Dear you-know-who,
On Wed, Jan 14, 2009 at 5:14 PM, andrew. wallace
andrew.wall...@rocketmail.com wrote:
If cyber war is just web site defacement then I don't think we ever
need to take cyber war too seriously.
Starting -- all of a sudden, with wrong and fallacious premises cannot
obviously
Can't you google it?
On 12/18/08, xyberpix xyber...@xyberpix.com wrote:
Hi all,
Does anyone have contact details for anyone at Google's security
department at all?
TIA
xyberpix
___
Full-Disclosure - We believe in it.
Charter:
On Tue, Nov 11, 2008 at 12:57 PM, n3td3v [EMAIL PROTECTED] wrote:
Yup, pointless thread that was going no where.
Really, Mr n3td3v?
--
Marcio Barbado, Jr.
___
Full-Disclosure - We believe in it.
Charter:
On Fri, Nov 7, 2008 at 6:23 AM, Andrew A [EMAIL PROTECTED] wrote:
I was recently having an ethics debate where someone said that Christianity
was just what the greeks taught, but dumbed down. I heartily disagreed,
and I wanted to put my reasons to text while I still remembered them.
No
Again,
you're trying to solve an issue looking at the consequences, whereas
your license scheme suggestion should lay on the causes;
as I wrote before, focusing consequences in this case, brings along no
easy solutions.
And by the way, why insistently and specifically targeting Metasploit?
That
Dear n3td3v, the dreamer,
concerning your suggestion -- which is a noble one -- in a wider context,
you'd better start with two things:
* writing a whole new set of protocols to be used over a whole new
independent backbone infrastructure; and
* convincing the world to forget about TCP.
Any OSI-based set, but without enforcing security-through-obscurity concepts.
Maybe adapting some Bell-LaPadula ideas.
There are lots of models to discuss about. The real question however is:
can we start fresh?
On Mon, Oct 13, 2008 at 1:57 PM, Buhrmaster, Gary [EMAIL PROTECTED] wrote:
*
Well you should if:
* you are concerned with the awfully insecure programming
methodologies imposed by the industry and its productiveness thirst,
sadly being held as acceptable; and/or
* you are a Google Calendar, Orkut and/or Locamail user.
If by one side, the industry induces Internet
What Lexical Analysis Became in The Web-Slave New World
The point here is XSS, but rather than talking about the Internet
weaknesses it exposes, this text goes against the poor algorithms
being used to detect and/or avoid it.
Hazardous XSS. Hazardous low-quality-XSS-filtering. These are critical
Moreover, using a CA would not constitute any good solution.
Check out Schneier's blog entry on this:
http://www.schneier.com/blog/archives/2008/09/how_to_clone_an.html
[]s
On 10/1/08, Ed Carp [EMAIL PROTECTED] wrote:
On Tue, Sep 30, 2008 at 11:50 PM, Tonnerre Lombard
[EMAIL PROTECTED]
Greetings,
Locaweb is the name of the most prominent web hosting organization in
Brazil. It was founded in 1998 and hosts more than 260 thousand
domains today, according to its main website:
http://www.locaweb.com.br/
Unfortunately, not big enough to respect its customers.
Locaweb seems to be
Hello simon,
On 9/27/08, Simon Smith [EMAIL PROTECTED] wrote:
What should the security company do?
There is not a drive-thru, general answer for such.
It depends on the guidelines and philosophies each company
stablished for itself to follow, previously. And more important, it
depends on each
Cool, let's horse around with some social engineering techniques
applied to Dietmar's help desk staff.
LOL
On Wed, Sep 17, 2008 at 11:38 AM, Razi Shaban [EMAIL PROTECTED] wrote:
On Wed, Sep 17, 2008 at 6:01 AM, Dietmar Haßelkus
[EMAIL PROTECTED] wrote:
I will be out of the office starting
Well, things keep happening to Safari as a matter of fact.
On 9/3/08, James Matthews [EMAIL PROTECTED] wrote:
The same thing happened to safari when it came out on windows.
On Tue, Sep 2, 2008 at 5:13 PM, Larry Seltzer [EMAIL PROTECTED]
wrote:
Holy crap, a crash bug in a beta browser!
On 8/26/08, Line Noise [EMAIL PROTECTED] wrote:
The B there stands for British, so there it is.
Some ISO's servers (from which downloads are done) are located in
Switzerland, Geneva specifically.
--
Marcio Barbado, Jr.
___
Full-Disclosure - We
Dear n3td3v, the person =)
I really appreciate your left wing point of view but you need to
understand one thing:
FD's a free list and all but it's not a blog.
Nothing personal,
On 5/17/08, n3td3v [EMAIL PROTECTED] wrote:
On Sat, May 17, 2008 at 7:38 PM, n3td3v [EMAIL PROTECTED] wrote:
LOL just get back to work, will ya.
boy, who needs damn commercial comedy? I was supposed to be studying
your stuff but I can't help laughing like a maniac LOL
On 5/2/08, reepex [EMAIL PROTECTED] wrote:
no one cares what a CISSP has to say
On Fri, May 2, 2008 at 9:44 PM, John C. A. Bambenek,
Throwaway1,
now that your first argumentative pillar succumbed, you dastardly hide
yourself behind false interpretations on Resolutions 1441 and 687. Not
to mention your silly move, approaching Resolution 678 to the former
ones.
Convenient and biased interpretations! That's what your law
Throwaway1,
there is absolutely no sense in evoking 1990's UN-authorized action
to justify 2003's UN's-Security-Council-unauthorized-and-illegal invasion.
Your childish reasoning is no more than a poor attempt of sophistic
argumentation.
