-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 dude... off list... "fuera de la lista" ? Can anyone help us overcome this language barrier?
On Tue, 24 Mar 2009 15:46:02 -0400 Rubén Camarero <[email protected]> wrote: >Perhaps. > >On Tue, Mar 24, 2009 at 3:39 PM, <[email protected]> wrote: > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> Are you even aware that you've been arguing with me? Perhaps we >> should move this discussion off-list, so we don't annoy the rest >of >> the bugtrackers... >> >> On Tue, 24 Mar 2009 15:34:32 -0400 Rubén Camarero >> <[email protected]> wrote: >> >I am only stating that the bug posted here isn't serious. I >agree >> >with you >> >on the other issues, more or less anyways. >> > >> >On Tue, Mar 24, 2009 at 3:30 PM, <[email protected]> wrote: >> > >> >> -----BEGIN PGP SIGNED MESSAGE----- >> >> Hash: SHA1 >> >> >> >> nvidia has a poor track record with security. I'm citing two >> >> examples. One is on their website, and one is in their >drivers. >> >> Can you cite anything they have done right? Your effective >> >arguing >> >> strategies makes you a top nominee for Gadi Evron's no- >swearing >> >> event at defcon. >> >> >> >> On Tue, 24 Mar 2009 15:27:09 -0400 Rubén Camarero >> >> <[email protected]> wrote: >> >> >That example has nothing to do with this particular bug. >Using >> >> >multiple >> >> >exclamation or question marks does not help your ineffective >> >> >argument, >> >> >either. >> >> > >> >> >On Tue, Mar 24, 2009 at 3:15 PM, <[email protected]> >wrote: >> >> > >> >> >> -----BEGIN PGP SIGNED MESSAGE----- >> >> >> Hash: SHA1 >> >> >> >> >> >> With all due respect, my corned beef and sauerkraut >smelling >> >> >> friend, I am simply pointing out that when it comes to >> >security >> >> >> nvidia is clueless. Do you not remember the great debacle >of >> >> >2006 >> >> >> when Rapid7 showed off remote kernel exploitation of the >> >nvidia >> >> >> driver by webbrowser? http://kerneltrap.org/node/7228 >should >> >> >> refresh your memory. 40 million lost credit cards but at >> >least >> >> >> they put nvidia in their rightful place and have their >> >> >priorities >> >> >> in order. And speaking of security concerns and nvidia, >why >> >do >> >> >you >> >> >> think Microsoft didn't use nvidia in their trusted gaming >> >> >platform >> >> >> xbox360???? Everyone in our industry knows that nvidia is >> >shit >> >> >for >> >> >> security, even their javascript sucks!!! >> >> >> >> >> >> >> >> >> On Tue, 24 Mar 2009 14:45:46 -0400 Rubén Camarero >> >> >> <[email protected]> wrote: >> >> >> >If ATI and nVidia were web content developers, this may >be a >> >> >valid >> >> >> >argument, >> >> >> >but they are not. They are graphics vendors, hardware and >> >> >> >software. Not to >> >> >> >mention the fact that this isn't a "serious" issue. RFI >is a >> >> >> >serious issue, >> >> >> >IMHO. >> >> >> > >> >> >> >On Tue, Mar 24, 2009 at 