| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 28 Jul 2006 17:27:40 -0500 From: "J. Oquendo" <sil@...iltrated.net> To: n3td3v <xploitable@...il.com> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: Securityfocus fall for n3td3v agenda to show up the security company On Fri, 28 Jul 2006, n3td3v wrote: > I have socially engineered him for what his company is worth, nothing > but drama queens who pretend theres a XSS worm threat when there > isn't. Socially engineered what. You seem to think 1) You have a half clue 2) someone give's a rat's rear what comes out of your mouth. > The only worm ever to appear with XSS was a harmless Myspace worm, yet > both companies are saying things are critical and that the internet is > rife with wormable XSS flaws, just to advertise to any would-be > attacker who didn't know, to make sure they know now. This entire paragraph makes no sense. Summarized you said: "They're telling terrorist that other terrorists commit horrible actions in case the terrorists don't know, or don't know how to commit horrible acts" > There wasn't originally a threat in reality, but you can be sure > they've just created a threat by talking up the attack vector of XSS > worms on social network sites. And you're the security expert who knows that for a fact, there are not XSS vulnerabilities already being exploited. You must be psychic and have never heard of the terms "0-day" or private. > You can bet they'll be an XSS worm on a social network doing something > malicious in the next 6 to 12 months now, and you have F-Secure and > Securityfocus to thank. I'll one up you on this... A multicast worm coming soon to a theater near you. Exploiting anyone in a listening multicast group. Forget XSS. Its for kiddiots with too much time on their hands looking to redirect my cookies. > I conclude to say this is proof theres no moral responsibility in > security news journalism anymore, if there ever was any, and this > needs to change and fast. What needs to change fast is moronic posts from you to this list. Do you know how many messages I have to sift through in a day. This was only answered because I sit here shaking my head wondering who will be the one to hit you with a clue stick. > Theres nothing we can do now, the damage has been done, we can only > hope and pray the worst doesn't occur, a fully fledged malicious XSS > worm on a social networking web site. Firstly, its been established that the Brazilians (que fas!) have been exploiting XSS worms in Orkut for some time so what makes you think other sites haven't been hit up. Secondly, "security news" sites have always been crapaganda factories for the duration of Internet time. They do what they do best, and that's hype up news for traffic. Take a "news" site with something vested in the background and you've got one hell of a crapaganda selling machine. Nothing new to computer security or the world in general. Thirdly, since I wanted to be a pain, to those "on the scene" for some time... I will likely be doing up AntiOffline in the last quarter of this year. Same format as before... No BS news interviews and maybe some "chicks". Netdev/n3td3v/n3td0rk/whatever... You need to pipe it down a bit, pick up some books and do some heavy reading. Your posts are full/fool (Bushism) of retardedness. -- =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ J. Oquendo http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743 sil infiltrated . net http://www.infiltrated.net "How a man plays the game shows something of his character - how he loses shows all" - Mr. Luckey _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists