lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sat Mar 18 03:45:16 2006
From: mrbabs at gmail.com (MR BABS)
Subject: Yahoo recommends you write down account
	information

I did read them, and this again enforces my point, you guys are just trolls.
Nobody takes you guys seriously.
Provide me with a legitimate situation, in which a 'bad guy' has access to
physically printed out documents, and the mailbox of the user , where he
could not simply either install a keylogger, sniff the passwords off the
network, or get them from the system.
The truth is, yahoo uses this as a way to prevent annoyance. I'd suspect if
they DIDN'T ask for this information n3td3v would be on here claiming that
it was a DoS vulnerability or some comparable bullshit.

Anyways, great troll, but this is an old meme, so lets keep moving the
FDRUIN forward, shall we?

On 3/17/06, n3td3v <n3td3v@...il.com> wrote:
>
> Didn't you read this http://groups.google.com/group/n3td3v/browse_thread/thread/c18d3cb3267fc4a0/0e1a4176301c25c8#0e1a4176301c25c8
>  before you carried out your own sector of trolling? http://groups.google.com/group/n3td3v/browse_thread/thread/c18d3cb3267fc4a0/0e1a4176301c25c8#0e1a4176301c25c8
>
> Please keep politically correct on FD, otherwise, the CERT folks might get
> worried :P
>
>
>
> On 3/18/06, MR BABS <mrbabs@...il.com> wrote:
> >
> > WOW great troll n3td3v you are truly the greatest trolling organization
> > on the earth! I bet you and bantown are cooking up some schemes right now!
> >
> > On 3/16/06, bigdaddyzeroday@...h.ai < bigdaddyzeroday@...h.ai> wrote:
> > >
> > > Do you blow everything out of perportion like this?  How old must
> > > you be to have this attitude.
> > >
> > > On Thu, 16 Mar 2006 15:52:06 -0800 n3td3v group
> > > <system_outage@...oo.com > wrote:
> > > >You're Yahoo's top security advisor, who I talk to every day off
> > > >the record, but you say PEOPLE LIE ABOUT INFORMATION THEY PUT ON
> > > >ONLINE FORMS?
> > > >
> > > >  I think you're missing the point. The account information YAHOO
> > > >ask users to print out is the ACTUAL information on the users
> > > >ACCOUNT table.
> > > >
> > > >  SURE, folks can type COMPLETE crap in their registeration for
> > > >signing upto a Yahoo account, but whatever information is
> > > >submitted to the Yahoo account, it is the TRUE information that
> > > >would give access to that account.
> > > >
> > > >  SO, no matter the trend of users giving BOGUS information to
> > > >sign up for an account, the only people who would print out
> > > >information is people who would have submitted TRUE information.
> > > >Otherwise, why would they print out info they knew was bogus?
> > > >
> > > >  MARK, you're Yahoo's top security advisor, and I respect you off
> > >
> > > >the record, but coming on here trying to defend Yahoo's sec pros
> > > >for getting it totally wrong in their CONTRADICTION between sites
> > > >is totally wrong.
> > > >
> > > >  Yahoo said the wording  "DONT WRITE DOWN YOUR PASSWORD" but on
> > > >the registeration proceedure it says "YAHOO RECOMMEND YOU WRITE
> > > >DOWN YOUR ACCOUNT INFORMATION"
> > > >
> > > >  YOU AS YAHOO SECURITY ADVISOR NEED TO ADMIT "YAHOO" AS A
> > > >CORPORATION GOT IT WRONG.
> > > >
> > > >  I speak to you every day off list, but going off on your own
> > > >crusade won't make the rest of the Yahoo security team like you
> > > >better.
> > > >
> > > >  SEE YOU OFF LIST SEIDEN.
> > > >
> > > >  Sorry to everyone else, this is part of an off list argument
> > > >that Yahoo's top advisor can't get a grip of.
> > > >
> > > >  (How did you become Yahoo's top security advisor? :P)
> > > >  SEE YOU OFF LIST
> > > >  Bye
> > > >
> > > >
> > > >
> > > >
> > > >   mis@...den.com wrote:
> > > >    a certain number of people lie about their birthdate and
> > > >zipcode, or
> > > >they forget just what they lied about, or move from place to
> > > >place and forgot where they lived when they registered,
> > > >and they don't have a working alternate email address.
> > > >
> > > >
> > > >---------------------------------
> > > > Yahoo! Mail
> > > > Use Photomail to share photos without annoying attachments.
> > >
> > >
> > >
> > > Concerned about your privacy? Instantly send FREE secure email, no
> > > account required
> > > http://www.hushmail.com/send?l=480
> > >
> > > Get the best prices on SSL certificates from Hushmail
> > > https://www.hushssl.com?l=485 <https://www.hushssl.com/?l=485>
> > >
> > > _______________________________________________
> > > Full-Disclosure - We believe in it.
> > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > > Hosted and sponsored by Secunia - http://secunia.com/
> > >
> >
> >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
> >
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060317/f10fdc85/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