Date: Tue Apr 19 15:28:54 2005
From: colweb at gmail.com (Colin)
Subject: Fwd: Social engineering alert on Yahoo IM

He does seem very eager to send you a T shirt. Maybe its just some
insulting slogan on the shirt (I hacked Yahoo and all I got was this
lousy Tshirt) or something.

Funny I'm from the Edinburgh (well around you know how it is) area and
wonder if I know you.... whats your phone number? :)

He looks a bit scary in that pic too. Ouch.

Aye man cool like.


On 4/15/05, KF (lists) <kf_lists@...italmunition.com> wrote:
> I want a T-Shirt too!
> Heh.
> -KF
>
>
> n3td3v wrote:
>
> >---------- Forwarded message ----------
> >From: n3td3v <xploitable@...il.com>
> >Date: Apr 3, 2005 11:00 PM
> >Subject: Social engineering alert on Yahoo IM
> >To: Yahoo Security Contact <security@...oo-inc.com>
> >
> >
> >markiseiden (21:18:41): hi
> >markiseiden (21:18:42): i seem to be one of your 4 "friends" on y360
> >n3td3v (21:19:10): I took everyone off
> >markiseiden (21:20:05): i sent you some queries last week about
> >sending you a t shirt which you might want, but i need to know a size
> >and postal addr
> >n3td3v (21:20:29): I don't feel good about giving out my home address
> >over the net
> >markiseiden (21:20:43): don't you have any postal address which you
> >consider safe enough to give out
> >n3td3v (21:20:55): Not reall
> >markiseiden (21:20:55): whereby something will get to you?
> >n3td3v (21:21:07): I don't work
> >markiseiden (21:21:25): got any friends who work, or are they all slackers?
> >n3td3v (21:21:59): I keep my internet life sperate from my friends
> >markiseiden (21:22:23): wow, i'm impressed.  i haven't been able to do
> >that for more than 20 years.
> >n3td3v (21:22:59): I don't smell of roses though
> >markiseiden (21:23:11): do you, in fact live in edinburgh?
> >markiseiden (21:23:31): just curious, nice place (last time i was there)
> >n3td3v (21:24:16): I don't want to state my *exact* location
> >n3td3v (21:24:52): edinburgh is the nearest place people know
> >n3td3v (21:25:04): who live out of UK
> >n3td3v (21:25:15): so I say edinburgh
> >markiseiden (21:25:33): but you live someplace rural rather than urban)
> >markiseiden (21:26:16): i was in kyoto a few weeks ago, visiting a
> >friend who lives in a house with rice paper walls and outdoor plumbing
> >(both bath and toilet) ...
> >markiseiden (21:26:29): but he had a fiber connection.
> >n3td3v (21:26:35): I've been to kyoto
> >n3td3v (21:26:51): Thats in Japan right?
> >n3td3v (21:27:00): I backpacked Japan years ago
> >markiseiden (21:27:21): yes.
> >n3td3v (21:27:43): Random people walk upto you because they don't see
> >many westerners
> >n3td3v (21:27:50): and shake your hand
> >n3td3v (21:27:56): Its surreal
> >markiseiden (21:27:59): when backpacking, yes.
> >markiseiden (21:29:26): or bicycling, particularly in the country.
> >(but in japanese cities, there are western tourists everywhere).
> >n3td3v (21:30:00): Yeah that was the case in toyko
> >markiseiden (21:31:23): well, if you can think of someone who is
> >willing to accept a t shirt and get it to you, get in touch.  it will
> >come from an anonymous sender in sunnyvale.
> >n3td3v (21:31:51): Do you work at Yahoo or something?
> >markiseiden (21:32:12): yes
> >n3td3v (21:32:59): Why should I surrender my info, if you want to send
> >it as anonymous sender. Thats not very fair is it. Plus I don't know
> >you yet,a dn how do I know this isn't just a neat trick to get my
> >address
> >n3td3v (21:33:09): I'm not that gullible
> >markiseiden (21:33:11): you could google me for bona fides
> >markiseiden (21:33:22): honestly, i don't think anyone is out to get you.
> >n3td3v (21:33:28): That proves nothing
> >markiseiden (21:33:36): well, nothing proves anything.
> >markiseiden (21:33:53): if you don't want a t shirt, fine.
> >markiseiden (21:34:01): if you do, also, fine.
