Re: [Full-disclosure] NSOADV-2010-002: Google Wave Design Bugs
inb4 front page news 2010/1/21 bugt...@cgisecurity.net Well, that's exactly what I'm saying. Pretending that this is some kind new exploit class simply because Google Wave is used is stupid. This is the logical extension of e-mail and instant message and social network attacks to the next potential platform. Following in the history of the security community, we should coin a buzzword on this old issue with a new spin. WaveJacking sounds like a perfect fit. /sarcasm On Tue, Jan 19, 2010 at 8:10 PM, valdis.kletni...@vt.edu wrote: On Tue, 19 Jan 2010 19:01:36 CST, Rohit Patnaik said: Yeah, no kidding. Surprise! Untrusted files can be malicious. If you accept files from those whom you do not trust, whether its via e-mail, instant message, Google Wave, or physical media, you well and truly deserve the virus that'll eventually infect your machine. Let's see.. *HOW* many years ago did we first see e-mail based viruses that depended on people opening them because they came from people they already knew? 'CHRISTMA EXEC' in 1984 comes to mind. The problem here is that Google Wave is for *collaboration* - which means that you're communicating with people you already know, and presumably trust to some degree or other. Hey Joe, look at this PDF and tell me what you think is something reasonable when the request comes from somebody who Joe knows and who has sent Joe PDF's in the past. I guarantee that if every time you receive a document that appears to be from your boss, you call back and ask if they really intended to send a document or if it's a virus, your boss will get very cranky with you very fast. Let's look at that original advisory again: An attacker could upload his malware to a wave and share it to his Google Wave contacts. Now change that to An attacker could trick/pwn some poor victim into uploading the malware to a wave Hilarity ensues. --000e0cd2e002580025047da0b22e Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Well, that#39;s exactly what I#39;m saying.=A0 Pretending that this is so= me kind new exploit class simply because Google Wave is used is stupid.=A0 = This is the logical extension of e-mail and instant message and social netw= ork attacks to the next potential platform.br br-- Rohit Patnaikbrbrdiv class=3Dgmail_quoteOn Tue, Jan 19, 2010= at 8:10 PM, span dir=3Dltrlt;a href=3Dmailto: valdis.kletni...@vt.e= duvaldis.kletni...@vt.edu/agt;/span wrote:brblockquote class=3Dg= mail_quote style=3Dborder-left: 1px solid rgb(204, 204, 204); margin: 0pt= 0pt 0pt 0.8ex; padding-left: 1ex; div class=3DimOn Tue, 19 Jan 2010 19:01:36 CST, Rohit Patnaik said:br gt; Yeah, no kidding. =A0Surprise! Untrusted files can be malicious. =A0If= youbr gt; accept files from those whom you do not trust, whether its via e-mail,= br gt; instant message, Google Wave, or physical media, you well and truly de= servebr gt; the virus that#39;ll eventually infect your machine.br br /divLet#39;s see.. *HOW* many years ago did we first see e-mail based vi= ruses thatbr depended on people opening them because they came from people they already= br knew? =A0#39;CHRISTMA EXEC#39; in 1984 comes to mind.br br The problem here is that Google Wave is for *collaboration* - which meansb= r that you#39;re communicating with people you already know, and presumably= br trust to some degree or other. quot;Hey Joe, look at this PDF and tell me= br what you thinkquot; is something reasonable when the request comes from so= mebodybr who Joe knows and who has sent Joe PDF#39;s in the past.br br I guarantee that if every time you receive a document that appears to be fr= ombr your boss, you call back and ask if they really intended to send a document= orbr if it#39;s a virus, your boss will get very cranky with you very fast.br br Let#39;s look at that original advisory again:br div class=3Dimbr gt;gt; An attacker could upload his malware to a wave and share it to his= br gt;gt; Google Wave contacts.br br /divNow change that to quot;An attacker could trick/pwn some poor victim= into uploadingbr the malware to a wavequot; =A0Hilarity ensues.br br br br /blockquote/divbr --000e0cd2e002580025047da0b22e-- --===1022691582== Content-Type: text/plain; charset=us-ascii MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ --===1022691582==-- http://www.cgisecurity.com/ ___ Full-Disclosure - We
Re: [Full-disclosure] PHC is _NOT_ DEAD !!!!