Yours sincerely,
On 3/26/08, [EMAIL PROTECTED] [EMAIL
Dear list,
I was studying this passphrase creation method called Diceware:
http://world.std.com/~reinhold/diceware.html
In it, one rools a common dice five times, write down the results, in
a sequential manner, and then check the suggested word in the
DICTIONARY they provide.
You got that? The
jf,
if your analogy was somehow decent, it would consider the police
giving citizens some shotguns since the Diceware dictionary is freely
available for download.
On Wed, Mar 12, 2008 at 11:49 PM, jf [EMAIL PROTECTED] wrote:
police officers (in the states) wear bullet proof vests because
No,
that fuel on the fire was so inopportune.
A default browser setting matter, Nate.
Other programs also open it up, when set to default.
On 1/17/08, Nate McFeters [EMAIL PROTECTED] wrote:
Not to through fuel on the fire, but wouldn't that XSS actually be in IE,
since IE is what opens the
Guess Fredrick's sarcastic and cynical suggestion is:
xss-like menaces seems as unstoppable as this web-slavery the industry imposes.
Well, if so, I agree.
On 1/17/08, BlackHawk [EMAIL PROTECTED] wrote:
==
4) Fix
==
Notepad should be rewritten to filter potentially dangerous
Wouldn't it be more beneficial (and maybe ethical as well) if one could just
start putting PoCs or whatever inside the message's body?
On 12/7/07, Aaron Katz [EMAIL PROTECTED] wrote:
Could you please explain the vulnerability? When I test, and I submit
a correct response to the CAPTCHA, I'm
whats up with this goddam Vitale-moron?!
... I don't have time for that shit!... (Trinity'd say)
muthafuckin-captain-obvious cryin baby!
On 10/20/07, phioust [EMAIL PROTECTED] wrote:
which replies of mine have been uneducated or nasty? after i see a list of
these and proof of their nastiness i
On 10/10/07, pdp (architect) [EMAIL PROTECTED] wrote:
http://www.gnucitizen.org/blog/0day-hacking-secured-citrix-from-outside
All an attacker needs to do to exploit the weakness is to lure
a victim
no way!!! really?!
--
Marcio Barbado, Jr.
___
by the way,
you perform pentesting with non-transparent-code...
...
legally talking,
how the hell those professionals assure 100% trustable results?
get outta here...
On 10/5/07, Kristian Erik Hermansen [EMAIL PROTECTED] wrote:
Has anyone upgraded to Core Impact 7.5 and utilized the web
On 6/16/07, William Lefkovics [EMAIL PROTECTED] wrote:
I wish I knew more about it when I was younger living in
Vancouver. Walking
downtown, shady looking characters would walk past and whisper under their
breath... hash?
well,
guess that sort of hash also produces confusing outputs aint
damn man,
you complicate it so much.
right now,
Deepan is more confused than before.
like,
Hey Deepan, in order to kill that mosquito we have this missile and...
Math is simple,
and so must be the explanations surrounding it.
the thing is,
many different strings can result in the same, say md5
cool,
HD Moore started a thread,
yeah, lets reply the more we can!!!
On 6/6/07, Kradorex Xeron [EMAIL PROTECTED] wrote:
On Wednesday 06 June 2007 09:47, H D Moore wrote:
Hello,
Some friends and I were putting together a contact list for the folks
attending the Defcon conference this year
DRM != security
and you are absolutely correct
because
cryptography == fun
0.01cts... your change, monsieur.
On 5/17/07, Guasconi Vincent [EMAIL PROTECTED] wrote:
On 5/17/07, M. B. Jr. [EMAIL PROTECTED] wrote:
well,
since no one mentioned yet...
here is the hex sequence 09 F9 11 02
well,
since no one mentioned yet...
here is the hex sequence 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88
C0, already famous key for breaking HD-DVDs' Advanced Access Content
System and Blu-Ray as well, thanx to Doom9 team.
no more workarounds...
whats DMCA again...?
--
Marcio Barbado, Jr.
haha modern days underground survivors!
viva mr. Corley-Goldstein!
On 3/1/07, James Matthews [EMAIL PROTECTED] wrote:
Great i cannot wait!
On 2/28/07, Steven McGrath [EMAIL PROTECTED] wrote:
The March Chicago 2600 Meeting is near! The meeting will be Friday,
March 2nd at the Neighborhood
On 2/19/07, Juergen Fiedler [EMAIL PROTECTED] wrote:
you can't readily get to the source
code for the form action because it is done in some sort of server
side scripting (CGI, PHP, ASP, whatever...) that can't readily be
viewed from the client side.
Can't readily be viewed BUT that part is
social-engineering-beggars...
On 2/16/07, Andres Riancho [EMAIL PROTECTED] wrote:
Hi,
For a research i'm doing I need a somehow big(around 100 would be
nice...) amount of phishing sites html code . I have googled for them but I
only get a lot of screenshots of those sites, not the actual
Summarizing, V Vendetta wrote:
do you have the time to listen to me whine about nothing and everything all
at once?
Billy Joe?! Is that you?
On 1/24/07, endrazine [EMAIL PROTECTED] wrote:
Could you please please move to alt.politics.personal.statements.on.drugs ?
On 1/3/07, Jim Manico [EMAIL PROTECTED] wrote:
I'm most worried about the CSRF vector.
how come?
this is client-side stuff.
--
Marcio Barbado, Jr.
==
==
___
Full-Disclosure - We believe in it.
Charter:
Hello gentlemen, I'm new to the list.
Hope I can contribute and learn.
Just want to share this thing I'm studying right now.
It promises to be an interesting initiative from veteran researcher HD Moore, founder of Metasploit.
http://projects.info-pull.com/mokb/
Sort of didactic also.
// best
38 matches
Mail list logo