Re: [Full-disclosure] [MDVSA-2013:11X ] ENTIRE OS

On 4/15/2013 6:24 AM, Alexander Georgiev wrote: > > +1 ! > > > > > > On Thu, 11 Apr 2013 00:00:18 -0700, Stefan Jon Silverman > wrote: > >> -BEGIN POPEYE (SPINACH) SIGNED MESSAGE- >> Hash: SHAK's-SHORTS >> >> ___ >> >

Re: [Full-disclosure] list patch

On 3/4/2013 9:28 PM, andrew.wallace wrote: > After all this time you don't grasp the serious nature of calling me > or my organisation a troll and the trouble you will get yourself in > legally. After all this time you still persist. Oh and the recent > mails have been forwarded to my lawyer. > > A

Re: [Full-disclosure] list patch

On 3/3/2013 2:20 AM, Georgi Guninski wrote: > On Sat, Mar 02, 2013 at 12:29:10PM -0500, valdis.kletni...@vt.edu wrote: >> On Sat, 02 Mar 2013 18:17:46 +0200, Georgi Guninski said: >> >>> indeed the list headers changed. >>> "lightly moderated" sounds like "likely pregnant" to me. >>> i suggest we m

Re: [Full-disclosure] how do I know the fbi is followin

Title: Message On 3/2/2013 10:15 PM, Stefan Jon Silverman wrote: <<<=== gets out popcorn maker, this is going to be a fun movie.     Regards,

Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ] How much time is appropriate for fixing

On 7/11/2012 10:56 AM, Григорий Братислава wrote: > Obligatory question is to must remain politically correct: "When I is > respond to you, am I to address is Wesley or Laurelai?" Not only is > you confused, you is has everyone confused. MusntLive is reserve the > r

Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ] How much time is appropriate for fixing

On 7/11/2012 8:12 AM, Григорий Братислава wrote: > On Tue, Jul 10, 2012 at 6:40 PM, wrote: > >> Are you familiar with Georgi's work? Please look at his website before >> proffering opinions. >> > Is must be an old man thing. No one is use VAX/VMS is only people like > parmaster (oh hai Jason Snit

Re: [Full-disclosure] How much time is appropriate for fixing a bug?

On 7/6/12 1:48 PM, Thor (Hammer of God) wrote: > I already covered that -- if they don't fix it, the publish it. > Also, if a vendor has a "venerability" to the community, then they > would obviously fix it. > > There's no "responsibility" to disclose anything. FD doesn't exist > to satisfy som

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

g his mind. (I've actually never had a problem with > Andrew, though I guess many here have.) > > So yes, my apologies, as I obviously don't know you from Adam. Now > everything makes more sense. > T > > Sent from my iPad > > On Jun 10, 2012, at 4:21 PM, "Lau

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

Thor’s Microsoft Security Bible     From: Laurelai [mailto:laure...@oneechan.org] Sent: Sunday, June 10, 2012 2:26 PM To: Thor (Hammer of God

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

On 6/10/12 5:54 PM, Benji wrote: Which antisec kids? Unfortunately due to some poeple being utterly delued, such as yourself, throwing that word around it's rather ambiguous now. On Sun, Jun 10, 2012 at 10:49 PM, Laurelai <laure...@onee

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

...@lists.grok.org.uk [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Laurelai Sent: Sunday, June 10, 2012 2:00 PM To: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Obama Order Sped

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

On 6/10/12 5:22 PM, Ian Hayes wrote: > > Then why did you work for them? (or so you claim) > >> On Jun 10, 2012 2:01 PM, "Laurelai" > <mailto:laure...@oneechan.org>> wrote: >> >> On 6/10/12 12:52 PM, Thor (Hammer of God) wrote: >>

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

...@lists.grok.org.uk [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Laurelai Sent: Sunday, June 10, 2012 2:00 PM To: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Obama Order Sped

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

On 6/10/12 11:29 AM, valdis.kletni...@vt.edu wrote: > On Sun, 10 Jun 2012 08:58:31 +0300, Georgi Guninski said: >> What about legal windows backdoors (NSA key)? > It was never confirmed whether the infamous NSAKEY was an actual backdoor, or > just a hilariously poorly named variable. In any case,

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

On 6/10/12 12:52 PM, Thor (Hammer of God) wrote: > And not capitalizing "Army" when you claim to have spent 10 years of > your life in service does precisely the same thing. > > On Jun 10, 2012, at 3:31 AM, "Laurelai" <mailto:laure...@oneechan.org>>

