lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri May 27 14:51:39 2005
From: barrie at reboot-robot.net (Barrie Dempster)
Subject: Not even the NSA can get it right

Absolutely spot-on Dan,

My original posting was merely a link to an area of a page where someone
made a mistake, it's not a threat to US National Security in any big
way, the NSA don't give a damn about it. It's just a mistake made by a
developer on their public website, there are worse mistakes on that site
too, for anyone bored enough to go look.

The only people that care enough are defacers looking for a bit of fame.
No one with a life spends time trawling the NSA's website for trivial
errors, if you want to hack the NSA and you think their webserver is a
good place to start, you just might be out of your depth a little.

It wasn't supposed to spark a debate about what the NSA know, don't
know, would like to know, invented, stole or dreamed about. Although
that was probably my error, bringing it up in the first place, I should
have known there would be a tinfoil responses

I was in Nelson from the Simpsons mode and felt like I had to say
"HA-HA!" in public.

Anyone that thinks it's a honeypot is a nutter, if it was a honeypot as
Dan says its a very badly thought out one.

Just relax and feel safe in the knowledge that governments employ people
that make mistakes (there's a startling revelation!! :-P), point it out
to your next client so that it helps you get a contract or something.
Just don't come on FD and scream conspiracy though, because I've heard
them all and I'm the ringleader of most of them :-P.

BTW, I sell enhanced tinfoil very cheap, we all know that with simple
XSS regular tin foil is rendered useless!

Buy your enhanced tin foil now, it has built-in XSS protection!

On Thu, 2005-05-26 at 16:31 -0400, Dan Margolis wrote:
> {Lot's of snipped out but extremely well said and utterly correct opinion}

-- 
With Regards..
Barrie Dempster (zeedo) - Fortiter et Strenue

blog: http://zeedo.blogspot.com
site: http://www.bsrf.org.uk

[ gpg --recv-keys --keyserver www.keyserver.net 0x96025FD0 ]

"He who hingeth aboot, geteth hee-haw" Victor - Still Game

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