| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: isergevsky at hushmail.com (isergevsky@...hmail.com) Subject: RE: remote kernel exploits? -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >If this group of coders el8 (yes, I heard about them before - I > remember >somebody got the wu-ftpd 2.6.2 exploit from them a few weeks be >fore it was >released) would have such type of exploits than it's only a mat >her of weeks >before it's gonna show up. > Not everybody cares about disclosing bugs as you SURELY don't know. The ~el8 team are supporters/initiators of 'Project Mayhem', an underground movement trying to bring the internet to its knees. They will not disclose such thing. Ac1dB1tch3z are aswell supporting this movement. >Since they're underground they're probably not looking for mone >y but fame (if >they really want to steal cc information all they have to do is > search google >for orders.dbf cart32.exe and God knows what other insecure web >cart >releases.). So if they're looking for fame they will probably r >elease in a >few weeks or so some kind of exploit (with something like "wors >hip us 'cauze >we are the gods of coding" in the coments). > Hahahaha! Not *EVERYBODY* cares about hacking into pr0n websites to grab warrez. Besides, these guys seem to have more skill than u can imagine and they don't care about YOU or other kiddies like you 'worship' them or not. Disclosing such a bug (if it exists) would mean TOTAL HAVOC on InterNet structure. >Yes, it's true that a kernel exploit would pass firewalls becau >se 99% of >firewalls are based on kernel. But i don't think that it would >be the end of >the world. Because the reason we love open-source is the speed >of patching >it. And if it's gonna be an exploit, there's certanly gonna be >a patch for >it. Apache, OpenSSH, OpenSSL are all widespread services yet th >ey all have >been vulnerable... we survived. We're still here... my server's > are still not >compromised... So have no fear cause "In open-source we trust" > >-- >------------------- >Proud member of PentaGuard >"Making the net a safer place since 1998" Let me laugh my ass off, please! Since when does PentaGuard care about security? Last time i checked you guys were a lame defacing group using IIS 4.0 exploits to own .mil sites. As people found out that the bug exists (after 1 year since it was posted on bugtraq) your group's activity was reduced to zero. You have no clue about the scene or *nix. Please, dont make a fool out of yourself and shut up. >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.netsys.com/full-disclosure-charter.html > -----BEGIN PGP SIGNATURE----- Version: Hush 2.1 Note: This signature can be verified at https://www.hushtools.com wl8EARECAB8FAj2Ck/MYHGlzZXJnZXZza3lAaHVzaG1haWwuY29tAAoJEMfRnqqodk8T SwkAn068ZgxaYV2d14L0MZE1Dc//+WiaAKCMeolS1wwqZsdG1PFizSPlQe7+cg== =aphN -----END PGP SIGNATURE----- Get your free encrypted email at https://www.hushmail.com
Powered by blists - more mailing lists