why you gotta say shit like that my spamfilter is crying now 2010/1/22 Rohit Patnaik quanti...@gmail.com Heh. I agree, but only because this month has been a fairly quiet one regarding n3td3v drama. --Rohit Patnaik On Thu, Jan 21, 2010 at 10:20 AM, Christian Sciberras uuf6...@gmail.comwrote: Vote +1 for message of the month award. On Thu, Jan 21, 2010 at 2:22 PM, p...@hushmail.com wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 peep game nigga, peep game, feel us ! - --Phrack High Council -BEGIN PGP SIGNATURE- Charset: UTF8 Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 3.0 wpwEAQMCAAYFAktYVRAACgkQPBffzoCVnANW3QP9EMxg0GLjH2DfaH7sAsH/0UsrBQz+ yo+ob4Qy8hF373vHTy0GjTxLYPPYuT58xUEwdzO/vnHNJlGkWjbCucnJiQj3hAdXZ/R/ fYQP1Kg978//PDBMyTUBRCwIafjELdhHgUl3a7nR7dlRsu8hRx6ebHncw0+HmfW95uhY VpjBPQ4= =AsaL -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Two MSIE 6.0/7.0 NULL pointer crashes
Fuck yeah. Mozilla would be able to hire a few more developers, excellent! I've always felt that they're held back by an overly small development team - while this results in a clean, stable, fast browser, it means they can't support enough other stuff :( Oh... wait... 2010/1/21 James Matthews nytrok...@gmail.com Why doesn't microsoft throw some of it's weight behind Mozilla and ditch IE forever. It doesn't suit their image. On Wed, Jan 20, 2010 at 6:30 AM, Christian Sciberras uuf6...@gmail.comwrote: On my IE6 this doesn't work (crash), but it does on IE7. I'm on WinXP Pro SP3 DEP+. On Wed, Jan 20, 2010 at 11:57 AM, Berend-Jan Wever berendjanwe...@gmail.com wrote: Two NULL pointer crashes, they do not affect MSIE 8.0. Repros can be found here: http://skypher.com/index.php/2010/01/20/microsoft-internet-explorer-6-07-0-null-pointer-crashes/ Cheers, SkyLined http://skypher.com/index.php/2010/01/20/microsoft-internet-explorer-6-07-0-null-pointer-crashes/ Berend-Jan Wever berendjanwe...@gmail.com http://skypher.com/SkyLined ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- http://www.astorandblack.com -- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] NSOADV-2010-002: Google Wave Design Bugs
This is the stupidest advisory I have read on this list in at least two months. 2010/1/19 NSO Research nso-resea...@sotiriu.de _ Security Advisory NSOADV-2010-002 _ _ Title: Google Wave Design Bugs Severity: Low Advisory ID:NSOADV-2010-002 Found Date: 16.11.2009 Date Reported: 18.11.2009 Release Date: 19.01.2010 Author: Nikolas Sotiriu (lofi) Mail: nso-research at sotiriu.de URL:http://sotiriu.de/adv/NSOADV-2010-002.txt Vendor: Google (http://www.google.com/) Affected Products: Google Wave Preview (Date: = 14.01.2010) Not Affected Component: Google Wave Preview (Date: = 14.01.2010) Remote Exploitable: Yes Local Exploitable: No Patch Status: partially patched Discovered by: Nikolas Sotiriu Disclosure Policy: http://sotiriu.de/policy.html Thanks to: Thierry Zoller: For the permission to use his Policy Background: === Google Wave is an online tool for real-time communication and collaboration. A wave can be both a conversation and a document where people can discuss and work together using richly formatted text, photos, videos, maps, and more. (Product description from Google Website) Description: All this possible attacks are the result of playing 4 hours with Google Wave. I didn't check all the funny stuff, which is possible with the Wave. 1. Gadget phishing attack: -- The Google Wave Gadget API can be used for phishing attacks. An attacker can build his own phishing Gadget, share it with his Google Wave contacts an hopefully get the login credentials from a user. This behavior is normal. The Problem is, that this bug makes it easier to steal logins. 2. Virus spreading attack: -- Uploads Files are not scanned for malicious code. An attacker could upload his malware to a wave and share it to his Google Wave contacts. Proof of Concept : == A proof of concept gadget can be found here: http://sotiriu.de/demos/phgadget.xml Solution: = 1. No changes made here. Workaround: Don't trust Waves. 2. Google builds in AV scanning. Disclosure Timeline (/MM/DD): = 2009.11.16: Vulnerability found 2009.11.17: Sent PoC, Advisory, Disclosure policy and planned disclosure date (2009.12.03) to Vendor 2009.11.23: Vendor response 2009.12.01: Ask for a status update, because the planned release date is 2009.12.03. 2009.12.03: Google Security Team asks for 2 more week to patch. 2009.12.03: Changed release date to 2009.12.17. 2009.12.15: Ask for a status update, because the planned release date is 2009.12.17. = No Response 2009.12.21: Ask for a status update. 2009.12.29: Google Security Team informs me, that there are no changes made before 2010.01.03. 2010.01.14: Google Security Team informs me, that uploaded files will be now scanned for malware. Google Gadgets will be not updated. 2010.01.19: Release of this Advisory ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Google Maps XSS (currently unpatched)
