lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri Jun 23 15:08:03 2006 From: internationalhackers at googlemail.com (internationalhackers) Subject: researchers want slice of profit and vow pull out of mailing list disclosures == part one of 2 john cartwright rejected our post to the full-disclosure mailing list in reply to the 'multiple yahoo vulnerability' advisory don't be fooled by the unmoderated condition of the list, john cartwright has both our e-mail accounts on moderation. we're not mentioning our alias, so we can beat the procmail filters, which have been setup by nasty individuals who constantly post to the list complaining about our posts, on an 'unmoderated mailing list'. yahoo cookies use a rot system, the cookies are not designed to have stealth encryption. (this was a bogus claim) yahoo url redirection web address is designed to add externally hosted url's to the end of the rd yahoo domain address. yahoo is contantly sent e-mail about the rd yahoo claim, and yahoo just need to shrug it off. google in turn have an identical url redirection system, where the purpose like the yahoo system is to gather stats on url's post on yahoo and google web applications by its users. (this claim was a bogus) the only justified claim was your yahoo cross site scripting claim, well done. i ask you now, the author, to re-publish your advisory. we'll leave it upto the fd readers to tell everyone who this is, so you can be procmail trapped and not our messages. we're not really international hackers per say, we only used this address using common keywords which users won't be able to filter without trapping other e-mail with it. see our googlepages site if you are a corporate user == part two of 2 if you are a mailing list reader, see our mailing list onecare still vulnerable cisco systems still vulnerable we know the technical reason why yahoo login servers were down for ten hours during the the night of tuesday and morning of wednesday. and lots more that you fd readers don't know about, yet john cartwright has moderated two our our mail addresses. this is ment to be full disclosure people, how can it be if we're having to change e-mail just to post our intelligence on corporate security? you can tell the ones who aren't hackers on this list, because all they do is whinge about the content of the list, and ask for 'support on how to setup 'thunderbird' filters. saltzer (check spelling) from the sans handlers dairy thought he was funny asking if our web site would be 'web 2.0' compatible', i didn't know it was the task of on-duty sans people to troll and provoke cyber attacks, by trolling on the mailing lists they monitor and write up on in their dairy(?) symantec and others are making millions of dollars a year from selling security products, hackers are aware of this, and we don't like to post our vulnerabilities to a public mailing list, where symantec and others can cash in. our policy is to go to the vendor direct, and then ask that vendor, never to realease public information of our disclosure, so that sans, symantec etc cannot report on it and as a knock on effect, make money. our policy isn't anti-vendor, its just anti people getting rich from our own research, where symantec become millionaires, while the hackers are left with a hole in their pocket, driving working-class cars and struggling to bring up a family and make a living. do you think thats right morally? we sure don;t thats why we're been in touch with the world's security researchers and askign them not to post information to public mailing lists, and to encourage others to do the same. we have massive support from our corporate, small business and home user contacts off this list. in our eyes its not about compromising security, its about giving credit where its due (on a money agenda, not just to have your name at the bottom of an advisory anymore) times are changing, it isn't about posting to fd and having your name attached to your advisory anymore, its about protecing your work financially from symantec and the other big money makers. -- end -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060623/b2380a37/attachment.html
Powered by blists - more mailing lists