lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sat, 22 Sep 2007 10:03:25 -0500
From: "Joel R. Helgeson" <joel@...geson.com>
To: "'worried security'" <worriedsecurity@...glemail.com>,
	<full-disclosure@...ts.grok.org.uk>
Subject: Re: Gadi Evron strikes again

Everyone knows who Gadi is, so by definition, Gadi *is* high profile.

I happen to agree with Gadi, that a 0day is the day an EXPLOIT is RELEASED,
where such exploit also serves as the ONLY vendor notification of a bug
being discovered. Every adult on this list understands the definition, but
the kids can't seem to grasp the not-so-subtle nuance  between a 0day and
the discovery of a bug in someone else's code.

This supposedly serious disclosure you refer to is a non-event, there was a
"press release" about a supposedly serious flaw in PDF, there were no
details, so therefore it doesn't even count as disclosure of a
vulnerability.

 

-joel

 

 

From: full-disclosure-bounces@...ts.grok.org.uk
[mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of worried
security
Sent: Saturday, September 22, 2007 8:11 AM
To: full-disclosure@...ts.grok.org.uk
Subject: [Full-disclosure] Gadi Evron strikes again

 

Who seen Gadi Evron on the mailing lists trolling about what a 0day is and
what a 0day isn't, in the middle of a serious disclosure about a PDF flaw?

 

Hilarious.

 

Well, just incase you missed it, here it is again...

 

http://seclists.org/bugtraq/2007/Sep/0229.html

 

And this guy wants to be a high profile guy at the forefront of information
security discussion?

 

lolzers.

 

Script kiddos unite behind the big man Evron.

 

He leads, where the rest of us follow.

 

And he comes on the lists complaining people are mimicing his e-mail
addresses and calling him a dick. *I wonder why?*

 

Its funny, he strongly keeps an eye on Funsec mailing list and keeps
everyone in check,Yet, he has a total disregard for "quality control" else
where, especially on Bugtraq!!!!!!!!

 

My question is "Who is Gadi Evron?".

 

This guy you would think would add something special to a discussion, but he
doesn't, and you know what I know his excuse is? He is keeping his knowledge
secret so bad guys can't learn from his knowledge. 

 

lolzers Gadi Evron.

 

The truth is, Gadi just wants to make sure his name and e-mail address is in
every major flaw disclosure, no matter how lame the comment is, just as long
as his name and e-mail is in high profile disclosures, then Gadi Evron can
sleep at night. 

 

Thanks Gadi!!! My hero.

 

Bugtraq is moderated for a reason, so Bugtraq moderators, start moderating
it!!! Symantec arsewipes.

 

Securityfocus, no really, why are you allowing Gadi Evron troll on such a
high profile respected moderated list? Gadi's comment mentioned above was a
true breach of the rules, so start moderating his comments more in future. 

 

Leave the trolling for F-D Gadi, Bugtraq readers don't want to see your shit
in future, and Bugtraq moderators, actually read what Gadi Evron is posting
in future, instead of just reading the name and sender and approving the
message without actually reading the body. 

 

*Oh its Gadi, its automatically approved*

 

Lets look at Bugtraq's description:

 

"BugTraq is a full disclosure moderated mailing list for the *detailed*
discussion and announcement of computer security vulnerabilities: what they
are, how to exploit them, and how to fix them. "
http://www.securityfocus.com/archive/1/description#0.1.1

 

lolzers, Bugtraq moderators don't read thier own shit or inforce it!

 

Someone snip a bit of that description that gives Gadi right of way to troll
on Bugtraq in the middle of serious flaw disclosures!!!!!

 

Gadi, seriously f**king learn about the stuff you read , so you can actually
input into the threads and help with the topic infront of you, instead of
random off-topic messages about what defines a 0-day and what doesn't. 

 

Why didn't you start your own thread on Bugtraq about "what is a 0-day?",
because they wouldn't let you!!!! Instead you sneak your shit into high
profile threads, to get a name for yourself.

 

Your conversation, as always Gadi, is best suited for Full-Disclosure or
security-basics, so get the f*** off Bugtraq you idiot.


Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