ah, Google... the only company in IT that can have an unpatched vulnerability released to the world and get good publicity out of it. Don't get me wrong, I'm not in the GoogleSucksAndIsEvil crowd... I have friends that work for them, and I like to see a company like them doing well. Still, I can't help but suspect that one day in 50 years, Larry Page is going to be lying on his deathbed when out of a puff of smoke appears the Devil, who raises his trident and says So, Mr Page, about that soul you signed away... On 13/01/2010, Robin Sage robin.s...@rocketmail.com wrote: Google was quick on that one! It worked an hour and a half ago. - Robin From: gaurav baruah baruah.gau...@gmail.com To: full-disclosure@lists.grok.org.uk Sent: Tue, January 12, 2010 6:20:32 AM Subject: [Full-disclosure] Google Maps XSS (currently unpatched) Google Maps XSS (currently unpatched) Discovered By - Pratul Agrawal (pratu...@gmail.com) Gaurav Baruah (baruah.gau...@gmail.com) PoC - http://maps.google.com/maps?f=qsource=s_qhl=engeocode=q=%3Cscript%3Ealert(%22Google%20Sucks%20!%22)%3C/script%3Evps=1sll=28.613554,77.20906sspn=0.009136,0.013797ie=UTF8 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Surge in Skype Spam activity
h, shall I click a tinyurl coming from a f-d poster? n/n, pick one this is email, not twitter. if you're sharing a legitimate link, there's no reason not to directly link to it. 2010/1/11 Chen Levkovich chen.levkov...@securityextension.com Surge in Skype Spam activity. http://tinyurl.com/yc38trm ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled
Oops, Milan - you did it again. You remind me of those IRC users that feel the need to publicly announce that they're placing someone on IGNORE... and then never actually do it, because then the ignored user might say something mean about them and the IGNORing user wouldn't be able to make their awesome comeback. If your grammar and syntax are as bad in programming languages as in English, you must be a real liability to employ. 2009/12/16 Milan Berger m.ber...@project-mindstorm.net On Wed, 16 Dec 2009 00:54:44 +1100 dramacrat yirim...@gmail.com wrote: *first at all, send to the list please not to me personally and list in cc.* * * *Ignoring the grammar, that's exactly what you just did. And what I just did, because that's default client behavior on a Reply-To-All. * my junk filter feels happy to get more morons. -- Kind Regards Milan Berger Project-Mindstorm Technical Engineer -- project-mindstorm.net Humboldtstrasse 69 90459 Nuremberg Germany Tel.: +49 911 27 56 381 Mob.: +49 176 22 98 76 02 http://www.project-mindstorm.net http://www.digital-bit.ch twitter: http://twitter.com/twit4c ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled
*first at all, send to the list please not to me personally and list in cc.* * * *Ignoring the grammar, that's exactly what you just did. And what I just did, because that's default client behavior on a Reply-To-All. * 2009/12/16 Milan Berger m.ber...@project-mindstorm.net Hi Vlad, first at all, send to the list please not to me personally and list in cc. (a) If you have a better way than a Tor proxy to avoid DNS leaks from programs that don't DNS-proxy themselves, feel free to actually *tell* us what it is, rather than just babble they aren't the best way. Given you got the *other* point totally wrong, we have no reason to believe a content-free 'not the best way' unless you actually have an evaluatable statement like 'XYZ is better'. I think there are better ways than TOR this is what I actually said. 'not the best way' meant TOR. Hope this explains it much better. -- Kind Regards Milan Berger Project-Mindstorm Technical Engineer -- project-mindstorm.net Humboldtstrasse 69 90459 Nuremberg Germany Tel.: +49 911 27 56 381 Mob.: +49 176 22 98 76 02 http://www.project-mindstorm.net http://www.digital-bit.ch twitter: http://twitter.com/twit4c ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft: ‘Piracy no longe r poses a threat to us’
Hahaha. How many legit copies of Windows 7 Ultimate have they sold? Three? Or was it four? I guess this is their way of competing with free software... making *their* software free (yes, yes, money-free vs freedom-free, i know) except to those thick enough (or lawsuit vulnerable enough, ie governments and corporations) to pay. 2009/12/3 S/U/N s@free.fr Sure, dude, please just STEAL my soft, that's gonna kill competitors IE: what happend to PaintShopPro vs Photoshop? Cluster #[[ Ivan . ]] possibly emitted, @Time [[ 03/12/2009 06:24 ]] The Following #String ** In a recent interview, managing director of Microsoft Philippines Inc., John Bessey, has claimed that piracy no longer poses a threat to the software giant. http://freakbits.com/microsoft-piracy-no-longer-poses-a-threat-to-us-1202 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] more on that
