lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Mon, 17 Mar 2014 14:09:41 +0000
From: Pedro Ribeiro <pedrib@...il.com>
To: Źmicier Januszkiewicz <gauri@....by>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Fwd: Google vulnerabilities with PoC

On 17 Mar 2014 13:39, "Źmicier Januszkiewicz" <gauri@....by> wrote:
>
> Especially considering that all three use Tor to post on the list. I
wonder why.
> Other header/content details can be interesting as well...
>

Good catch, I didn't even remember checking the headers.
Have a look at the comments posted in the softpedia article - I can smell
more dirty socks in there.

And for even more fun read his interview:
http://m.softpedia.com/softpedia-interview-nicholas-lemonias-on-satellite-communication-vulnerabilities-420589.html

He even posted it to this list but no one noticed it:
http://marc.info/?l=full-disclosure&m=139076233105401&w=2

>
> 2014-03-17 10:24 GMT+01:00 Pedro Ribeiro <pedrib@...il.com>:
> >
> > On 16 Mar 2014 23:36, "T Imbrahim" <TImbrahim@...hemail.com> wrote:
> >>
> >> The thread read Google vulnerabilities with PoC. From my understanding
 it
> >> was a RFI vulnerability on YouTube, and I voiced my support that this
is a
> >> vulnerability.
> >>
> >> I also explained a JSON Hijacking case as a follow up, and you said you
> >> didn't follow.  So I am just saying that treating security that way,
there
> >> are other parties like NSA who welcome them happily.
> >>
> >
> > I think these guys - Alfred, Kirschbaum and Imbrahim are the OP's sock
> > puppets.
> >
> > They are all first time posters from unusual free email providers
jumping to
> > defend the OP out of nowhere. If you search Google for their emails you
only
> > find references to this thread.
> >
> > They present similar (false and /or incorrect) arguments, talk about
their
> > extensive work experience, bash Google and its security team and send
> > repeated emails with exactly the same text.
> >
> > This is turning into a madhouse... I hope this guy doesn't have access
to a
> > gun.
> >
> > Regards
> > Pedro
> >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