hear he's feeling unloved today :-)
Do you mean: "invite the idiot" in the white house ?
Or do you mean: invite the "idiot in the white house" ?
My favorite stupid hacker trick "in the white house": getting POTUS to
call you by you
ly showing the Bush administration the same
mock-ups that the rest of us get to see.
In either case, the whole show begs the question "Who's really in
charge?" as well as "What electronic voting equipment manufacturer
elected THEM President?"
B
rned information security tricks from Microsoft.
Who in their right mind would focus their attention on software version
numbers and think that makes for better security?
Somebody tell the NSA they need to keep track of hash codes instead.
Regards,
Jason Coombs
[EMAIL PROTE
ct of opening or attempting to compile a
source code distribution.
Source code is just as dangerous as binary code. Clearly, the only way
to be safe is to rely on Microsoft's programmers to create and
digitally-sign software for us. Go Micros
zero, aren't you? good luck with that...
Give me bugs that are well-understood and keep your stinking patches to
yourself. we don't need no stinking patches.
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it
ss of vulnerability"
that was hinted at by Microserfs a few months ago... The attacks are
launched by way of source code distributions rather than binary code.
Sweet As.
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Cha
ducts, and also refuse to disclose the source code so
that we can compile the code ourselves and therefore at least know where
our machine code came from and what its source looks like, then you're
the one who needs to stfu and go promptly out of business before you
hurt somebody.
Best,
Ja
J.A. Terranson wrote:
An exe? No source??? Just "setup.exe" Are you crazy?
That's the way Microsoft does it, and you've got your trusty Anti-Virus
software to protect you, right? So what's the problem?
___
Full-Disclosure - We believe in it.
uals were responsible for writing the bad code and
deploying flawed architectures over and over again through the years.
Perhaps Microsoft has bothered to look into this by now, and has quietly
dismissed the perpetrators.
Beware of ex-Microsoft programmers.
Regards,
Jaso
g to remedy the situation nor alert any customer to the risk.
This smells to me like a whole slew of intentional backdoors, and I
don't smoke anything.
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http
Where do you want the United States to go today?
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
unicate to/from the other party. Furthermore they could take the position
that there is no need for a warrant for 'electronic communication pen
registers' as the pen register statutes are cleverly ambiguous and (probably
intentionally) antiquated...
Regards,
Jason Coombs
[EMAIL PROTEC
sk unnecessarily, and full disclosure of the true nature of that risk
is our only protection against persons of superior imagination.
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
ondition of
data stored on hard drives is causing severe harm to the public safety
worldwide.
Regards,
Jason Coombs
[EMAIL PROTECTED]
-Original Message-
From: Alex Eckelberry <[EMAIL PROTECTED]>
Date: Tue, 20 Dec 2005 10:21:37
To:[EMAIL PROTECTED]
Subject: RE: Guidance
Yup, Brian
or corporations.
Regards,
Jason Coombs
[EMAIL PROTECTED]
-Original Message-
From: "dave kleiman" <[EMAIL PROTECTED]>
Date: Sun, 18 Dec 2005 11:23:38
To:<[EMAIL PROTECTED]>
Cc:"'Samuel Norris'" <[EMAIL PROTECTED]>
Subject: R
ed by any one person, and the success, failure, and decisions of the
business do not reflect directly on any one person, not even its CEO and
founder. There is always more to the story, for anyone who can think clearly
and can pay attention long enough to comprehend complex information.
Can you?
Re
deranged thinking
remains attached wherever you go, because wherever you go, there you are.
Cheers,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and s
ong threads.
Regards,
Jason Coombs
[EMAIL PROTECTED]
Sent from my BlackBerry wireless handheld.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
s stability.
Rock on, Jay.
Cheers,
Jason Coombs
[EMAIL PROTECTED]
Sent from my BlackBerry wireless handheld.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
If you're looking for honest work then Orange County may not be the right place
to live.
Regards,
Jason Coombs
[EMAIL PROTECTED]
Sent from my BlackBerry wireless handheld.
-Original Message-
From: Day Jay <[EMAIL PROTECTED]>
Date: Wed, 7 Dec 2005 10:20:19
To:full
Commercial pressures are just as harmful to security as are complexity and
ignorance.
Regards,
Jason Coombs
[EMAIL PROTECTED]
Sent from my BlackBerry wireless handheld.
-Original Message-
From: "Curt Purdy" <[EMAIL PROTECTED]>
Date: Mon, 5 Dec 2005 17:30:38
To:&quo
on. No exec who instructs
said programmer to author said spyware will ever have personal criminal
liability for giving said instruction.
