-BEGIN PGP SIGNED MESSAGE-
__
SuSE Security Announcement
Package:openssl
Announcement-ID:SuSE-SA:2003:011
Date:
Immunity, Inc. is pleased to announce the availability of
makeunicode2.py - a Python program that will encode arbitrary x86
shellcode into a valid unicode string. This program is available from
the BlackHat web site at
Looks to me like the story isn't gagged any longer:
http://news.bbc.co.uk/1/hi/england/2798029.stm
-
John Airey, BSc (Jt Hons), CNA, RHCE
Internet systems support officer, ITCSD, Royal National Institute of the
Blind,
Bakewell Road, Peterborough PE2 6XU,
Tel.: +44 (0) 1733 375299 Fax: +44
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mandrake Linux Security Update Advisory
Package name: webmin
Advisory ID:
Title: Cryptome Hacked!
Well, the mirror on lessgov is gone too.But http://cryptome.sabotage.org/is
still up, anyway. So you can see for yourself that they have PGP as the only
crypto product they offer. If they have altered it, anyone can see by comparing
the source, which they also provide
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mandrake Linux Security Update Advisory
Package name: shadow-utils
Advisory
Title: RE: [Full-Disclosure] Cryptome Hacked!
Third, the best method of ensuring the integrity of software right now
is signed crypographic checksums from someone you trust.
What would you use to generate that checksum? Can you trust the software
used to generate the checksum? How can you
Title: Cryptome Hacked!
Let me turn around the issue a bit -
any crypto software distributed with the blessing or very active support in
development of the Powers That Are in No Such Agency
That
is my point exactly. Anybody foolish enough to think that the US govt
would allow unbreakable
On Wed, 26 Feb 2003, Sung J. Choe wrote:
: Third, the best method of ensuring the integrity of software right now
: is signed crypographic checksums from someone you trust.
:What would you use to generate that checksum? Can you trust the software
:used to generate the checksum? How can you
You posed a general question;
This brings up the following question: What is the best method for
ensuring the integrity of software which require a high
level of trust?
I answered in general terms.
But to be particular, I know nothing of this person
or his software.
Is the sourcecode
RE: [Full-Disclosure] Cryptome Hacked! a) What do you mean by leftist?
By scrutinizing some of the occasional statements made by persons posting
at cryptome, one can assume that the politics of the site operators leans
towards the left. Read the message traffic generated by The practical
From the group charter:
Politics should be avoided at all costs.
So discussion about the discussion of politics is ok
but discussion of politics is not?
8-/
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Kevin Spett
Sent: Thursday, 27 February
On Tue, Feb 25, 2003 at 08:07:08AM -0600, H D Moore wrote:
On Monday 24 February 2003 08:09 pm, Michael Jennings wrote:
I'm not sure what vendor coordination was done, but I know I was
never contacted. Just FYI.
The vendor coordination was done through the vendor-sec mailing list with
-BEGIN PGP SIGNED MESSAGE-
__
SGI Security Advisory
Title: Buffer Overrun Vulnerability in /sbin/ps
Number : 20030202-01-I
Date : February 26, 2003
Reference: CVE-1999-0301
Instead of replying to the arrant nonsense deposited here by someone who
should know not to bother his betters, we should all offer our sympathy and
respect to one of the few men of integrity. John Young is a successful
architect, who pays for cryptome and related efforts out of his pocket. He
15 matches
Mail list logo