well, all that really depends on the theory that the OP actually read it prior to executing it. 2009/11/26 Andrew Farmer andf...@gmail.com On 24 Nov 2009, at 13:41, Tyler Durten wrote: And this is what I'm talking about: http://seclists.org/fulldisclosure/2005/Apr/412 ... which reads, in part: main() { //Section Initialises designs implemented by mexicans //Imigrate system(launcher); system(netcat_shell); system(shellcode); I can understand possibly overlooking something clever (like a fake exploit that buffer-overflows itself), but this isn't even marginally subtle. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Remote DoS condition in harbour.pl
Versions of harbour.pl (up to and including build 1941) are vulnerable to a remote Denial of Service attack. Spamming zeroes (null packets) to port 1207 results in a large portion of system resources being tied up. Please update to build 1945 as soon as possible. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Meet Kurt Greenbaum, Director of Social Media, St. Louis Post-Dispatch, Reports commenter to employer.
They're ORs, unfortunately. The language is unclear but it seems to be one of those infernal boilerplate pieces of shit that basically invalidate the assurances as to privacy. You could still probably press the suit. Unauthorised use has recently been defined and redefined, it's an evolving piece of law and if you have the resources to get a jury trial they'll *want* to find in favor of the plaintiff, which is more important than you might expect. 2009/11/20 mrx m...@propergander.org.uk -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Michael Holstein wrote: What Greenbaum did was against the privacy policy of the site: You seem to be missing the part where the comment was removed (several times) and re-posted. From : http://www.stltoday.com/help/privacy-policy ..to protect against misuse or unauthorized use of our web sites Cheers, Michael Holstein Cleveland State University So what? Ban the IP address. Admittedly a childish comment but the site is hardly one that is frequented by children. imho Mr K. Greenbaum should be fired and sued. And Mr Holstein you seem to be using your quote above out of context... Compliance with Legal Process We may disclose personal information if we or one of our affiliated companies is required by law to disclose personal information, or if we believe in good faith that such action is necessary to comply with a law or some legal process, to protect or defend our rights and property, to protect against misuse or unauthorized use of our web sites or to protect the personal safety or property of our users or the public. INAL, however I ask where is the legal process in this matter? regards mrx - -- I am not an expert, I have much to learn, I make mistakes. My words are just opinions which may or may not reflect the truth. Be kind to others, yet trust no one. http://www.propergander.org.uk -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBSwXFRrIvn8UFHWSmAQIwtwf/VNGjwG1wW7wd2BlUYf1XiQyG+DnjUGwQ GLrHcda/hGBw912diOjSGfVEe3jZSgfrK3SAH2lIrRfMK/I+n6IJxzKOks41Ojmo 14DsWiuc/58aAF1Y0heK94Wm1jfzIqMx9GjR7iKLKKAW94YULyCh90xRgwIToNeO WsxT0wP+f5XvZubCpXPVRGQV42XW1kg84t5dzPZXkjiii5dL6hSF7XBOLOrBejry EMw+Eh3RUy1Jm4pjlzOwOUhm0BlHdYwzf+GPNs7X+wCE975gZ6K5P8T+UdvJP7nT qL/jC7S8qNyVi2SBlURKLRaJm50GYv/dY9QDFLwWklcflymw67fMkw== =tE1f -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] How Prosecutors Wiretap Wall Street
The only property in a tweet or email is intellectual property, and that remains the property of the sender... in my jurisdiction, at least, which isn't even a US one. Also, this is the most pathetic nerd-fight I have seen for many a year. 2009/11/10 Paul Schmehl pschmehl_li...@tx.rr.com I fail to see how that applies. The law of bailment basically means that you continue to own a possession, the physical possession of which you *temporarily* grant to another party. (Allowing someone to drive your car, for example, but expecting them to return it when they're done.) When you send a twitter or email, etc., you don't have any intention of continuing to possess the property. The reason you sent the communication is so that someone else could *receive* it from you, not so they could watch it for you temporarily. When you send a letter to someone you don't continue to possess the letter. The recipient does. --On Monday, November 09, 2009 10:40 AM -0500 glenn.everh...@chase.com wrote: The law of bailment applies, I would submit, to information sent on wires. The act of sending something out is not handing it to the public domain (though it may arrive in the public domain, depending on intent). However the law of bailments seems to have been ignored by many, even though it has been around for hundreds of years. (mind: I am not a lawyer - have just read some books - and speak for myself.) -Original Message- From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Paul Schmehl Sent: Saturday, November 07, 2009 8:53 PM To: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] How Prosecutors Wiretap Wall Street --On November 7, 2009 4:06:42 PM -0600 mikelito...