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

On 6/10/12 8:22 AM, doc mombasa wrote: > maybe its because i dont take you seriously > and who cares what gender you are > go suck a lemon > > 2012/6/10 Laurelai mailto:laure...@oneechan.org>> > > On 6/10/12 6:23 AM, doc mombasa wrote: >> sure you

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

On 6/9/12 5:10 PM, Mark Shuler wrote: > > Nudging everyone back to the alleged Obama tactics.I'm sure > everyone has an idea for the big push for "cyber warriors" in the > united states. > > By the arguments I'm hearing and milling through some of the other > infosec posts. Who do you believe

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

On 6/10/12 6:23 AM, doc mombasa wrote: > sure you did > and i ride a popcicle motorcycle from my palace to the beach every day :) > > 2012/6/10 Laurelai mailto:laure...@oneechan.org>> > > On 6/10/12 6:14 AM, doc mombasa wrote: >> do you by any chance listen

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

Wed, Jun 06, 2012 at 11:22:32PM -0400, Laurelai wrote: >> On 6/6/12 2:23 PM, Peter Dawson wrote: >>> haha..da retrun of da "farewell dossier" !! >>> >>> On Wed, Jun 6, 2012 at 2:21 PM, coderman >> <mailto:coder...@gmail.com>> wrote

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

On 6/8/12 3:54 PM, Ian Hayes wrote: > On Fri, Jun 8, 2012 at 3:49 PM, Laurelai wrote: >> On 6/8/12 3:46 PM, Ian Hayes wrote: >>> On Fri, Jun 8, 2012 at 3:38 PM, Laurelai wrote: >>>> Thank you, lets now discuss how infosec experts are going to deal with >

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

On 6/8/12 3:46 PM, Ian Hayes wrote: > On Fri, Jun 8, 2012 at 3:38 PM, Laurelai wrote: >> Thank you, lets now discuss how infosec experts are going to deal with >> the threat of state sponsored cyberwarfare, and "bend over and take it" >> is not really a good answ

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

ng BlackBerry® from Orange > > -Original Message- > From: Bzzz > Sender: full-disclosure-boun...@lists.grok.org.uk > Date: Fri, 8 Jun 2012 20:03:51 > To: > Subject: Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks > Against Iran > > On Fri, 08 Jun 2012 1

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

On 6/8/12 3:12 PM, Ian Hayes wrote: > On Fri, Jun 8, 2012 at 2:41 PM, Christian Sciberras wrote: >> Perhaps the US Government would gain better results by mass protests and >> chanting peace songs. >> >> Or perhaps it just doesn't work this way. >> >> They shouldn't be blamed, everyone knows fight

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

On 6/8/12 3:09 PM, Григорий Братислава wrote: > On Fri, Jun 8, 2012 at 3:02 PM, Laurelai wrote: > >> You mean where i publicly called out the people selling zero days to the >> US gov? > No I is meant where you allow is your narcissism is permeate in conversation. > http:/

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

On 6/8/12 2:56 PM, Григорий Братислава wrote: > On Fri, Jun 8, 2012 at 2:52 PM, Laurelai wrote: >> *adds names to a list of people likely selling zero days* > Is not surprise me. Is you need know, national security trumps FBI CIS > http://www.fbi.gov/news/testimony/improving-o

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

ery effective, just as everyone > knows the people calling the government names are the same ones with > small botnets lying about. > Can't blame them, now that someone else is using their own tools > against them. > > > > > > On Fri, Jun 8, 2012 at 8:20 PM, Laure

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

On 6/8/12 2:08 PM, Григорий Братислава wrote: > On Fri, Jun 8, 2012 at 1:58 PM, Laurelai wrote: > >> And that brings us back to what are we going to do about the US Gov laying >> down in the same mud as the bad guys > I is detect narcissism Wesley. "what are we"

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

On 6/8/12 1:51 PM, Григорий Братислава wrote: > On Fri, Jun 8, 2012 at 1:47 PM, Laurelai wrote: > >> Congress shall make no law respecting an establishment of religion, or >> prohibiting the free exercise thereof; or abridging the freedom of speech, >> or of the press; or

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

On 6/8/12 1:48 PM, Ian Hayes wrote: > On Fri, Jun 8, 2012 at 1:36 PM, Laurelai <mailto:laure...@oneechan.org>> wrote: > > > All that is necessary /for evil to triumph/ is for good people to > do nothing. > > > The corollary to that argument is that *good

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

On 6/8/12 1:41 PM, Григорий Братислава wrote: > On Fri, Jun 8, 2012 at 1:36 PM, Laurelai <mailto:laure...@oneechan.org>> wrote: > > Excuse me but im a veteran who served 10 years in the Army and I > damn well earned my right to complain about how broken the system >

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

On Behalf Of Laurelai Sent: Friday, June 08, 2012 9:04 AM To: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran   On 6/8

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

On 6/8/12 11:38 AM, valdis.kletni...@vt.edu wrote: > On Thu, 07 Jun 2012 13:48:33 -0400, Ian Hayes said: >> On Thu, Jun 7, 2012 at 1:40 PM, andrew.wallace >> wrote: >>> On Tue, Jun 5, 2012 at 8:43 PM, wrote: One could equally well read that as "We're fed up and about to pound North Ko

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

On 6/7/12 1:48 PM, Ian Hayes wrote: > On Thu, Jun 7, 2012 at 1:40 PM, andrew.wallace > wrote: >> On Tue, Jun 5, 2012 at 8:43 PM, wrote: >>> One could equally well read that as "We're fed up and about to >>> pound North Korea even further back into the Stone Age". >> With Stuxnet, it was lucky no

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

On 6/7/12 4:44 AM, doc mombasa wrote: > why arent you out on the streets blowing up stuff and taking names? > be a rolemodel > > 2012/6/7 Laurelai mailto:laure...@oneechan.org>> > > On 6/7/12 12:05 AM, Ian Hayes wrote: > > On Wed, Jun 6, 2012 at 11:49 P

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

On 6/7/12 12:05 AM, Ian Hayes wrote: > On Wed, Jun 6, 2012 at 11:49 PM, Laurelai wrote: >> -BEGIN PGP SIGNED MESSAGE- >> Hash: SHA1 >> >> On 6/6/12 11:44 PM, valdis.kletni...@vt.edu wrote: >>> On Wed, 06 Jun 2012 23:22:32 -0400, Laurelai said: >>

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 6/6/12 11:44 PM, valdis.kletni...@vt.edu wrote: > On Wed, 06 Jun 2012 23:22:32 -0400, Laurelai said: > >> Guys can we focus on the fact that the US Government is en mass >> accessing computer systems without due process, and t

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

On 6/6/12 2:23 PM, Peter Dawson wrote: > haha..da retrun of da "farewell dossier" !! > > On Wed, Jun 6, 2012 at 2:21 PM, coderman > wrote: > > On Wed, Jun 6, 2012 at 11:16 AM, coderman > wrote: > > ... uncle sam has been up in yer

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

On 6/6/12 2:16 PM, coderman wrote: > On Wed, Jun 6, 2012 at 7:41 AM, Laurelai wrote: >> ... >> Is anyone else the least bit concerned that stuxnet was carried out by the >> US Government? > remember the siberian pipeline? uncle sam has been up in yer SCADA for > tw

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

On 6/6/12 9:20 PM, valdis.kletni...@vt.edu wrote: > On Wed, 06 Jun 2012 18:19:21 -0400, Andrew D Kirch said: >> I think you just identified it. buy rifles (I have, there's a Colt M4 >> Law Enforcement Carbine sitting next to me), but mortars (a bit >> difficult but not impossible to get) buy tanks

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

On 6/6/12 6:19 PM, Andrew D Kirch wrote: > On 6/6/2012 6:08 PM, valdis.kletni...@vt.edu wrote: >> You're a little bit confused here. It doesn't matter what "people" think. It >> matters what "the people with more rifles, mortars, tanks, and ammo than you" >> think. >> >> Unless you come up with a

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 6/6/12 6:08 PM, valdis.kletni...@vt.edu wrote: > On Wed, 06 Jun 2012 10:41:24 -0400, Laurelai said: > >> People seem to think that since the US Gov did it that makes it ok, well >> I do not think it does. Especially when they thr

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

On 6/6/12 12:18 PM, Charles Morris wrote: > On Wed, Jun 6, 2012 at 12:13 PM, Laurelai wrote: >> On 6/6/12 11:50 AM, Charles Morris wrote: >>>> I know for a fact HBGary was working with the NSA in regards to stuxnet. >>> I've never been all that good at spellin

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

On 6/6/12 11:50 AM, Charles Morris wrote: >> I know for a fact HBGary was working with the NSA in regards to stuxnet. > I've never been all that good at spelling... but am I wrong that > HBGary is an anagram for "posturing charlatan" ? > Alternatively: if this is true then we are even worse off tha