If you don't like the world you live in, change it or get out.
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
n importance and worth to society.
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
LOSURE.ORG
UNFAIRDISCLOSURE.NET
UNFAIRDISCLOSURE.INFO
and,
FULL-DISCLOSURE.INFO
Cheers,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
antial evidence. Something must be done to correct this misuse
of computer evidence, and whatever that something is, it is clear that
only an information security organization is going to be able to explain
it to law enforcement and legislators.
Regards,
Jason Coombs
[EMAIL PROTECTED]
--
http:
://www.getdata.com/
http://www.mountimage.com/
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
When will somebody get around to the important job of killing Microsoft?
Original Message
Subject:MM - #$%@ Kill Google!
Date: Thu, 8 Sep 2005 18:58:17 UT
From: Michael Robertson<[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
If this message is not displaying proper
ldren'.
What is the penalty under law for triggering and fueling an irrational witch
hunt, or a panicked stampede that crushes and tramples its victim-participants,
in your jurisdiction?
Every person who comes into contact with evidence that may be interpreted to be
proof of an 'e
ly for the benefit of everyone who comes after you.
Regards,
Jason Coombs
[EMAIL PROTECTED]
-Original Message-
From: "J.A. Terranson" <[EMAIL PROTECTED]>
Date: Sat, 27 Aug 2005 15:38:11
To:"[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
Cc:Full-Disclosure
Subje
http://www.google.com/talk/
Anyone looked at Google Talk?
Yet another exposed endpoint... Let's bring all those vulnerable
processors together in one place so they're easier to find? Hmm.
When will users demand something fundamentally safer to use?
Regards,
Jason Coombs
[EMAIL
conclusion that I arrived at after performing a forensic review of
IIS 5.0 -- you'll find my analysis contained within my book about IIS security:
http://www.science.org/jcoombs/
http://www.forensics.org/IIS_Security_and_Programming_Countermeasures.pdf
Best,
Jason Coombs
[EMAIL PROTECTED]
ured so as not to display such script
errors.
Furthermore, the use of an IP address that is outside of the RFC 1918 private
subnet address range appears very irresponsible.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe i
do Microsoft's job for them? No way.
It's painful that I'm not able to stop using their crap software
entirely, and I wish they would just go away.
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter:
Kurt Seifried wrote:
Actually it really is that simple. Disabling Null sessions is entirely
possible, quite easy, and doesn't break a lot (at least in my previous
Then why doesn't Microsoft provide these instructions in the workarounds
section of the vulnerability announcement? Are you certai
t.com/technet/security/bulletin/MS05-039.mspx
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
mised, and will remain so, by something other than the
worms' code -- where the victim won't even bother to investigate that
possibility because they feel like the worm was the incident.
Regards,
Jason Coombs
[EMAIL PROTECTED]
-Original Message-
From: "Larry Seltzer"
Paul Schmehl wrote:
Is there a compelling reason for posting this pissing contest to the list?
Yes, there is, Paul. But you weren't paying attention, as usual.
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Ch
nd
reputable and honest and trustworthy people must know something that the
general public doesn't know, and their knowledge must be proof of your
guilt, right?
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Char
Original Message
Subject:Global CompuSearch
Date: Tue, 16 Aug 2005 17:05:02 -0700
From: Matthew Ries <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
CC: Marcus Lawson <[EMAIL PROTECTED]>
Mr. Coombs:
Our firm represents Global CompuSearch. Please see the at
us flaws, and tell others.
I predict that we will see a wave of convictions overturned, and
prisoners released, based on faulty computer forensic evidence, that
will make wrongful convictions based on faulty DNA evidence seem
insignificant by comparison.
Regards,
Jason Coombs
[EMAIL PROTECTE
VIA MAIL AND EMAIL [EMAIL PROTECTED]
Mr. Jason Coombs
59-088 Kamehameha Hwy.
Haleiwa, HI 96712
Re: Global CompuSearch, L.L.C.
Dear Mr. Coombs:
Our firm has been retained by Global CompuSearch, L.L.C., to address the
false and slanderous statements that you have made to various third
Original Message
Subject: Re: Global CompuSearch
Date: Tue, 16 Aug 2005 15:02:10 -1000
From: Jason Coombs <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
To: Matthew Ries <[EMAIL PROTECTED]>
CC: Marcus Lawson <[EMAIL PROTECTED]>
I have also reviewed the em
Nick FitzGerald wrote:
Oh, and it's far from the first "wormy bot" (or similar) to further
compromise the victim machine by installing adware, spyware, warez
server, etc, etc.