@hushmail.com wrote: But to gather intelligence about what terrorists are up to, even if a US citizen is involved, should not require a warrant. This is all well and good, until the definition of terrorist is changed and you become labeled a terrorist because your reason is suddenly counterproductive to someone else's opinion. You must apply the warrant requirement consistently. Otherwise, when interpretation of the word terrorist changes, it affects the meaning of the law. Sure. I agree with that. I think it's also important that law enforcement activities have much more stringent requirements than military intelligence has. The former is directed toward citizens, the latter toward enemies the military has to deal with. And call me crazy, but I'm just not willing to assume that someone won't abuse the power of being able to surveil US citizens and do exactly what Nixon did, spy on their competition/detractors. Surely you can admit that some people do things that they wouldn't normally do when big money and big power are involved. After all, Those who cannot learn from history are doomed to repeat it. Don't be so naive to think it can't happen again. Of course. I've never said they didn't. In fact I've stated that people in government have the same range of motives that people not in government have, including the seven deadly sins, if you will. But I've also pointed out that they are not totally evil either, as some seem to think. There are also good people in government just as there are in every other walk of life. Intelligence works best in a world of secrecy. So does deception. Significantly more so, in fact. As I've pointed out now several times, it's analogous to people that get all hot and bothered by the fact that admins have access to the data on their computers. Yes, but that computer probably doesn't belong to me but instead to my employer. If it belongs to me, you better have a policy that prevents me from using it at work, and/or a login disclaimer informing me of your right to monitor what I do if I connect to your network. If not, you better damn well have a warrant if you want to take a look at my property. Therein lies the rub. Whose property are the bits on the wire? Once you've clicked on send, be it email or im or twitter or whatever, does that transmission still belong to you? I would submit that it does not, and that the privacy laws that protect you and your house and belongings can no longer be sensibly applied. Even you send a private email, to whom does it belong while it's in the process of transmission? And as far as I know, there's no login disclaimer on the interwebs that allows the government to monitor what I do on that network, nor on the telephone, or my mobile phone contract. Really? To whom does your response to me belong? What about the email you send to a friend? A stranger? And twitter posts? Blog comments? Etc., etc. Does it really make sense to extend your privacy rights to those things that you have sent into
Re: [Full-disclosure] How to receive SPAM mail
If you want to be spammed, join full-disclosure. 2009/11/7 Michael Holstein michael.holst...@csuohio.edu I have a SPAM filter and virus firewall testing. So, I want to get the real SPAM is sent to a specific email address. What better way is there anything? I had to do a similar thing when doing a spam-appliance vendor shakedown .. what I did was setup a subdomain eg: test.mycompany.com and then create email IDs within that subdomain that had valid mailboxes eg: b...@test.mycompany.com, su...@test.mycompany.com, etc. and then I used Google to search for free offers and work from home, etc. and entered those IDs on about 100 different sites. There's tons of sites out there that you can sign-up for hundreds of free offers and whatnot. Within days I was getting hundreds of messages per day for each ID. Note .. they have to be valid mailboxes because you frequently need to reply to the activation email to make them work. You could setup a little script to wget any links in emails received and do -O /dev/null with the results .. but I just had all the accounts configured on a test machine in thunderbird so I could view what came through and the resulting junk summary emails. The advantage of doing it as a subdomain (or just register another test domain) is that you can make the traffic go away entirely by deleting the DNS record. Regards, Michael Holstein Cleveland State University ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Weev, AKA Andrew Auernheimer [Fullinfo Doc(TM) revision #1]