> >markiseiden (21:34:06): just tell me how to get it to you.
> >n3td3v (21:34:16): You can have a great Google query, and still want
> >my home address or location for some reason, thats not in my best
> >interest
> >markiseiden (21:34:38): look, if you google me you will see i have a
> >reputation for some things, and you could read my postings over the
> >last n years.
> >n3td3v (21:34:57): Even if I set up a POBOX, someone could still sit
> >outside and follow me back to my home or whatever
> >markiseiden (21:35:32): yeah, if you're a terrorist or major criminal
> >someone might do that.
> >n3td3v (21:36:08): Or some insane guy with a grudge who wants to harm you, even
> >n3td3v (21:36:21): I have online enemies
> >n3td3v (21:36:28): I don't know you yet
> >markiseiden (21:36:34): you mistake me for someone who gives a damn.
> >n3td3v (21:36:39): I don't know how sincere your intentions are
> >markiseiden (21:37:13): well, google me and get back if you get a
> >better feeling.  i don't know how else to reassure you.
> >markiseiden (21:37:22): oh, did you go to ccc in berlin earlier this year?
> >markiseiden (21:37:29): over xmas, i mean
> >n3td3v (21:37:32): Whats ccc?
> >markiseiden (21:37:43): chaos computer club/communication conference
> >markiseiden (21:38:00): i guess you only hack yahoo and not in general
> >in europe)
> >n3td3v (21:38:14): Nah, I live my life on a shoe string. I don't have
> >the money to travel around.
> >n3td3v (21:38:19): I don't hack Yahoo
> >n3td3v (21:39:36): Your being pretty forceful before I even know you
> >n3td3v (21:39:58): What team at Yahoo are you at?
> >n3td3v (21:40:04): security?
> >markiseiden (21:40:13): you can if you have a high speed connection
> >see a talk i gave with barry wels at ccc
> >n3td3v (21:40:55): Are you at home right now or on a corporate computer?
> >n3td3v (21:41:06): See, I can ask wierd uncomfortable questions as well
> >markiseiden (21:41:07): home
> >n3td3v (21:41:20): Whats your home address?
> >markiseiden (21:41:24): where would i be on sunday morning
> >n3td3v (21:41:42): I want to send you a t-shirt
> >markiseiden (21:41:50): i have 2 of them but i have a po box and a work address
> >markiseiden (21:42:14): both of which provide a bit of personal separation.
> >n3td3v (21:42:21): I'd rather have your home address, unless your a
> >terrorist or online criminal
> >markiseiden (21:42:34): i said i don't care what address i send it to.
> >markiseiden (21:43:20): do you have a fast enough connection to
> >download a big media file?  let me see if i can find our online ccc
> >talk...
> >n3td3v (21:43:34): I use a DUN connection
> >markiseiden (21:44:18): yikes, well that would never do, it's 500MB.
> >n3td3v (21:45:11): What team at Yahoo are you with
> >n3td3v (21:45:16): security?
> >markiseiden (21:45:54): it's not called that.
> >n3td3v (21:46:09): Whats it called
> >n3td3v (21:46:21): incident response?
> >markiseiden (21:47:10): here's a bio.  you can click on the events
> >link and see the slides.
> >http://www.ccc.de/congress/2004/fahrplan/speaker/162.en.html
> >n3td3v (21:47:44): side dodging a simple question about where you
> >work. you obviously have a hidden agenda
> >markiseiden (21:48:08): i'm a consultant, i work for several places
> >n3td3v (21:48:19): I asked about Yahoo
> >n3td3v (21:48:31): Security advisor for Yahoo?
> >markiseiden (21:48:52): i consult on such things, yeah.
> >n3td3v (21:49:04): So you thought you should become my buddy
> >markiseiden (21:49:38): no, i don't want to be your buddy.  i just
> >want to send you a bloody t shirt, because you seem to be an
> >entertaining irritant, but even that is impossible.
> >markiseiden (21:49:50): actually, it's a clean and new t shirt.
> >n3td3v (21:49:54): If you/Yahoo really want my home address. You have
> >my ISP on your server logs. Contact them with a police reference
> >number, and I'm sure my ISp will release such info
> >markiseiden (21:50:03): too much trouble.
> >markiseiden (21:50:18): we don't really want your home address.
