| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: euan_briggs at btinternet.com (Euan Briggs) Subject: [PHC] Sermon #3 (w/ reply to Paul Schmehl & others) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > 3. Stripey, you speak of the "PHC new bloods" when you have no > knowledge of how long any of us have been online for. Based on how > recently you started selling bugs to Snosoft, it's very likely that > you're the one who's Only Been Around For A Few Years. You made an > important point about the media sensationalizing stories of > 'hackers' and whatnot, but you defended the security industry. > Based on what we've witnessed over the last decade, the media AND > the security industry waltz side by side to reciprocate the > generation of sensationalism that keeps both in business... in the > security arena. They are the Yin and Yang of hype. Sorry to tell you this PHC, but I know who the majority of you are and where you originate from. My work with Snosoft does not mark my entry into the field. To be frank, the reason I entered the whitehat arena, is because I am appalled at what has happened to the blackhat scene. I am appalled by the motives and attitudes of people such as PHC. I am appalled by the behaviour of people like you. I have a conscience and a sense of responsibility, towards my fellow human beings and our society. I want the world to be a better place. I don't see working for the security industry as some sort of "betrayal" of my blackhat roots, I see it as making a -positive- contribution to society. I see it as paying my debt to society, for the years I spent as a blackhat. Entering the industry was a natural progression. I dont get a kick out of crime, it only brings guilt and it is a rejection of the society that nurtured you, human society which you owe your life to. You claim to "hate" the security industry, because you believe they are exploiting hackers and their world. Unless you yourselfs are genuinely being exploited, I would say this part of your rather contradictory manifesto its nothing more than a thin veneer of justification for your delinquent attitudes. As I said in my last post, I think you are just pissed off that you have a motivated and well funded competitor (the industry), and people like you helped create it. Yes I spoke about media sensationalism, but you missed my point entirely. You help stimulate the media attention with your own lust for acknowledgement. The media and the security industry do emphasise risks, but the fuel for their sensationalism is people such as yourself (PHC) who, not satisfied with operating quietly, feel the need to get up on a soapbox and announce to the world that you exist and that you have bad intentions. You constitute a visible testament to the fact that security is an important issue which needs to be tackled, and thus you are simply adding fuel to their fire. You have chosen to step out of the shadows and let the cat out of the bag, and this was the main point of my post. You yourselfs are contributing to increasing the attention of the media on hackers, and the validity of what the security industry is doing. You claim to be advocating non-disclosure because you believe it will increase security, yet at the same time you claim to be blackhat (implication = criminal) hackers. It doesnt add up. You claim that the security industry / full-disclosure has caused an increase in attacks and the threat, but this is not the case. The security industry is infact a -symptom- of, and a response to, your own eagerness to make the fact that you exist known, and this again was the point of my post. > We can churn out sermon after sermon, but it will do little good if > nobody gives a damn. We're not fools to believe all this talk will > do anything great. If you see what we are fighting for, then PLEASE > contribute Stuff to the cause, where Stuff can be textfiles, > graphics, old AntiSec posts, ideas, constructive criticism, > whatever. Nobody gives a damn because you have nothing interesting or useful to say. Nobody gives a damn because you are wrong. You simply want to stop full-disclosure so you can continue your disgruntled teenager "soft crime" blackhat antics. You want to remove script kids from the scene, not to make the internet more secure, but to restore the prestige and status that true hackers used to have, for your own selfish interests (your ego). You want to feel special again, and not just the generic hacker number 4593845 that you are now. .The security industry and full-disclosure is here to stay. You cannot turn back time, no matter how many "textfiles, graphics, old anti-sec posts" and accounts (fabricated or otherwise, the lies do you no favours either) of childish "attacks" against those working in the industry you amass on your website. Your project was doomed to fail from the beginning, it hastens the onset of the very thing you are complaining about. As misfit teenagers, your flawed ideology is understandable to some degree. As adults, you are simply petty criminals, and there is nothing glamorous, sexy, or clever about crime other than the fabricated ideas which the media has blunted your morality with. These are the real motives behind PHC I believe, and perhaps you should re-examine your outlook on life while I get some sleep. Goodnight.. -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com> iQA/AwUBPd8Xm0P0lBKBG8xoEQKjbQCg7owex1aaKINMvDpLaJFoMHthAmwAni7G DothjGbDr0HXzwKD+RYRFymH =5baM -----END PGP SIGNATURE-----
Powered by blists - more mailing lists