So if I'm to understand you correctly, gobbles 1337, Weev's mother or a family member was searching the family name randomly on Google, came across these threads, did *not* email the list but instead emailed you with a long list of abuse about Weev, within which she did not disclose any information about her own son that you did not know already; despite the fact that as his mother she would surely be privy to such information. She also, if I am to believe your emails, did not disagree with you on any point. You then kindly stripped the email formatting and rather than forwarding the email to the list, pasted it into your own email so that it would seem almost as though *you* wrote these emails! How strange. 2009/10/5 GOBBLES gobbles1...@safe-mail.net Mr. Auernheimer, That's true. I'm not a hacker. Also, sorry for not clarifying that I use mrxisaplant too. Here is more correspondance received from your mom (added paragraph breaks): Actually, Andrew has no relationship to designadventures or sealpac. Years ago before sealpac came the US market, Andrew grabbed the domain name (before we knew anything about his mental issues). We want it back. We didn't even remember until this week that his name was on it as we paid for several years in advance and the recent renewal was paid by credit card. Design Adventures is my little interior design business-never had a thing to do with Andrew. Design Adventures and Sealpac have nothing to do with Andrew and have never done business with Andrew. In fact, even as parents we have never financially supported him since he left home. Years ago our communication with him was come home, get help, go to school and we will then and only then support you. He refused. Andrew was never abused or neglected. When he lived with us he was a totally different person, prior to his substance abuse issues. He became a different person in Cal. He had to get as far away from us as he could to participate in this kind of behavior because we would have called the cops and kicked his ass to the curb. From his postings he is deranged and a drug addict. We are not asking for sympathy for him. Andrew has been detained by the FBI twice this year? They didn't do anythin...@#!!! I don't know what the strategy should be for you or I if the FBI won't do anything to stop him and we can't find him. You don't want to call the FBI and we don't care if you do, if they need to they will contact you. Andrew's name has been available online for years so it never even occurred to me to disclose his name but I also spoke to law enforcement a year ago so even they knew. There are so many crazies on the web just like Andrew and we simply stopped trying with him when he went to California years ago. He would not give us his address or location. Truthfully, until about a year ago we didn't even know about this ugly, racist rhetoric because we weren't wasting our days looking. Many years ago he was online railing against Bill O'Reilly and the far right and saying anything to inflame. He used to be a radical liberal. I think he is so crazy now that he might be convinced that martians are ruining his life, not Jews. He's nuts. Sadly he is not alone. I could not believe, when I finally got wind of his livejournal, how many people were posting horrible things in agreement. I felt physically sick. All of those people are also a danger and who knows who those people are. They were smart enough to not post their own photos and link their real names to their ugly words. They may be more of a danger because we don't know who they are. Original Message From: Andrew A glutt...@gmail.com To: GOBBLES gobbles1...@safe-mail.net Cc: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Weev, AKA Andrew Auernheimer [Fullinfo Doc(TM) revision #1] Date: Sun, 4 Oct 2009 12:33:13 -0500 Mr. Learner, You really are hilarious. I can infer one thing from your posts: you aren't a hacker, and you find this really awkward and aren't sure how this whole ruin thing works. You have no access to data that I have not made public. Once again, the only thing you found out was my name, which I put on my livejournal. Big deal. The rest was google-able. You really don't have anything. You also don't understand how to make this whole doxdrop deal effective and dramatic. You save up everything you can until you find a piece of data which is psychologically damaging to the target. You have to essentially find them guilty of wrongdoing, like using a nonprofit to defraud people, or sucking dicks for money. This whole thing where you post somebody's parents address, big deal. Everybody's got parents unless they're orphaned. Those parents inevitably live somewhere. If I were a basement dwelling loser, this tactic might be effective. Unfortunately I live on 60 acres in the sticks and have hungry dogs and guns. Not much you can do to me.