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

On 6/5/12 2:52 AM, Alexander Georgiev wrote: > http://en.wikipedia.org/wiki/Argument_from_ignorance > > Am 04.06.2012 21:01, schrieb Joel Esler: >> So, a quote, from a book? Isn't that kinda circular? >> >> Also, there are no quotes from anyone in the room and no one is >> referenced except by ass

Re: [Full-disclosure] cDc Created Hong Kong Blondes and 'Hacktivism' as a Media Hack

On 5/4/12 3:44 AM, PsychoBilly wrote: > [[ Laurelai ]] @ [[ 04/05/2012 10:30 > ]]-- > >> tl;dr > ❤ Should have ❤ > > ___ > Full-Disclosure - We believe in it. > Cha

Re: [Full-disclosure] cDc Created Hong Kong Blondes and 'Hacktivism' as a Media Hack

On 5/3/12 2:24 PM, Wei Honker wrote: > cDc Created Hong Kong Blondes and 'Hacktivism' as a Media Hack > > http://weihonker.tumblr.com/ > > Anonymous is a Lie > > Anonymous is a lie. Anonymous is built on a false foundation that > casts a pale shadow over anything and everything they attempt to > ac

Re: [Full-disclosure] Vulnerability in Gentoo hardened

On 4/25/12 5:08 AM, Benji wrote: > You should be paranoid if someone could construe what you're doing as illegal. > > On Wed, Apr 25, 2012 at 11:07 AM, Laurelai wrote: >> On 4/25/12 4:59 AM, Benji wrote: >>> And choosing to believe any of the other reasons when

Re: [Full-disclosure] Vulnerability in Gentoo hardened

On 4/25/12 4:59 AM, Benji wrote: > And choosing to believe any of the other reasons when you think you're > an '1337 hacker' and are involved in that world, is a personality > problem, end of. > > On Wed, Apr 25, 2012 at 10:58 AM, Laurelai wrote: >> On 4/25/1

Re: [Full-disclosure] Vulnerability in Gentoo hardened

Apr 25, 2012 at 10:52 AM, Laurelai wrote: >> On 4/25/12 4:48 AM, Benji wrote: >>> except it was rather obvious why. >>> >>> On Wed, Apr 25, 2012 at 10:27 AM, Laurelaiwrote: >>>> On 4/25/12 3:56 AM, Georgi Guninski wrote: >>>>> On Tu

Re: [Full-disclosure] Vulnerability in Gentoo hardened

On 4/25/12 4:48 AM, Benji wrote: > except it was rather obvious why. > > On Wed, Apr 25, 2012 at 10:27 AM, Laurelai wrote: >> On 4/25/12 3:56 AM, Georgi Guninski wrote: >>> On Tue, Apr 24, 2012 at 12:15:26PM -0400, valdis.kletni...@vt.edu wrote: >>>> On Tu

Re: [Full-disclosure] Vulnerability in Gentoo hardened

On 4/25/12 3:56 AM, Georgi Guninski wrote: > On Tue, Apr 24, 2012 at 12:15:26PM -0400, valdis.kletni...@vt.edu wrote: >> On Tue, 24 Apr 2012 17:36:55 +0200, Milan Berger said: >>> if you read his "advisories" and "0-days" you know: It's not a joke... >> I always thought it was misunderstood perform

Re: [Full-disclosure] Vulnerability in Gentoo hardened

On 4/25/12 3:56 AM, Georgi Guninski wrote: > On Tue, Apr 24, 2012 at 12:15:26PM -0400, valdis.kletni...@vt.edu wrote: >> On Tue, 24 Apr 2012 17:36:55 +0200, Milan Berger said: >>> if you read his "advisories" and "0-days" you know: It's not a joke... >> I always thought it was misunderstood perform

Re: [Full-disclosure] phpMyBible 0.5.1 Mutiple XSS

On 4/23/12 12:20 AM, BMF wrote: > On Sun, Apr 22, 2012 at 9:32 PM, Laurelai wrote: >> On 4/22/12 10:56 PM, BMF wrote: >>> Ezekiel 23:20 >>> >> Its Ezekiel 25:17.. > It sounded cool when he said it in the movie but I've never found any > Bible t

Re: [Full-disclosure] phpMyBible 0.5.1 Mutiple XSS

On 4/22/12 10:56 PM, BMF wrote: > Ezekiel 23:20 > > On Sun, Apr 22, 2012 at 12:59 PM, Thor (Hammer of God) > wrote: >> You dropped a FD on the BIBLE?? Dude, you're going straight to Hacker Hell! >> :) >> >> >> >> Timothy "Thor" Mullen >> www.hammerofgod.com >> Thor's Microsoft Security Bible