Very good points, but can you think of another worm that downloaded XXX
spyware/adware ?
Regards
Ries
No statement made by me with respect to Mr. Lawson has been false.
Mr. Lawson *IS* an incompetent computer forensic expert who
misrepresents his work as something that it is not.
The facts prove this beyond any doubt. Good luck in your lawsuit.
Sincerely,
Jason Coombs
[EMAIL PROT
puters.
Not that this hasn't already been happening as a result of porn-related
spyware and adware, but is this the first porn worm?
Cheers,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.
18 years of age?
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
ntly peer-reviewed and corrected.
Anyone presumptuous enough to arbitrarily define technical terms without
considerable careful thought and then publish the arbitrary text and call it a
'dictionary' should be shot.
Regards,
Jason Coombs
[EMAIL PROTECTED]
So, what's the password?
-Original Message-
From: CERT Advisory
Date: Fri, 12 Aug 2005 18:16:36
To:cert-advisory@cert.org
Subject: US-CERT Technical Cyber Security Alert TA05-224A -- VERITAS Backup
Exec Uses Hard-Coded Authentication Credentials
-BEGIN PGP SIGNED MESSAGE-
Hash
argument invalid. So many people share my definition of Trojan
that those of you who think you can dismiss it as wrong simply have to think
twice.
Cheers,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.g
ht. It has proved invaluable to marketing efforts, lobbyist
campaigns to get new legislation enacted, and disinformation spread by
self-interested bad people.
(I know you're not one of them)
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
“A Trojan is malicious code that gives an attacker
Backdoors ..." unless you are using Trojan
to communicate the feature of remote access to the infected box.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Chuck Fullerton wrote:
"A Trojan horse is a program that appears to have some useful or benign
purpose, but really masks some hidden malicious functionality."
"A Backdoor is a program that allows attackers to bypass normal security
controls on a system, gaining access on the attacker's own terms
n and does
not include the broader definition. That causes a real problem, in
practice, since if the anti-Trojan doesn't stop spyware then how can
spyware be a Trojan?
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe
s common sense has
changed the definition of Trojan, pure and simple.
Nobody today would avoid using the term spyware just because the term
Trojan was the way in which that malware would have been labeled in the
past. As I said, everyone I know understands what a Trojan is, and their
understan
Erik Kamerling wrote:
Trojan Horse
A computer program that appears to have a useful function, but also has a
hidden and potentially malicious function that evades security mechanisms,
sometimes by exploiting legitimate authorizations of a system entity that
invokes the program.
Copied from t
ltering its programming rather
than by planting a Trojan, so there needs to be a distinction between
the two.
Cheers,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
the horse.
http://classics.mit.edu/Homer/iliad.html
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
r operation during an investigation.
When the circumstances of software execution on a computer and the data
communications to and from a computer are UNKNOWN, all data from that
computer should be excluded from use in court as "evidence" of anything.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
__
ough the Internet. Nobody ever explains this to the
judge, and law enforcement forensic examiners seem not to understand it.
Something must be done to fix this, and every person convicted of a
crime in the past where computer evidence was used without ensuring that
its pitfalls are well-understood should be given an immediate retrial.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
ose who are truly guilty, and keep them convicted on appeal.
Somehow we need to fix this broken system and insist that all computer
forensics be performed with the help of a competent information security
professional, at the very least.
Any other suggestions?
Sincerely,
Jason Coombs
[EMAI
these lines or help me make contact with
the appropriate parties so that I may explain this theory in more detail?
Thank you kindly,
Jason Coombs
[EMAIL PROTECTED]
--
Stale warrants doom porn cases
Exclusive: Searches that turned up images of children ruled illegal
09:55 PM CDT on Wednes
ure of the fact that PivX
Solutions appeared to be stealing money from investors.
My intervention saved your job, you dickweed.
It also saved your company. The investors who backed you now control
your company. Do you think that happened by accident?
Shit, you're a gigantic moron.
S
ner" who just wouldn't
have a paycheck if you didn't "play along" -- just stop.
Bring on the stones. Do your worst. You and people like you are evil and
you must be stopped.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Discl
ms, but don't suppress security vulnerability
knowledge that impacts computer systems owned and operated by ordinary
people; for doing so ruins lives and you, the suppressing agent, are to
blame for it moreso than anyone else.
Grr. Rant. Rant. Grumble.
