lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
From: mattmurphy at kc.rr.com (Matthew Murphy)
Subject: (no subject)

When I first read your email I laughed a lot because I thought it was some
kind of joke.  Sadly, however, by the end I realised that perhaps you were
serious after all.  So I am replying to your letter in the hope that maybe
you are just misguided and can somehow be put back on track.

>> [...] Fighting between ourselves and posting this crap
>> on the list both amplifies the effect of the idiots' posts, and lets them
>> know that their effort is working -- that has got to stop.

>fighting between yourselves?  you mean debating right?  debating over what
>is good and what is evil?  Matthew, i think your paranoia is playing up
>again, the people on the list aren't fighting.  they're having an
>intellectual discussion over the pros, cons, and alternatives to the
>security industry.  JOIN IN!  unless you dont have anything intelligent to
>contribute (as is being clearly demonstrated by the speculation, personal
>attacks, and silliness of your email).

No, I mean the "discussion" over the values of our attackers, such as has
ensued from my initial post.  Generally to me, discussion = has some value.
Some of the "discussion" here does not fit that criterion.  Just take a flip
through the archives to discover this for yourself.

I frankly am not interested in learning about the values of our phrack
friends
and I could care less.  I get more useless junk from the e-mails about the
junk mail than the junk mail itself (which Outlook Express so nicely deletes
for me now).  The only thing it has to do with security is the target of the
junk mail.

>>     I will be the first one to say that I applaud how Len has handled all
of
>> this -- the list must not be moderated.  Moderating the list would be
giving
>> a victory to some of the lowest scum of all time.  Rather than seek
>> alternatives, we have to be firm about the reason this list was created
in
>> the first place -- freedom of information.  This list was created to
inform,
>> and inform quickly.  By advocating moderation, you are essentially
>> advocating destroying the list.

>of course.  moderating the list would also mean that we couldn't have this
>discussion, which i feel is important, not for me though, Matthew, but for
>you.

I think the discussion is equally important for everyone here, if nothing
else but
for clarity, in my case (which I will try to improve in the future)

>you need to let go of all these fears that `hackers are trying to get
>into your system 24/7' and start to embrace concepts like "free thought",
>"rationality", and "understanding".

Just FYI, the "fears" are the tools of a certain software company in Redmond
(cough Microsoft cough).  I don't have such a fear that *everybody* is
always
after me, but I need to be ready for the one who gets in.

>>     These last few days have been a test of how strongly we believed in
the
>> idea that all information should be delivered in a timely fashion.
Someone
>> who truly believes in the concept of full disclosure will stand up for it
>> even as the very concept itself is attacked.  Advocating moderation of
the
>> list, or bringing your personal struggles to the list as it faces this
>> attack shows that your belief in the concept of full disclosure is
>> incredibly weak.

>yeah no i disagree.  i think over the past few days, if anything, real
>intelligence has hit the list and you're not entirely sure as to how you
>want to deal with it.

So, the "real intelligence" is from those advocating moderation?  If I'm
getting
what you're

>that's natural, Matthew, you're being intimidated,
>your standing in the whitehat community seems to you as though it is being
>threatened.  thats OKAY.  you just have to get past all that fear and start
>to loosen up a bit.

You're wrong there.  Frankly, I will not leave the list no matter what they
do
to me.  Nothing of mine is threatened, but the progress of the list *is*
threatened
if we give in to such pitiful and weak tactics as junk e-mail.

>>     We must direct our anger towards these losers at these losers.

>this sentence didn't make sense to me.  could you please clarify?

Ah, the principle of focus.  Incredible, isn't it?

>>   Anything else is an attack against our own values.  While they claim to
be hackers,
>> their method of attack shows them to be nothing more than spoiled
children.

>could you please give an example to back up your views?  because you must
>realise, Matthew, that we all come from different cultures.  what is a
>spoiled child to you may be something completely different to the next
>person.  also, by giving an example, and making your argument clearer, i
>think you'll find that people will not only understand you more, but also
>understand you enough that they can retort in a much more informed manner.
>which helps the discussion overall.

Okay, I guess I should have put "spoiled children according to my culture"?
I
was implying several specific characteristics, but my main argument was that
one who calls themself a hacker and then resorts to (trivially blocked) junk
e-mail is both of low maturity and ability as well as simply wanting to feel
like
they have done something.

>> You can either fight them or give up, there's not an inch of middle
ground.

>oh no, wrong again.  keep trying, Matthew.  see, the middle ground is this
>list.  it is our medium for discussion.  though in your case i think it
>would be better exemplified by the analogy of a battlefield on which to
>fight, although i dont back this idea 100%.

The concept of full-disclosure *is* having a medium for discussion for all
that
are affected, and in a timely manner, correct?

>> Are you up for it?

>up for what exactly?

I suppose this links with your statement on the battlefield analogy.  What I
am drawing at is a simple, but incredible thing known as *determination*.

People can either ignore the crap (i.e, with mail filters) or whine about
"We
have *got* to moderate the list!  Too much junk mail!".  It doesn't even
take but a few seconds to put a mail rule on "#phrack".

To those who suggest the answer is moderation of the list -- get a life.


Powered by blists - more mailing lists