> >n3td3v (21:50:25): No, you mean. I haven't done anything
> >n3td3v (21:50:41): I don't hack Yahoo
> >n3td3v (21:51:42): irritant?
> >n3td3v (21:52:01): What have I done thats annonyed you so much
> >n3td3v (21:52:15): I just help Yahoo when I hear of someone with an exploit
> >n3td3v (21:52:20): and report it
> >n3td3v (21:52:23): thats all
> >markiseiden (21:52:28): in the sense that a grain of sand irritates
> >the oyster into making a pearl.
> >markiseiden (21:53:15): yes, that's my impression also.  your reports
> >are appreciated, when they're clear enough to understand.
> >markiseiden (21:53:24): (particularly)
> >n3td3v (21:55:24): I'm sorry
> >n3td3v (21:55:31): I'm a good guy
> >markiseiden (21:55:35): some of us just thought a t shirt would be a
> >nice thing to do.  apparently not.  sorry for the intrusion.
> >n3td3v (21:55:41): I don't mean to annoy anyone from Yahoo
> >n3td3v (21:57:42): I just wish you would be friendly.. instead of this
> >hostile approach since your first IM
> >markiseiden (21:58:06): look, we've all been doing this for a very
> >long time.  i've worked on the defenses of dozens of people accused of
> >computer crime, and a few prosecutions, too.
> >n3td3v (21:58:26): I'm not a criminal
> >markiseiden (21:58:28): it's impossible to be friendly with you, since
> >you're so suspicious.  it must be a hidden agenda.
> >n3td3v (21:58:52): I don't have a criminal record
> >n3td3v (21:59:10): I've never hacked anything online ever
> >markiseiden (21:59:14): what i was trying to convey, is that i
> >understand why people hack, having done it myself since the 60s.
> >n3td3v (21:59:27): I don't hack
> >markiseiden (21:59:53): okay, okay.  but i do, in the noncriminal
> >sense of the word.
> >n3td3v (22:00:09): I don't in any sense of the word
> >n3td3v (22:00:34): I see people talking about exploits and I report it
> >n3td3v (22:00:38): Thats it
> >n3td3v (22:02:04): Like I say on my website. I study hacker trends and
> >techniques
> >n3td3v (22:02:11): also, I read news articles
> >n3td3v (22:02:14): Thats it
> >n3td3v (22:02:36): I ethically probably know how to hack, but i've never done it
> >markiseiden (22:03:04): well, thanks.
> >n3td3v (22:03:33): You don't need to be a terrorist or online criminal
> >to not want to give out your location/home address
> >n3td3v (22:03:39): over the net
> >n3td3v (22:03:46): Its a pretty average thing
> >markiseiden (22:04:21): look at what i referred you to and get back to
> >me if you change your mind.  if you google me you'll see my email
> >address has been the same as my surname since 1989.
> >n3td3v (22:04:37): Not online don't I know you, but Yahoo Messenger
> >net isn't exactly immune from packet siffing bots
> >n3td3v (22:04:45): not only*
> >n3td3v (22:04:55): sniffing
> >n3td3v (22:05:31): Be serious. The t-shirt is just a tactic to get
> >some info about me
> >markiseiden (22:05:39): not at all.
> >n3td3v (22:05:56): I wasn't born yesterday. I was born 24 years ago
> >markiseiden (22:06:25): too young to be so paranoid.
> >markiseiden (22:07:43): if anyone really wanted to find you, they
> >would offer you something of enough value that you would bite at it.
> >n3td3v (22:07:52): No.
> >n3td3v (22:07:58): I wouldn't bite period
> >n3td3v (22:09:49): What do Yahoo have me labelled as to merit this
> >n3td3v (22:10:14): A random employee contacts me out of the blue
> >trying to know where I live
> >markiseiden (22:10:25): i am not an employee.
> >markiseiden (22:10:33): i don't care where you live.
> >n3td3v (22:10:42): You said you worked for Yahoo
> >markiseiden (22:10:45): i just want to send you a t shirt as a token.
> >markiseiden (22:10:51): i am a consultant, not an employee.
> >n3td3v (22:11:01): a token for what? being an irritant?
> >n3td3v (22:11:25): Usually friends send gifts. Yet you don't even want
> >to be my friend
> >markiseiden (22:11:27): what you do has value and is appreciated.
> >n3td3v (22:11:37): What do I do?
> >markiseiden (22:11:44): reporting bugs and other problems.
