On Sun, Aug 31, 2008 at 2:57 AM, n3td3v <[EMAIL PROTECTED]> wrote: > http://linuxbox.org/pipermail/funsec/2008-August/018318.html > http://isc.sans.org/diary.html?storyid=4954 > > Hi, > > I think its wrong for you to name and shame these domain names, and > specify places people live (funsec), seeing as these folks have done > nothing wrong. > > Guilty until proven innocent, is that how it works in cyber security land? > > Completely out of order... > > All the best, > > n3td3v > > -- > computer security protection news alert system, keep messages short > for cellular devices. > https://groups.google.com/group/n3td3v >
* Now talking in #n3td3v [03:11] <cybersecure> [Full-disclosure] Gustav, domain name reportage [03:11] <cybersecure> http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064132.html [03:15] <ChrisAM> I don't get your post. [03:16] <ChrisAM> the past disasters demonstrate the abuse of domains like this. [03:16] <cybersecure> yet those domains are only parked domains just now [03:16] <cybersecure> no law broken [03:17] <ChrisAM> dshield is just being proactive. [03:17] <cybersecure> it could even be the government or a security company etc buying the domains so they can't be bought [03:17] <ChrisAM> that's what I suggested earlier to do. [03:18] <cybersecure> so why name and shame and then the funsec post starts posting where people live [03:18] <cybersecure> completely outragous when technically nothing has been done wrong (yet) [03:18] <ChrisAM> they just put cities.. not people's names. [03:19] <cybersecure> its bad enough [03:19] <ChrisAM> the scumbags are just waiting for the storm to hit. [03:19] <cybersecure> even you're calling them scumbags before you even know the reason for the domains [03:19] <ChrisAM> What other reason would there be? [03:19] <cybersecure> technically you shouldn't do it until something has been commited [03:20] <ChrisAM> Innocent until proven guilty only applies in law/courts. I can call them whatever I want. [03:20] <cybersecure> and then i call you a twat [03:20] <cybersecure> sorry [03:20] <cybersecure> its not very professional [03:21] <cybersecure> to name and shame before an fofence has been commited [03:21] <ChrisAM> You actually think these will be legitimate sites? [03:21] <cybersecure> offence* [03:21] <cybersecure> its not for me or anyone else to judge until something actually happens, and certainly not put on a high profile sans diary [03:22] <cybersecure> maybe on backchannels and in private [03:22] <cybersecure> but not so publically [03:22] <cybersecure> until an offence is commited [03:22] <cybersecure> once an offence is commited, shout to the hills about it [03:23] <ChrisAM> by then 5 million spam mails are already sitting in people's inboxes. [03:23] <cybersecure> so you're saying these domains should be cancelled? [03:23] <ChrisAM> no. [03:23] <cybersecure> what the fuck! [03:23] <ChrisAM> I'm saying they should be closely watched. [03:24] <cybersecure> but not talked about on a sans diary or published on funsec until something happens [03:24] <ChrisAM> This is the information gathering phase. It's too late to start that after the storm hits. [03:25] <cybersecure> information gather in private until someone does something wrong [03:27] <cybersecure> can i put this transcript on f-d? [03:28] <ChrisAM> ok [03:28] <ChrisAM> What value will it add there? [03:28] <cybersecure> you don't care? [03:30] <cybersecure> brb, i'm going to post... [03:30] <ChrisAM> no [03:30] <cybersecure> your nickname will come up on google [03:30] <ChrisAM> ok [03:31] <cybersecure> brb then... i'm going to post _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
