lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sun Jun  4 17:41:05 2006
From: n3td3v at gmail.com (n3td3v)
Subject: breaking news tools,
	for an ever changing community

On 6/4/06, A.L.M.Buxey@...ro.ac.uk <A.L.M.Buxey@...ro.ac.uk> wrote:
> Hi,
>
> > When you signup for a n3td3v account, your account will be binded with
> > your IP address, and you will only be able to access your account with
> > that IP address unique address. If you try and access your account on
> > an IP address you didn't sign-up with, you'll be denied access to your
> > account.
>
> er, thats a bit of a crap idea. I access the internet from several dozen
> different IPs daily. Either through home, work, the cafe down the road,
> the town centre wifi, my friends houses etc.  Binding to a single
> IP address is a stupid idea which I thought still only worked in the
> minds of some database/science journal people who dont 'get' the internet
>
> alan
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Your account will be unique to one machine, if you wish to 'roam'
you'll need to create an account per machine you roam with. A n3td3v
account will be a viotile throw-away account, only used to save
messages upto 30days and to setup personal preferences. In today's
world its all too easy to break into website accounts. With our
security, you setup an account perhost. Thats why it will be important
to choose the machine you'll access your account with wisely.
Attackers won't be able to spoof your machine address, as it will be
encrypted on our servers, and you will only get access when you
handshake the key on our server, with your host. Right now, I have two
accounts setup, one for home and one for public terminals, this makes
sure the intelligence services can't data mine information from me.
What is done at home isn't the same as whats done on public computers,
and thats why I always have account's on the internet per machine. Its
what i've been doing for years, its second nature for me, and thats
why i'm incorporating it into the website design. If you don't agree
with this, then you aren't a real hacker, because real hackers already
have accounts setup per machine, so having my website setup like this
is nothing new for a hacker, it just makes sure you don't make a
mistake and login from a different machine to your account by mistake,
and also keeps the account secure from anti-n3td3v hackers.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