Sincerely,
Jason Coombs
[EMAIL PROTE
Good job, Internal Revenue, New Zealand!
Keep all that awareness and truth out -- it might hurt you.
Original Message
Subject:GWAVA Sender Notification (Content filter)
Date: Tue, 9 Aug 2005 15:52:06 +1200
From: <[EMAIL PROTECTED]>
To: undisclosed-recipients: ;
freedoms that you enjoyed in order to get to where
you are today. Stupid fucks.
See:
http://www.wired.com/news/technology/0,1282,68435,00.html
http://www.granick.com/blog/
http://www.granick.com/blog/lynncomplaint.pdf
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
em a confirmation to their old e-mail address...
Practically-speaking, Cisco has little choice but to personally phone
every single member, or dump their entire registration database and
force the users to re-apply for new member accounts.
This automatic password reset thing is fatally-flaw
because
it's on the Internet?
maybe you should go reread the wiretap act.
Wiretap Act doesn't apply to stored electronic communications.
Kohl's owns all of those communications, whether stored temporarily in
RAM or stored persistently to a hard drive.
Rega
re its built-in machine code
authentication logic because it would not be implemented in software or
firmware.
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.
ttempt to sell it to a foreign government and we'll see how well you
are able to convince the court that you did not engage in espionage
because the material was no longer a trade secret.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
___
[EMAIL PROTECTED] wrote:
On Fri, 29 Jul 2005 15:02:51 -1000, Jason Coombs said:
redesign, fundamentally, the turing machine so that before each
operation is performed a verification step is employed to ensure that
Ahem. No. You *can't* "ensure" it (although you *can* do thi
J.A. Terranson wrote:
On Fri, 29 Jul 2005, Jason Coombs wrote:
reverse engineered.
*millions* of copies of these "secrets" in general circulation. Nobody
can assert with a straight face that anything about Lynn's presentation is
not completely and totally within the pu
g the article) those secrets.
However, techworld.com is a UK-based publisher, apparently, and so
should be fine until a UK court concurs with the U.S. court's granting
of the injunction.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disc
this very well and chooses not to
undertake this engineering challenge, presumably because it would cut
into profits.
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-c
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Madison, Marc wrote:
Am I missing something here, because it seems that two vulnerabilities
are being discussed, one is the IPv6 DOS
http://www.cisco.com/warp/public/707/cisco-sa-20050729-ipv6.shtml. And
the other is Lynn presentation on shellcode execution via the IOS?
Did you read the advis
isco knows ahead of time, before they deploy a
product, what code that product should be allowed to execute.
Do you think there is no way in hardware to limit the code that gets
executed? Maybe you should join the FBI.
Sincerely,
Jason Coombs
[EMAIL
obe case in his statements to the press, then Lynn
willfully gave up that protection prior to his disclosure.
Now that is truly patriotic and brave, to sacrifice oneself in order to
demonstrate that there are holes in the criminal justice system...
Regards,
Jason Coombs
[
f a person who simply asks the
pointed question "Why did Cisco do this? It renders their product
permanently defective, and here's the proof."
Somebody needs to explain this clearly to the FBI.
Cisco should be criminally prosecuted for telling lies to their
customers and for abus
aving Cisco prosecuted for abuse of process, or at
the very least any possible criminal charges against Lynn dropped.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-c
on a single line
of a single file of source code?
How much more complicated do you need to make it in order to feel safe?
3Com needs it to be so complicated that a 'Digital Vaccine' is required
in order to make you feel healthy again. Bull. Crap. Lies.
Regards,
Jas
very fancy trick to
convince the shareholders to keep the faith and not dump the stock.
Obviously, buying iDEFENSE makes VeriSign far more valuable. Hoorah!
"Who do you want the stock market to eat, today?"
Regards,
Jason Coombs
[
ing device other than the Nokia 770 Linux Internet
Tablet until the neocomputer industry emerges.
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sp
heir businesses grow. They do not deserve respect and they most
certainly fail the 'lovable' test, but television shows like CSI and
visions of fat bank accounts have deceived everyone temporarily...)
Please get a clue before you hurt somebody.
Jason Coombs
[EMAIL PROTECTED]
___
closed, please find the message you sent.
Subject: [Fwd: Re: Tools accepted by the courts]
From: Jason Coombs <[EMAIL PROTECTED]>
Date: Wed, 29 Jun 2005 11:25:33 -1000
To: Forensics <[EMAIL PROTECTED]>
For those who asked to read my original post ... See below.
I propose that we do
1 - 100 of 138 matches
Mail list logo