lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 1 Feb 2010 00:15:33 +0000
From: "Thor (Hammer of God)" <Thor@...merofgod.com>
To: "Fabio Pietrosanti (naif)" <lists@...osecurity.ch>
Cc: full-disclosure <full-disclosure@...ts.grok.org.uk>
Subject: Re: Evidence of fake security research from
 SecurStar	GmbH

Ah, 3 copy and paste articles.  OK.

t

From: Fabio Pietrosanti (naif) [mailto:lists@...osecurity.ch]
Sent: Sunday, January 31, 2010 4:05 PM
To: Thor (Hammer of God)
Cc: full-disclosure
Subject: Re: [Full-disclosure] Evidence of fake security research from SecurStar GmbH

Infosecurity Magazine was cheated:
InfoSecurity Magazine<http://www.infosecurity-magazine.com/view/6826/many-voice-encryption-systems-are-hackable-says-anonymous-researcher/>

The Register was cheated:
The Register<http://www.theregister.co.uk/2010/01/29/voice_crypto_cracks/>

Network World was cheated:
Network World<http://www.networkworld.com/news/2010/012810-leading-voice-encryption-programs-hacked.html>

And a if you read on google there was a lot of media coverage.

They was very smart to arrange that Psycological operations, unfortunately for them they was discovered not being able to preserve their anonymity behind the anonymous http://infosecurityguard.com website .

Fabio Pietrosanti (naif)

On 01/feb/10, at 00:48, Thor (Hammer of God) wrote:


What journalists, bloggers, and security magazines?  I've not seen anything about these people anywhere.

t

From: full-disclosure-bounces@...ts.grok.org.uk<mailto:full-disclosure-bounces@...ts.grok.org.uk> [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of Fabio Pietrosanti
Sent: Sunday, January 31, 2010 3:41 PM
To: full-disclosure
Subject: [Full-disclosure] Evidence of fake security research from SecurStar GmbH

Ok, now we have the evidence: The research was a fake security research arranged for a marketing campaign.

They was able cheat most journalists, bloggers and security magazines.

I don't remember in all my life a so irresponsible and dirty marketing trick in the security world, abusing of hackers reputations.

Read below, they leaked the IP of the anonymous author of http://infosecurityguard.com and it's confirmed that it come from SecurStar GmbH office:

Evidence that infosecurityguard.com/notrax is SecurStar GmbH - A fake independent research on voice crypto<http://infosecurity.ch/20100201/evidence-that-infosecurityguard-comnotrax-is-securstar-gmbh-a-fake-independent-research-on-voice-crypto/> (by me)
Dishonest security: The SecurStart GmbH case<http://infosecurity.ch/20100201/dishonest-security-the-securstart-gmbh-case/> (by me)
Debunking Infosecurityguard identity<http://www.lastknight.com/2010/01/31/debunking-infosecurityguard-com-identity/> from Matteo Flora .

It's hilarious and unbelievable that a security company had done something like this.

Fabio Pietrosanti (naif)

On 30/gen/10, at 15:51, Fabio Pietrosanti (naif) wrote:



Hi all,

i don't know how many of you have read about the analysis done on http://infosecurityguard.com .

I have made a detailed analysis of their initiative and the result is that:

- it's most probably a camouflage marketing initiative and not a independent security research
- they consider a security context where local device has been compromised (no software can be secured in that case)
- they do not consider cryptographic security arguments

Below my analysis on this (read it carefully):

http://infosecurity.ch

Maybe it's interesting, maybe not, but for sure some facts are very relevant!

Fabio Pietrosanti (naif)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists