lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 1 Dec 2008 12:50:56 -0600
From: "Joel Helgeson" <joel@...geson.com>
To: "Some Guy Posting To Full Disclosure" <fd.leach@...glemail.com>,
	<full-disclosure@...ts.grok.org.uk>
Subject: Re: Security industry software license

I agree - the biggest BS term in existence is the term "Cyberterror".  If my 
web server crashes, is it the result of a Jihadist? Do I care?

There is no such thing as a cyberterrorist. Need proof? Answer me this:
If a militant Jihadist takes down the US Power Grid via a "Cyber Attack", 
will he get his 72 virgins on MySpace?

This is based on the assumption that one could find 72 Virgins on MySpace, 
and those claiming to be so are not pederasts themselves or FBI agents... 
nevertheless.

Look at the methodology behind the Militant Salafic Jihadist movement; it is 
kill or convert in order to attain the highest order of glory in heaven. 
There is no caveat in place for crashing servers. The motivation behind a 
Jihadi hacker and a punk criminal hacker is exactly the same, to either 
cause malicious harm - because they can - or to gain money.

End of issue.


----- Original Message ----- 
From: "Some Guy Posting To Full Disclosure" <fd.leach@...glemail.com>
To: <full-disclosure@...ts.grok.org.uk>
Sent: Saturday, November 29, 2008 7:07 PM
Subject: Re: [Full-disclosure] Security industry software license


> Just to summarise what's been said and what I think so we can get back
> on topic, and conclude something:
>
> No-one hacks using metasploit! Go back to 2003.
> Terrorists with metasploit! What to you have a picture in your head of
> Mr. Jihad Bigbeard using metasploit to shutdown a powergrid?
>
> Reasons Why It's Hard to archive:
> - It violates freedom.
> - It's hard to enforce without: invading privacy, expending too much
> money/resources.
> - Most writers of these tools won't want to have to do this (most
> writers of security tools are hackers, you-know: back orifice, pinch,
> exploit kits, phising kits, malware creation kits, the entire contents
> of milworm, bots, THCs Hydra... it goes on.
> - Geographical constraints. All governments doing the exact same
> thing at the same time? Or one organisation forcing it onto the net
> (with no power to put people in jail or anything).
> - You cant/shouldn't moderate the internet.
>
> Reasons Why It's Pointlessly ineffective:
> - Piratebay.
> - People writing tools intended for hackers.
> - The massive number of tools that you'd have to moderate to be effective.
> - If not everything is a dangerous security tool then it's reduced in
> effectiveness.
> - Most big hacks you see don't take many tools. Like a big database
> being dumped with a browser/scripts.
> - You don't solve the problem, at all. Maybe reduce it a little.
>
>
> Reasons Why It Wouldn't Happen:
> - Most developed western governments like to keep they're 1984 "I'm
> watching you" crap behind the curtains.
> - Most governments only do these things because something bad
> happened and they have to make up a law to cover their asses, or
> something bigger than your rapidshare passes is at stake.
> - I'd protest - I'd go to my countries(UK) capital and march in protest!
>
> Reasons Why It Sucks:
> - It violates freedom (programs are intellectual property - you can't
> do that kind of thing to them and call it nice).
> - It would ruin the internet and break a load of enthusiastic geeks' 
> harts.
> - It would force the underground hackers deeper underground.
> - It would discourage security professionals.
>
> Pointless things that people mentioned that made them look like a
> child in front of a shit load of subscribers:
> - Personal comments.
> - Attacks at the way someone writes something instead of what they write 
> about.
>
> Questions for to think about/answer:
> - Would you deserve a license. Really? (me: NO!)
> - Would you wish you had one. (me; yeh!)
> - How many of the tools that'd be outlawed have you already written
> an equivalent of? (me: loads).
> - If you had to outlaw things, would you outlaw tor? (me: I don't wanna!)
>
>
> It's a silly idea.
> Final Question:
> - Are we finished? Is it over? Is it established that it's a bad idea now?
>
> -- 
> I'm your best best friend.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/ 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