Re: [Full-disclosure] The Mystery of the Duqu Framework

On 3/10/12 2:16 PM, William Pitcock wrote: > On 3/10/2012 9:00 AM, 夜神　岩男 wrote: >> On 03/10/2012 03:51 AM, f...@deserted.net wrote: >> >>> http://www.securelist.com/en/blog/667/The_Mystery_of_the_Duqu_Framework >>> >>> Haven't seen this (or much discussion around this) here yet, so I >>> figured I'

Re: [Full-disclosure] The Mystery of the Duqu Framework

On 3/10/2012 9:00 AM, 夜神　岩男 wrote: > On 03/10/2012 03:51 AM, f...@deserted.net wrote: >> http://www.securelist.com/en/blog/667/The_Mystery_of_the_Duqu_Framework >> >> Haven't seen this (or much discussion around this) here yet, so I >> figured I'd share. > From the description, it looks like someo

Re: [Full-disclosure] The Mystery of the Duqu Framework

On 3/10/2012 4:36 AM, Sanguinarious Rose wrote: > Trying to cover up you being "told", that's Cute <3 > > On Sat, Mar 10, 2012 at 3:34 AM, Laurelai wrote: >> On 3/10/2012 4:31 AM, Sanguinarious Rose wrote: >> >> Not really, it looks like speculation

Re: [Full-disclosure] The Mystery of the Duqu Framework

to it, it is just that, 140 chars speculation. > > Told [x] > Not Told [ ] > > umad? > > On Sat, Mar 10, 2012 at 3:23 AM, Laurelai wrote: >> On 3/10/2012 4:13 AM, Sanguinarious Rose wrote: >>> Yea, I have been thinking on ideas for that as well, I see no one has

Re: [Full-disclosure] The Mystery of the Duqu Framework

On 3/10/2012 4:13 AM, Sanguinarious Rose wrote: > Yea, I have been thinking on ideas for that as well, I see no one has > thought outside the box yet. > > I would look into OO'ed C (www.planetpdf.com/codecuts/pdfs/ooc.pdf) as > being a possibility. Long before in the time when the mighty C++ was >

Re: [Full-disclosure] Stakeout: how the FBI tracked and busted a Chicago Anon

On 3/8/2012 12:23 PM, Elly_Tran_Ha wrote: > A few lessons I learned: > > 1. Don't use a Mac > 2. Don't use wireless > 3. Trust no one. > > On Wed, Mar 7, 2012 at 6:09 PM, Ivan .Heca > wrote: > > /"Yesterday, we learned that one of the top members of LulzSec > (Sab

Re: [Full-disclosure] Full disclosure is arrest of Sabu

On 3/6/2012 2:24 PM, Ferenc Kovacs wrote: > > 2011/7/25 Laurelai Storm <mailto:laure...@oneechan.org>> > > Oh and im not a part of lulzsec, FYI sabu tweeted 2 minutes ago > wtf are you on about sir? > > > maybe we could resurrect this thread. :) Sure

Re: [Full-disclosure] Anon war?- arrests

On 2/29/2012 8:45 AM, Christian Sciberras wrote: > "And we'd like to add that we are not crooks." - Anonymous. > > > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Sec

Re: [Full-disclosure] Eleventh Circuit Finds Fifth Amendment Right Against Self Incrimination Protects Against Being Forced to Decrypt Hard Drive Contents

On 2/27/2012 12:11 PM, valdis.kletni...@vt.edu wrote: > On Mon, 27 Feb 2012 01:38:56 MST, Sanguinarious Rose said: >> This isn't anything new > Yeah, the decision was released all the way back on Feb 23, four whole days > ago, that's practically last century in Internet time... > > So tell

[Full-disclosure] Eleventh Circuit Finds Fifth Amendment Right Against Self Incrimination Protects Against Being Forced to Decrypt Hard Drive Contents

http://www.ca11.uscourts.gov/opinions/ops/201112268.pdf ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] PHP Gift Registry 1.5.5 SQL Injection

On 2/24/2012 3:21 PM, ctrun...@christophertruncer.com wrote: > You only gave them two days to respond? > > > Chris > > > > On 24.02.2012 08:08, Thomas Richards wrote: >> # Exploit Title: PHP Gift Registry 1.5.5 SQL Injection >> # Date: 02/22/12 >> # Author: G13 >> # Software Link: https://sourcefor

Re: [Full-disclosure] Arbitrary DDoS PoC

On 2/14/2012 2:58 PM, Sanguinarious Rose wrote: > I do not understand why you are wasting time on an obvious troll to > downright, and I don't normally call people names but he well deserves > it, a retard. I think I ironically illustrated the fundamental flaw in > that you can't possibly generate

Re: [Full-disclosure] when did piracy/theft become expression of freedom

On 1/28/2012 6:55 PM, Christian Sciberras wrote: >> Actually, *most* bands that make money do so off the concert tours - tickets >> and >> tshirts is where the actual money is at, not the album sales. > So why bother with album sales in the first place? > > This is the same with free/commercial so

Re: [Full-disclosure] when did piracy/theft become expression of freedom

ht, remember? your > neighbour doesn't have a right to keep the internets to himself!!!). > > /rant > > > > > On Sat, Jan 28, 2012 at 10:33 PM, Laurelai <mailto:laure...@oneechan.org>> wrote: > > On 1/28/2012 3:13 PM, Julius Kivimäki wrote: &

Re: [Full-disclosure] when did piracy/theft become expression of freedom

On 1/28/2012 3:13 PM, Julius Kivimäki wrote: > Of course I wouldn't, downloading a car would be like stealing a car. > Piracy is horrible and all the boats used by the pirate scum should be > taken away. > > 2012/1/28 Laurelai mailto:laure...@oneechan.org>> > &

Re: [Full-disclosure] when did piracy/theft become expression of freedom

On this topic i saw this https://thepiratebay.org/torrent/6960965/1970_Chevelle_Hot-Rod_3d_model , real question is would you download a car if you could? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter

Re: [Full-disclosure] when did piracy/theft become expression of freedom

ng tools on a computer > in our possession will not get us arrested -- yet. > > > > The more you know... > > > > > > *From:*full-disclosure-boun...@lists.grok.org.uk > [mailto:full-disclosure-boun...@lists.grok.org.uk] *On Behalf Of *Laurelai > *Sent:* Friday,

Re: [Full-disclosure] Fw: when did piracy/theft become expression of freedom

On 1/27/12 4:12 AM, Jerry dePriest wrote: software "piracy" has been around for ever. I remember copying punch cards. It took forever and if you made one mistake hours of work was down the tubes. I had an apple II that we used "Disk Pirate" 1-11 to copy games, peach tree accounting software, et

Re: [Full-disclosure] when did piracy/theft become expression of freedom

On 1/27/2012 3:29 AM, Vipul Agarwal wrote: > Let's keep FD and Reddit apart! > > Regards, > Vipul > > Sent from my HTC > > - Reply message - > From: "Kai" > To: > Subject: [Full-disclosure] when did piracy/theft become expression of > freedom > Date: Fri, Jan 27, 2012 09:15 > > > Hello, >

Re: [Full-disclosure] when did piracy/theft become expression of freedom

ucer... I can't stand this sense of entitlement... > but oh well... I've just gotta tranform with the times i guess! > > On Fri, Jan 27, 2012 at 5:51 PM, Laurelai <mailto:laure...@oneechan.org>> wrote: > > On 1/27/2012 2:24 AM, Jerry dePriest wrote: >>

Re: [Full-disclosure] when did piracy/theft become expression of freedom

On 1/27/2012 2:24 AM, Jerry dePriest wrote: > im going to the 'benz dealer in the morning to express my 1st > amendment right... > > The Somalians are learning the hard way that it just isnt so... > > bma > > > ___ > Full-Disclosure - We believe in it

Re: [Full-disclosure] UFC.com

On 1/23/12 9:43 AM, Julius Kivimäki wrote: Oh god, my linux server buried underground with five feet of concrete just got rooted. This box has no internet connection, coincidence? I think not. (Also I'm a derpcat and can't into mailinglists with gmail) 2012/1/23 Laurelai ma

Re: [Full-disclosure] UFC.com

On 1/23/12 9:34 AM, Julius Kivimäki wrote: He is a god-tier hecker, like better than Chippy1337. ICMP remote root 0day imo. 2012/1/23 Laurelai mailto:laure...@oneechan.org>> On 1/23/12 7:14 AM, Ian Hayes wrote: > On Mon, Jan 23, 2012 at 4:37 AM, Julius

