lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 20 May 2008 21:16:22 -0400
From: Valdis.Kletnieks@...edu
To: n3td3v <xploitable@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: n3td3v says don't let EUSecWest Cisco IOS
	presentation go ahead

On Wed, 21 May 2008 01:48:21 BST, n3td3v said:

> This is a last minute plea to MI5, the UK Security Service to stop
> this presentation going ahead.
> 
> I will hold you responsible in later threads if n3td3v and Gadi
> Evron's fears become reality.
> 
> The Security Service (MI5) is responsible for protecting the United
> Kingdom against threats to national security. This website provides
> information about the Security Service, the threats it counters, links
> to sources of security advice and details of careers with the Service.
> http://www.mi5.gov.uk/

Has it ever occurred to you that *maybe* MI5 is fully aware of the situation,
and thinks that the best way to improve security is to let the talk happen?

If he gives the talk, the trade rags will cover it, the C-levels that pay
attention to the trade rags will get on the case of the Chief Info Officer,
who will lean on their chief networking guys To Do Something About It, Dammit,
and if the routers weren't secured to BCP before, they hopefully will be.

If the talk doesn't happen, the C-levels don't see it in the trade rags, they
don't lean on the CIO, who doesn't lean on the networking guys, who go off and
deal with whatever *other* problem they have to deal with (like why their BGP
feeds keep creating BGP Wedgies at two remote sites, or why they're having
performance issues on one of their trans-ocean lines, or...) , and the company
gets pwned by somebody with a rootkit.



Content of type "application/pgp-signature" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