lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 9 Apr 2008 17:49:05 +0100
From: n3td3v <xploitable@...il.com>
To: full-disclosure@...ts.grok.org.uk, n3td3v <n3td3v@...glegroups.com>
Subject: Re: n3td3v has a fan

On Wed, Apr 9, 2008 at 8:06 AM,  <malix@...h.com> wrote:
> First, learn the proper use of the English language before choosing
> to mouth off with it.

People think english and spelling matters, but its what you say that
counts not the way you say it.

This is a concept many have failed to grasp in recent times.

For instance, I went on Cnet News last night and told them about
offline machines:

Connected to the internet?: reader comment from n3td3v

Posted on: April 8, 2008, 8:10 PM PDT
Story: Breaking into a power station in 3 easy steps

Computers don't need to be connected to the internet to get infected
with the latest and greatest zero-day, someone, a rogue employee
downloads code from the internet or makes his own, then uploads it to
his memory key, then walks into power station, plugs it in with the
intent to infect and hey presto, your infrastructure gets compromised.
Valuable lesson: _ALL_ your computers need to be patched against the
latest zero-day threats, not just online ones BUT offline systems too.
Even computers which will NEVER have an internet connection _still_
need to be patched. The threat from rogue employees and the inside job
is far greater than an internet facing computer. Is anyone listening?
I've been repeating this for years, the internet isn't the threat, the
real number one threat to cyber security is the inside job. Got the
message yet? The national infrastructure terrorists want to attack is
*permanently offline* and the terrorists know this, but what they also
know is those offline systems are *permanently unpatched* because the
administrators think the bugs being released by security researchers
on-the-internet won't touch offline-machines, think again. The
terrorists aren't trying to hit your internet facing stuff, they are
far more interested in going after your offline machines, as these are
the most important ones. All the best, n3td3v.

http://www.news.com/5208-10784_3-0.html?forumID=2&threadID=36712&messageID=396611

[/snip]

Now it may look like the above isn't written correctly, but I think I
got my point across pretty well.
Weather the english, grammar, spell checker police take it seriously
is another matter. ;)

My online friend who worked in the US Navy for 6 years in cyber
security said I should have wrote it like this:

---------- Forwarded message ----------
From: Chris Mills <E-mail Removed>
Date: Wed, Apr 9, 2008 at 5:07 AM
Subject: Try this
To: xploitable@...il.com

Computers don't need to be connected to the internet to get infected
with the latest and greatest zero-day malware.

Insiders are one of the greatest threats to any enterprise: business
or government.

Consider This:
An employee with any amount of access can download code from the
internet or make his or her own. With a simple copy to his USB memory
key, he then walks into power station, plugs it in with the intent to
cause harm. An unpatched, offline system IS vulnerable.

Valuable lesson:
All your computer systems are vulnerable. They all need to be patched
against the latest threats, just as you would patch your internet
connected devices.
Even computers which will never  have an internet connection still
need to be patched. The threat from rogue employees and the inside job
is far greater than an internet facing computer. This has been seen
over and over in news articles and threat reports published by the top
security companies.
The national infrastructure terrorists want to attack is permanently
offline and the terrorists know this, but what they also know is those
offline systems are permanently unpatched because the administrators
think the bugs being released by security researchers on the internet
won't touch offline-machines. This is a dangerous assumption on the
part of security administrators. The terrorists aren't trying to hit
internet facing devices, they are far more interested in going after
offline machines which control far more important devices. This is
their gold mine.

All the best, n3td3v.

[/snip]

But I don't agree with him because its not got the same punch and passion.

Regards,

n3td3v

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