Re: [Full-disclosure] So weev...
Man, you guys are real elite hackers. You can get into *#ed* and read the chat. Holy fuck, you penetrated the public channel of Encyclopedia Dramatica, which as we all know is the world's most elite hacker crew. 2009/10/2 Wintermute winterm...@hush.com -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 We are glad this is being taken well: 02:23 januszeal i read what the kikes did to you 02:23 januszeal i raged :( 02:24 weev lol 02:24 weev i dont mind 02:24 weev theyre doin me a favor ...because as a 5'4, 130-pound guy, there is not much that you can do *but* take this sort of thing well. We would not want to see little Andrew overexert himself. WINTERMUTE On Thu, 01 Oct 2009 22:43:12 -0500 GOBBLES j...@mac.hush.com wrote: I posted on here earlier as netdev.doctor questioning weev on how he feels psychologically. *spins weev around* *grins* I feel such invigorating justice seeing your real identity mirrored. Redundancy. Freedom of information. I hypothesize weev may possibly kill himself, unfortunately. I'm unsure how to approach it because I hear he may have left the United States. If not, he'll cling on like a Michael Crook kinda guy (which he is closely emulating nowadays). These kids are like mean infants. If I were in your shoes, I would intellectually be considering ending my life. However that's just me. I don't think you should. However, if it were me, it would stop the pain, and my life path that I really couldn't ever fix now. This is purity. This is what happens when you become arrogant, come down here with orders from God. You get crucified bitch. Just like Jesus. Your hung on a cross the same place you ruined people's lives. plz advz hep ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Charset: UTF8 Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 3.0 wpwEAQMCAAYFAkrFoLgACgkQAN7xmh8YPB3xOwP/YUfwdfS+i/towpDsMKZVZPYOOfmB HcKiqGAKoA0pZzbBZmwtDL8AtoP3O4rY7/SuDEDmukGBv2cJ25JSWqtlB7xqF1Xm0HsL BPCwhO5/2bBk4UCYHAKlbM1DpzauqYQBFcoRk6peWZV0TNdSWV2d+VK5HX6JX15FNzxO 8sZ4Wdk= =J2Jd -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] So weev...
I wouldn't be too concerned if I was weev. A guy who uses phrases like *alleged suspect* and* likelihood chance* is after him! Oh dear, he must be going to accuse weev of being an *illegal criminal*! 2009/10/3 GOBBLES gobbles1...@safe-mail.net This is about fighting crime. Not about putting your stuff into the alleged suspect's mother. Please have some sense of courtesy and professionalism. *ISRAEL* Internet Sleuth, Richard Anderson, Electronic Lawyer Original Message From: BMF badmotherfs...@gmail.com To: GOBBLES gobbles1...@safe-mail.net Cc: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] So weev... Date: Fri, 2 Oct 2009 17:08:40 -0700 On Fri, Oct 2, 2009 at 4:57 PM, GOBBLES gobbles1...@safe-mail.net wrote: There is a strong likelihood chance we can get Andrew into prison for his criminal activity. Sweet! I love to send people to Federal Pound me in the ass Prison! While Bubba is fudgin' this weev character I can be fudgin' his momma! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Modifying SSH to Capture Login Credentials from Attackers
yes yes, the local root shouldn't know the passwords of the users just like the users shouldn't reuse passwords. But we're meant to be dealing with the real world, right? 2009/9/30 j...@jagda.eu All standard users have read access to /var/log/auth, so if root they shouldn't, at least on my default debian they don't ... b Even the (local) root shouldn't know the passwords of the users. They often uses it on other systems JFCh ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Andrew Auerenheimer aka weev gets tree'd