> >markiseiden (22:12:21): but if you can't find a way of accepting a
> >token gift, so be it.
> >markiseiden (22:12:29): i can't say anything more on this subject.
> >n3td3v (22:13:52): Your social skills aren't that great are they
> >n3td3v (22:14:29): I already speak to an employee of Yahoo on IM. He
> >is alot more friendly, and not as rude
> >markiseiden (22:14:31): nobody has accused me of having social skills.
> >  but you can look up that i have friends in orkut, friendster, linked
> >in, or the like.
> >markiseiden (22:14:56): i'm not trying to be rude.
> >n3td3v (22:15:19): You've accused me of hacking Yahoo
> >n3td3v (22:15:34): You work for Yahoo security team and want my home address
> >markiseiden (22:15:47): i have not accused you of anything.
> >n3td3v (22:15:48): Those are the facts I know about you so far
> >n3td3v (22:16:04): This is a surreal IM
> >markiseiden (22:16:14): and i don't want your home address.
> >n3td3v (22:16:26): You did until you realised I wasn't falling for it
> >markiseiden (22:16:40): any postal address whatsoever is what i asked for.
> >markiseiden (22:17:05): that will result in your receiving a physical object.
> >n3td3v (22:17:06): I can't do that. I would still be trackable to any
> >malicious stalker
> >markiseiden (22:17:21): why cannot be sent over the net, given current
> >technology.
> >markiseiden (22:17:35): right, a malicious stalker will go after your
> >auntie jane.
> >n3td3v (22:17:43): POBOX's don't offer anonymity. Its the same as
> >using an open proxy.
> >markiseiden (22:18:43): sorry, i have other things to do today, like
> >geeking chickens and talking with my kid about her college plans.
> >n3td3v (22:19:09): Thats why you shouldn't mix your work with your home life
> >markiseiden (22:19:36): to quote yoda, "when you my age are, then you
> >can give me advice"
> >n3td3v (22:19:57): Don't be smart. Age has nothing to do with it
> >n3td3v (22:20:24): A 13 year old could have more skills than a 30 year old
> >n3td3v (22:20:31): With regards to hacking
> >n3td3v (22:20:50): Same for parental issues
> >markiseiden (22:21:11): but with regards to how to conduct one's life,
> >people are entitled to make their own choices.
> >markiseiden (22:21:17): so i've got to go.
> >n3td3v (22:21:21): Thats true
> >markiseiden's status is now "out running errands" (03/04/05 22:21)
> >n3td3v (22:21:49): Come back when you don't bring yourself across as a
> >grade A weirdo
> >markiseiden (22:21:50): out running errands
> >markiseiden (22:22:13): sorry, as a weirdo i'm a lifer.  ask my friends.
> >n3td3v (22:22:35): I'll show this IM to some people I know, and let them decide.
> >markiseiden (22:23:47): as you like.  i hope no trouble will come of it.
> >n3td3v (22:24:05): You might lose your job actually.
> >n3td3v (22:24:19): You never know
> >markiseiden (22:24:20): hah, very funny.
> >n3td3v (22:24:52): Yeah.. I don't have much infulence at Yahoo Inc do I
> >n3td3v (22:25:02): I'm just seen as some kid
> >n3td3v (22:25:06): Thats cool
> >n3td3v (22:28:13): I would love to be able to help you improve
> >security at Yahoo, but you just want my home address.
> >markiseiden (22:28:32): look, before i go, tell me the size of the
> >shirt (unless it's medium)
> >markiseiden (22:28:47): cuz last time we ran out of small and xxl
> >n3td3v (22:29:35): geocities.com/n3td3v/profile.html
> >n3td3v (22:29:55): Thats the only personal info i give out
> >markiseiden (22:30:00): (or not)
> >markiseiden (22:30:24): i have never spent an hour and ten minutes
> >trying to get someone a t shirt before.  you hit my limit.
> >n3td3v (22:30:38): I don't want a t-shirt
> >n3td3v (22:30:43): no offence
> >markiseiden (22:30:51): no offense intended.
> >markiseiden (22:31:04): (or taken, i mean)
> >markiseiden (22:31:19): bye.
> >_______________________________________________
> >Full-Disclosure - We believe in it.
> >Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >Hosted and sponsored by Secunia - http://secunia.com/
> >
> >
> >
> >
> >
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Powered by blists - more mailing lists