1:37 PM, <[email protected]> >> >wrote: >> >> >> > >> >> >> >> -----BEGIN PGP SIGNED MESSAGE----- >> >> >> >> Hash: SHA1 >> >> >> >> >> >> >> >> I have been saying for years that ATI is better than >> >nvidia >> >> >and >> >> >> >> here is just one more reason! You don't see serious >> >issues >> >> >like >> >> >> >> this with ATI's website. >> >> >> >> >> >> >> >> On Tue, 24 Mar 2009 10:13:21 -0400 Lorenzo Vogelsang >> >> >> >> <[email protected]> wrote: >> >> >> >> >Hi all, i'm new to the list. I'm an italian student >who >> >> >likes >> >> >> >> >security >> >> >> >> >topics in the I.C.T world.. >> >> >> >> > >> >> >> >> >Browsing the nVdia web sites, i have found a very >basic >> >Url >> >> >> >> >redirection >> >> >> >> >flaw. Infact when downloading a driver i get Urls like >> >this: >> >> >> >> > >> >> >> >> > >> >> >> >> >> >> >> >> >> >> >>>>>http://www.nvidia.com/content/DriverDownload/download_confirmat >i >> >o >> >> >n >> >> >> >. >> >> >> >> >> >> >> >> >> >> >>>>>asp?kw=&url=http://us.download.nvidia.com/Windows/179.48/179.48 >_ >> >n >> >> >o >> >> >> >t >> >> >> >> >ebook_winxp_64bit_beta.exe >> >> >> >> > >> >> >> >> >and connecting to this another Url >> >> >> >> > >> >> >> >> > >> >> >> >> >> >> >> >> >> >> >>>>>http://www.nvidia.com/content/DriverDownload/download_confirmat >i >> >o >> >> >n >> >> >> >. >> >> >> >> >asp?kw=&url=http://www.google.it >> >> >> >> > >> >> >> >> > >> >> >> >> >will redirects succefully to www.google.it! (or other >web >> >> >site >> >> >> >of >> >> >> >> >your >> >> >> >> >choice , or downloadble content..) >> >> >> >> > >> >> >> >> > >> >> >> >> >Enjoy! >> >> >> >> > >> >> >> >> >Lorenzo Vogelsang. >> >> >> >> -----BEGIN PGP SIGNATURE----- >> >> >> >> Charset: UTF8 >> >> >> >> Version: Hush 3.0 >> >> >> >> Note: This signature can be verified at >> >> >> >https://www.hushtools.com/verify >> >> >> >> >> >> >> >> >> >> >> >> >> >> >>>>wpwEAQMCAAYFAknJGmEACgkQfuF4tUz/X+KtEQP/fg36QI6yY9Hw6Q5eOsLUBGtP >j >> >g >> >> >9 >> >> >> >/ >> >> >> >> >> >> >> >> >> >> >>>>kxEmlsVdQl23h92FU75bHiOHhDMo7nLMCbHH7HHZDMvEw05OCDBaOqTx54xyTHBa >y >> >H >> >> >4 >> >> >> >s >> >> >> >> >> >> >> >> >> >> >>>>xf4joU8LSrTOFrklgT7tGXr+AMIfi4ypgIXzRv6Gx0vD3EAKIR3KWL4qFtg/OahH >k >> >l >> >> >7 >> >> >> >q >> >> >> >> jOiz888= >> >> >> >> =2MOh >> >> >> >> -----END PGP SIGNATURE----- >> >> >> >> >> >> >> >> -- >> >> >> >> Can't pay your bills? Click here to learn about filing >> >for >> >> >> >bankruptcy. >> >> >> >> >> >> >> >> >> >> >> >> >> >> >>>>http://tagline.hushmail.com/fc/BLSrjkqhNChbdTZRNxLsL4IFkcZYo7APt >e >> >6 >> >> >M >> >> >> >FdjI1xth2KPqL4lm3VupTlG/ >> >> >> >> >> >> >> >> _______________________________________________ >> >> >> >> Full-Disclosure - We believe in it. >> >> >> >> Charter: http://lists.grok.org.uk/full-disclosure- >> >> >charter.html >> >> >> >> Hosted and sponsored by Secunia - http://secunia.com/ >> >> >> >> >> >> >> > >> >> >> > >> >> >> > >> >> >> >-- >> >> >> >Rubén Camarero >> >> >> >CCNA, CISSP >> >> >> -----BEGIN PGP SIGNATURE----- >> >> >> Charset: UTF8 >> >> >> Version: Hush 3.0 >> >> >> Note: This signature can be verified at >> >> >https://www.hushtools.com/verify >> >> >> >> >> >> >> >> >> >>>wpwEAQMCAAYFAknJMWoACgkQfuF4tUz/X+LbggP9GPddhDh3krXB3ieyORr5Yd2Rd >E >> >6 >> >> >l >> >> >> >> >> >> >>>foRgQOUAaXbnpxc+d2XFByNe8wAYHF+dheNou5cb0XBF99NmW4wt2uoR57/7PmSp6 >z >> >d >> >> >M >> >> >> >> >> >> >>>1bsBzocX6Kkpbl38bMf4ZG/OlEz7cqfNOGExPE5cicr2Y462fk/BAWfUWV6B82ieW >z >> >4 >> >> >Z >> >> >> BbBeab8= >> >> >> =ZiqN >> >> >> -----END PGP SIGNATURE----- >> >> >> >> >> >> -- >> >> >> Click to compare and save on auto insurance. >> >> >> >> >> >> >> >> >> >>>http://tagline.hushmail.com/fc/BLSrjkqePmfJGmpcWA2Xcaz2NXhk84bAM4 >H >> >x >> >> >iigERihBJ2ZwE0pe0OeJOxS/ >> >> >> >> >> >> >> >> > >> >> > >> >> >-- >> >> >Rubén Camarero >> >> >CCNA, CISSP >> >> -----BEGIN PGP SIGNATURE----- >> >> Charset: UTF8 >> >> Note: This signature can be verified at >> >https://www.hushtools.com/verify >> >> Version: Hush 3.0 >> >> >> >> >> >>wpwEAQMCAAYFAknJNO4ACgkQfuF4tUz/X+JobQP/fKdv2DPbFGfAh8+N6GsdKO7ct1 >B >> >P >> >> >> >>2h0sXd57nD6bKwOi8CiOZR3/fMjyl72R0xuS0Gtq8PhkX/mMo8GGaHw0h8DdHJ0DIA >b >> >j >> >> >> >>kAY4Pc/oNXtRaO0UoCT0CJA04M9wIgdR0batMc9N0PHhI7Z041w7ycSohm9Q5u6UR9 >i >> >B >> >> R3X0sRc= >> >> =ucxK >> >> -----END PGP SIGNATURE----- >> >> >> >> -- >> >> Click here for free information on how to reduce your debt by >> >filing for >> >> bankruptcy. >> >> >> >> >> >>http://tagline.hushmail.com/fc/BLSrjkqhNCha09Yyoll97un6Gs8mL19gd7D >3 >> >JKfsHHWsIQfxfuSbfcMocNq/ >> >> >> >> >> > >> > >> >-- >> >Rubén Camarero >> >CCNA, CISSP >> -----BEGIN PGP SIGNATURE----- >> Charset: UTF8 >> Version: Hush 3.0 >> Note: This signature can be verified at >https://www.hushtools.com/verify >> >> >wpwEAQMCAAYFAknJNwcACgkQfuF4tUz/X+IVsQP9HDa6vSSub9nXDYpiBgz1grUqoYb >D >> >nVd0ee3CSbBzArov2PK6abL0aNgR4SfDj//dlq+AzUZJz02yCR61+ysv8U7uSUrRmdj >D >> >rXjQl21C5vWMAe9FErKxEJFqit5bNhT6NBC0aHftxDnhOiK5VxmrvwiJd9s2VMXp0ob >4 >> xSpn07c= >> =4By0 >> -----END PGP SIGNATURE----- >> >> -- >> Looking for insurance? Click to compare and save big. >> >> >http://tagline.hushmail.com/fc/BLSrjkqeRJSlzyuuSygReQTvYYxFkBk62kTe >jAkm3iyoX0vxnOgDXtb7ISM/ >> >> > > >-- >Rubén Camarero >CCNA, CISSP -----BEGIN PGP SIGNATURE----- Charset: UTF8 Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 3.0 wpwEAQMCAAYFAknJOZ4ACgkQfuF4tUz/X+J8uQP/dRdtZikUJJS3hakKd+ADx8isnUxc kJIC3uzG5yp8XFJFWkCR2DaM5tBrLhXhEiIzEzoXJ95M9Gok8+GVH2nvYex6j7bde/tx zvzLqYbum0z96D+c0Ifv2Rk2VCTSGJ+XTlOkCSyO8aASec/XLCWxm9tkLa9wSYtj7VCf KoShv74= =0Wmx -----END PGP SIGNATURE----- -- Become a medical transcriptionist at home, at your own pace. http://tagline.hushmail.com/fc/BLSrjkqfMmc87Q7V886A2pQQnP3wiFzt0CJlXLvT1qRvFNCBvDAhrNqJ8Mw/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