yes. who the fuck is this weev guy, anyway? 2009/9/17 zewb zewbiec...@gmail.com Same here. I wanted to learn about security flaws and instead it's just all these dumb fags pretending they've doxed some big important person. What the fuck is this, 4chan or something? It's full disclosure of security holes, not full disclosure of the full names of people because they trolled the ux designer you have a crush on or something. Stop trying to impress everyone by saying you found some guy's dox. Even if you really did find them, I still don't really care. Apparently you think this weev guy is some kind of celebrity or something, but I've never heard of him and I don't care about the little grudge you have against him, so stop filling my inbox with you're dumb autistic retardery. Seriously, just get a fucking blogspot account or something and post all the shit there so I can go to my fucking inbox and not have to sift through all this shit. - Original Message - *From:* BMF badmotherfs...@gmail.com *To:* full-disclosure@lists.grok.org.uk *Sent:* Wednesday, September 16, 2009 11:27 PM *Subject:* Re: [Full-disclosure] Andrew Auerenheimer aka weev gets tree'd WTF is up with this mailing list? I signed up a few weeks ago expecting full disclosure of security exploits or at least good security discussion. Instead what I got was full disclosure of how idiotic skr1p7 k1dd13z can be. BMF -- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Hack-Mail.net or similar site
How could you question them? They Are Completely annonymous! 2009/9/12 TheLearner mrxisapl...@hush.com Sounds like a sting operation. I mean, can you read this? They're talking to you like putting hacked password in white text on white paper makes it less illegal and somehow legit. A shakespear script? Those sites are set up to find people who want to break federal law. I'm 100% if you go through the process and buy it you'll be indicted. TheLearner aka mrx On Fri, 11 Sep 2009 09:46:27 + mamo mam...@gmail.com wrote: Hello, What do you think of web site like Hack-Mail.net or similar one? Do they really work and how? Thank you, Mamo ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Web-monitoring software gathers data on kid chats
hahahaha oh man, that's grand. 2009/9/9 Ivan . ivan...@gmail.com Parents who install a leading brand of software to monitor their kids' online activities may be unwittingly allowing the company to read their children's chat messages — and sell the marketing data gathered. Software sold under the Sentry and FamilySafe brands can read private chats conducted through Yahoo, MSN, AOL and other services, and send back data on what kids are saying about such things as movies, music or video games. The information is then offered to businesses seeking ways to tailor their marketing messages to kids. http://www.google.com/hostednews/ap/article/ALeqM5i5CjgMEdrwRm3JxeglUykMAHAYmAD9AGNVM00 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Sexless schadenfreude: the potential extremist Michael Crook.
He's a friendless loser with no skills nor intelligence. There's probably twenty million of them on the internet; the only difference between this one and the others is that Michael hasn't discovered /b/ yet. 2009/8/25 Michael Crook michael.cr...@hushmail.com Some kid died. I want someone caring liberal to hug me, but no! You may remember me from such films as the EFF DMCA apology. I'm afraid he may take the next step and become a risk to himself or others. He spends his spare time proselytizing extremist and radical viewpoints on my blog in order to gain attention for himself. He celebrates the death of others in schadenfreude ways. Because of his acting like he has nothing to lose, I believe he's a lonewolf and a definite potential terrorist. Psychologically, I think he fantasizes for woman to reach out to him.. To be the mother he never had. I think he wants a liberal, surrogate mother. But in reality, he would merely exhaust the caring of her. He's not fixable. I want someone to mother me. But it can't help. I cursed with this hate. This is my nature now. My scars. I wanted to give a heads up to the federal authorities. This guy looks like a nutter. He should be placed under surveillance 24-7 to make sure he doesn't do anything funny. I'm guessing in his loneliness he gets pretty dejected and depressed at times. Why don't people know me for who I *really* am. But all they see is his attention-gaining shocks. He's a sure thing. http://tips.fbi.gov - Send in everything you know, paste them this tip. Federal authorities (SS, FBI, HLS) You can visit his blog at www.michaelcrook.org, or googling Michael Crook. Study him good. ~ John Doe / n3td3v (http://www.twitter.com/n3td3v) P.S. This is an anonymous, however, he's genuinely a threat. You can clearly see by googling his name he means business and fits the profile of a lone wolf. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/