lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: benfell at greybeard95a.com (David Benfell)
Subject: Good old conformity.

On Fri, 16 Aug 2002 15:45:29 -0700, aliver@...il.com wrote:
> On Fri, 16 Aug 2002, David Benfell wrote:
> > Speaking only for myself, I don't call them kids on account of my
> > ability (or lack thereof) to evaluate their competence.
> 
> It's a good thing, otherwise they might be asking you to prove yourself.
> That'd be a real Bad Thing eh?
> 
> > I call them children because they're behaving that way, throwing temper
> > tantrums, posting porn, and generally displaying the mentality of
> > 12-year olds.
> 
> Some of their actions are immature, this we can agree on. One minor point
> though, conformist, normalite whitehats often view others actions as a
> tantrum when in fact they are simply passionate about something. You see,
> that's what separates a person like me from a person like Ron. Passion is
> what keeps you from getting stale and stupid as you grow older. I can
> honestly say I'm sharper now than anytime in my life; ever. I attribute
> that to passion for what I believe in. The dogma of conformity often tells
> people that to remain passionate in your old age is foolish, and many
> social problems bear this out. Perhaps in some cases you may see a
> passionate person as childish because they choose not to express
> themselves like you do. However, to label their actions as a tantrum may
> reflect some narrow-mindedness on your part.
> 
And how would you describe the crap that's been repeatedly posted to
this list?  I call it obviously nonsensical.  By repetition, it
becomes a tantrum, just like a two year old, screaming "I want!!! I
want!!! I want!!!" over and over.

> > I call them children because they think they're being clever hiding
> > behind anonymizing e-mail accounts while invoking images of massive
> > forces of darkness advancing on civilization, presumably to the tune of
> > Heavy Metal (or whatever the modern equivalent is).
> 
> You kind of derailed here. First you exaggerate using a straw-man tactic
> (the "massive forces of darkness advancing.. blah blah")

It is your "phrack" children who invoke this imagery.

> I have a little
> voice in my head whispering "conformist". I guess it's something about my
> experience with people who show a prejudice against metal-heads and freaks
> in general. They are scum in my mind.

My, aren't we getting sensitive?

> Don't believe me? Tell it to the
> parents of Brian Deneke or to Kori Pienovi.
> 
And what possible relevance does this have?  On topic, please.

> > It doesn't take any technical competence whatsoever to do these things.
> > It certainly doesn't require any of the study that
> > auto461723@...hmail.com asks if we have done.
> 
> Nope, and I don't believe that you and he are even on the same page. The
> way I read it, it was a rebuke for whitehats. His arguments are
> aggressive, no doubt, but they do well to confute the whitehat propaganda
> which is definitely a bigger problem to me personally.
> 
Whitehat propaganda?  Come on now.

I don't much care how security flaws are exposed.  I want to hear
about them and see that they're being addressed.

I'm surprised I even have to say this here; I would think I'm
preaching to the choir.

The reason that open source is more secure is not necessarily that the
programmers are any better than those working on proprietary code.  It
is because the code is openly available for examination.  It is
because problems are openly discussed.  And it is because someone,
even if not the original author, can come up with a fix in a short
period of time.

This is an entirely different picture from the one with proprietary
code, where problems are routinely covered up and ignored and where
fixes are often only available for an additional fee or in a new
version (which must be purchased).

But the "phrack" children, and their more intellectual apologists,
would have us believe that somehow secrecy is safer.  As if somehow,
there are really only a couple of wizards who can find these dastardly
flaws.

It's a comic book mentality, more evidence of childishness.

> > And I would not imply that I could by asserting that others have not.
> 
> That's because you can't. You've already mentioned that, so let's move on.
> 
But you miss the point.  Quoting nearly verbatim a Defcon presentation
does not demonstrate any mastery of anything other than, perhaps,
transcription.  More likely, it shows an ability to use cut and paste.
(reference the posting on Fri, 16 Aug 2002 08:44:21 -0700 by
chaos_magician@...hmail.com)

When lecturing people about their lack of skill, it helps if you
possess those skills yourself.  auto461723@...hmail.com has not
demonstrated those skills to this forum; using an anonymizing e-mail
address, he is unknown to us, and cannot be said even by reputation to
possess these skills.  Therefore, I challenge his authority.

> > now all I see is pseudo-intellectual attempts to rationalize the
> > "phrack" position.
> 
> You have demonstrated that you don't even understand their position, or
> the technology being discussed (or it's ramifications) and thus I doubt
> that you have the ability to distinguish a pseudo-intellectual argument
> from an anvil.
> 
I suspect that most people on this list can distinguish the appearance
of intellect as displayed in the arguments you support from arguments
that actually have substance.  Real arguments have structure.  Those
arguments which you support do not.

Put in terms you might understand, a rant does not qualify as an
argument.

> > So the massive forces of darkness advancing on civilization imagine
> > themselves blessed by righteousness.
> 
> More incoherent attempts at trivializing what you don't agree with? Nice
> try but you come off pretty diaphanous.
> 
It is your "phrack" children who invoke comic book imagery with a
comic book mentality.  Who's being thin?

> > The first twenty years of a person's life might, if productively used,
> > be spent learning to think.
> 
> I'd say programming and understanding the complex technologies at work on
> The Net are pretty intensive exercises in thinking. If you are talking
> about common sense or maturity, that's a different matter.
> 
> > It is evident to me that the "phrack" children have not yet completed
> > this process.
> 
> Again, since you don't know them all, your arguments and attacks seem
> pretty weak. To be clear, I don't support spamming the list with porn, but
> as I've mentioned, I figured out how to run a mail filter a long time ago,
> so I don't let such things annoy me.

Comments on mail filters do not change the fact that you are
attempting to rationalize the behavior of a group of children who are
attempting to subvert this list for no clear reason other than the
possibility that some grownups might take their fun away.

My annoyance, or lack thereof, with a tiny jpeg does not alter the
quality of its appropriateness in this forum.  And the publication of
a "phrack" mission as seen in
http://www.eurocompton.net/~fuk/phrack/mission6.txt does not alter the
the value of the noise in this "debate".

-- 
David Benfell, LCP
benfell@...ts-unknown.org
---
Resume available at http://www.parts-unknown.org/resume.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 481 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20020817/0f2e0a6c/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