lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 24 Dec 2010 14:11:11 -0500
From: Gary Baribault <gary@...ibault.net>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: how i stopped worrying and loved the backdoor

Well that makes one of you!!! ;-)

Gary B


On 12/24/2010 09:18 AM, McGhee, Eddie wrote:
> I is Love musntlive.
>
> -----Original Message-----
> From: full-disclosure-bounces@...ts.grok.org.uk
[mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of ????????
??????????
> Sent: 24 December 2010 13:05
> To: coderman
> Cc: full-disclosure@...ts.grok.org.uk; mickey@...ifer.net
> Subject: Re: [Full-disclosure] how i stopped worrying and loved the
backdoor
>
> Hello full disclosure!!!
>
> I'd like to warn you about many things but not bucketing. However is
you must read and not be troll for you is to understand this for your
own. musntlive cannot be all everyone's guide to common sense.
>
> "A Provably Secure And Efficient Countermeasure Against Timing Attacks"
> http://eprint.iacr.org/2009/089.pdf
>
> "Vulnerability Bounds and Leakage Resilience of Blinded Cryptography
under Timing Attacks"
> http://users.cis.fiu.edu/~smithg/papers/csf10.pdf
>
> In is musntlive's interpretation is everyone miss OpenBSD big picturuski:
>
> a1) Hiding in plain sight
> a2) Developer Deception
>
> Is musntlive establish (proven: this is not theory) that developers
lied all along. So while is many cry troll, musntlive laugh and think of
Cassandra.
>
> b1) Is OpenBSD not audit anything otherwise this not happen
> b2) For those trolls (Schmehl) who state: `Someone would have caught
it` - they is forget that crypto is highly specialized and is all a part
of the corruption machine, there is none to catch [is see Juvenal quote
who watching watchers]
> b3) We is now privy to see how Theo via foreign financial accounts is
tied into this - he can disprove this is he like but he is likely stay shut
> b4) Theo is come clean not to show public `I come clean I not know` but
more is to say `is I come clean before is beans spilled, everyone is
believe me`
>
> [Response a1] Is because crypto implementation very hard is difficult
for to someone to audit is code. In normal programming a simple operator
can is change the entire game. Is difference between < and is say > is
all one need. For this we is now take into account 'salami attacks' (do
not is say musntlive not warn you)
>
> [Response a2] Is everyone forget KGII (key goal is indicators) of
everything. Money is talk (see b3) and when is everyone is on the same
ledger[payroll] and is give geek dream job of one being superspyman,
egos run stupid. Geeks is like Jason is stupid for to government say:
> "Give is stupid nerd some Mountain Dew, mousepad, new laptop, he ours!"
versus old school "he is wants Ferrari, cash and ladies" (see Mafiosi
requirements for cash).
>
> When money is motivator is one be surprised at what someone is capable
of is... is. Is everyone too stupid to remember this or do everyone is
believe no one is above corruption particularisly "FOSS" developers.
> (I is pity you is you think this)
>
> [Response b1] Is who will come clean when all is dirty on the developer
team. 3 people on code all on the same covert team and is one head
honchoruski (Theo see b3) is getting kickbacks in covert accounts
>
> [Response b2] For Paul Schmehl and other trolls I is like to introduce
you to is Cassandra Complex
> http://en.wikipedia.org/wiki/Cassandra_(metaphor)
>
> [Response b3] http://www.youtube.com/watch?v=bjZRAvsZf1g
>
> [Response b4] Theo is not to be believed on this whole matter see
Cassandra Complex
>
>
> Happy Merry Jolly and is Merry Happy New Year.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>


Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