Re: [Full-disclosure] UFC.com

On 1/23/12 7:14 AM, Ian Hayes wrote: > On Mon, Jan 23, 2012 at 4:37 AM, Julius Kivimäki > wrote: >> Wat >> >> >> 2012/1/23 RandallM >>> Piracy retaliation taken on UFC.com >>> >>> Pinging ufc.com [50.116.87.24] with 32 bytes of data: >>> >>> Reply from 50.116.87.24: bytes=32 time=48ms TTL=52 >>>

Re: [Full-disclosure] Rate Stratfor's Incident Response

On 1/13/12 1:24 PM, Paul Schmehl wrote: > --On January 13, 2012 12:03:22 PM -0500 Benjamin Kreuter > wrote: > >> On Fri, 13 Jan 2012 10:37:31 -0600 >> Paul Schmehl wrote: >> >>> --On January 12, 2012 3:16:19 PM -0500 Benjamin Kreuter >>> wrote: >>> The law is not going to stop the really

Re: [Full-disclosure] Fwd: Rate Stratfor's Incident Response

ry about. Ethics and ethos are all very nice when you have nothing to lose, all to gain and no one depending on you... On Thursday, January 12, 2012 at 4:43 AM, Laurelai wrote: On 1/12/12 3:34 AM, doc mombasa wrote: i dont know if you ever worked for a big corporate entity? l

Re: [Full-disclosure] Rate Stratfor's Incident Response

On 1/12/12 11:21 AM, Ian Hayes wrote: > On Wed, Jan 11, 2012 at 9:57 AM, Benjamin Kreuter > wrote: >> -BEGIN PGP SIGNED MESSAGE- >> Hash: SHA512 >> >> On Tue, 10 Jan 2012 21:39:07 -0800 >> Ian Hayes wrote: >> >>> On Tue, Jan 10, 2012 at

Re: [Full-disclosure] Rate Stratfor's Incident Response

On 1/12/12 11:12 AM, valdis.kletni...@vt.edu wrote: On Wed, 11 Jan 2012 12:57:48 EST, Benjamin Kreuter said: The problem is that we have criminalized too much here. If some 14 year old comes to you and hands you supposedly secret documents, he is behaving very ethically -- he is telling you th

Re: [Full-disclosure] Fwd: Rate Stratfor's Incident Response

On 1/12/12 3:54 AM, doc mombasa wrote: and you are obviously blindly stuck on a point and has no idea how it actually works out there in "the real world" in small companies you have freedom and ability to execute in big companies not so much.. Den 12. jan. 2012 10.52 skre

Re: [Full-disclosure] Fwd: Rate Stratfor's Incident Response

On 1/12/12 3:49 AM, Ferenc Kovacs wrote: Well that's what you get when you let profit margins dictate security policy. You guys act pretty tough when you argue with each other online but you can't stand up to some corporate idiots? Sounds like this industry could benefit from

Re: [Full-disclosure] Fwd: Rate Stratfor's Incident Response

good idea (if you want to keep your job so you can pay your bills that is..) Den 12. jan. 2012 10.41 skrev Laurelai <mailto:laure...@oneechan.org>>: On 1/12/12 3:34 AM, doc mombasa wrote: i dont know if you ever worked for a big corporate entity? like kovacs wrote its

Re: [Full-disclosure] Fwd: Rate Stratfor's Incident Response

no profits in allocating resources to fix it and that webapp was the #1 money generator for that company Den 12. jan. 2012 10.29 skrev Laurelai <mailto:laure...@oneechan.org>>: On 1/12/12 3:27 AM, doc mombasa wrote: just one question why should they hire the "skiddi

Re: [Full-disclosure] Fwd: Rate Stratfor's Incident Response

it because they are angry at society" plop ive been there.. they do it for the lulz Den 11. jan. 2012 06.18 skrev Laurelai <mailto:laure...@oneechan.org>>: On 1/10/12 10:18 PM, Byron Sonne wrote: >> Don't piss off a talented adolescent with computer skills.

Re: [Full-disclosure] Fwd: Rate Stratfor's Incident Response

On 1/11/12 8:39 AM, Ferenc Kovacs wrote: Because the ones with the so called ethics either lack the technical chops or lack the enthusiasm to find simple vulnerabilities. Not very ethical to take a huge paycheck and not do your job if you ask me. If the only thing missing to secur

Re: [Full-disclosure] Fwd: Rate Stratfor's Incident Response

On 1/10/12 11:39 PM, Ian Hayes wrote: > On Tue, Jan 10, 2012 at 9:18 PM, Laurelai wrote: >> On 1/10/12 10:18 PM, Byron Sonne wrote: >>>> Don't piss off a talented adolescent with computer skills. >>> Amen! I love me some stylin' pwnage :) >>> >&

Re: [Full-disclosure] Fwd: Rate Stratfor's Incident Response

On 1/11/12 1:21 AM, valdis.kletni...@vt.edu wrote: > On Tue, 10 Jan 2012 23:18:40 CST, Laurelai said: > >> real opportunities for a career and they are often right. Microsoft >> hired some kid who hacked their network, it is a safe bet he isn't going >> to be causi

Re: [Full-disclosure] Fwd: Rate Stratfor's Incident Response

On 1/11/12 1:15 AM, Kyle Creyts wrote: How many of those engaged in these attacks _could_ actually fix the vulns they exploit? What is a good "rough estimate" in your opinion? On Jan 11, 2012 12:47 AM, "Laurelai" <mailto:laure...@oneechan.org>> wrote: On

Re: [Full-disclosure] Fwd: Rate Stratfor's Incident Response

On 1/10/12 11:32 PM, James Smith wrote: > Well I do agree with what you are stating. As I have seen incidents > like this happen to many times. > This mailing list is a big part of the IT Security community. > > > > -Original Message- From: Laurelai > Sent: Wedne

Re: [Full-disclosure] Fwd: Rate Stratfor's Incident Response

On 1/10/12 10:18 PM, Byron Sonne wrote: >> Don't piss off a talented adolescent with computer skills. > Amen! I love me some stylin' pwnage :) > > Whether they were skiddies or actual hackers, it's still amusing (and > frightening to some) that companies who really should know better, in > fact, do

Re: [Full-disclosure] Fwd: Fw: Who is behind Stratfor hack?

On 1/8/12 2:06 PM, valdis.kletni...@vt.edu wrote: > On Sun, 08 Jan 2012 11:16:59 CST, Laurelai said: > > He sent a copy to you too? My condolences. He comes up with the most > "interesting" conclusions sometimes. > >> If this turns out to be the person who hacked y

[Full-disclosure] Fwd: Fw: Who is behind Stratfor hack?

00:06:23 -0800 (PST) From: andrew.wallace Reply-To: andrew.wallace To: "Laurelai" - Forwarded Message - *From:* andrew.wallace *To:* "feedb...@stratfor.com" *Sent:* Saturday, December 31, 2011 1:50 AM *Subject:* Who is behind Stratfor hack? If this t

Re: [Full-disclosure] Fwd: Rate Stratfor's Incident Response

On 1/7/12 6:20 PM, valdis.kletni...@vt.edu wrote: > On Sat, 07 Jan 2012 17:37:44 CST, Laurelai said: >> Because they pay the kids to own them in a safe manner to show that > It's not as simple as all that. A good pen-tester needs more skills than just > how to pwn a se

Re: [Full-disclosure] Fwd: Rate Stratfor's Incident Response

On 1/7/12 5:31 PM, Ferenc Kovacs wrote: On Sun, Jan 8, 2012 at 12:03 AM, Laurelai <mailto:laure...@oneechan.org>> wrote: On 1/7/12 3:50 PM, valdis.kletni...@vt.edu <mailto:valdis.kletni...@vt.edu> wrote: On Sat, 07 Jan 2012 16:25:35 EST, Shyaam Sundhar said:

Re: [Full-disclosure] Fwd: Rate Stratfor's Incident Response

On 1/7/12 3:50 PM, valdis.kletni...@vt.edu wrote: On Sat, 07 Jan 2012 16:25:35 EST, Shyaam Sundhar said: Although, once they have gained popularity and to a stage where a garage office becomes a shop floor and a @home biz becomes a rent-a-million$-building office, it is time to shift priorities

Re: [Full-disclosure] Fwd: Rate Stratfor's Incident Response

On 1/7/12 2:48 PM, Ferenc Kovacs wrote: On Sat, Jan 7, 2012 at 8:10 PM, Jeffrey Walton > wrote: http://bolt.thexfil.es/84e9h!t was an interesting link - it demonstrated the pwnage. It looks like these folks gained

Re: [Full-disclosure] Fwd: Rate Stratfor's Incident Response

On 1/7/12 8:51 AM, Ed Carp wrote: > ROFL!!! > > -- Forwarded message -- > From: > Date: Sat, Jan 7, 2012 at 2:33 AM > Subject: Rate Stratfor's Incident Response > To: e...@pobox.com > > > For the video announcement, please see > http://www.youtube.com/watch?v=oHg5SJYRHA0 > Read full

  1   2   >