lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: hellnbak at nmrc.org (hellNbak)
Subject: Of course you guys support full-disclosure

On Sun, 25 Aug 2002 rfp_the_ripper@...hmail.com wrote:

> members. Gweeds was misassociated by Thomas Greene
> who learned that Gweeds had a shell on eurocompton.net,
> which is not an ~el8 machine (one of its users merely
> provided an ~el8 mirror and hosted the PHC site there).
> A lot of people have a shell have this machine; it's like
> an EFNet hobbiton.org. Silvio misrepresented ~el8
> at Defcon by wearing an ~el8 t-shirt. If you saw the
> greyhat-IS-whitehat.txt on the PHC website, you'd learn
> that silvio from Qualys was named an ~el8 poser.

It is pretty easy to say "Oh that guy isn't a member -- he just wore a
t-shirt."  But, we all know where JimJones worked until he returned to
school (or whatever) and perception can be everything these days..... so
standing on a stage wearing a t-shirt preaching the word of el8/PHC makes
a pretty convincing argument doesn't it?

> I hear the ezine is published by one or two guys.

OK, well that is different than what I have heard/been told.  But does
anyone really care?

> You ran your mouth to Brian McWilliams for his Wired
> article, making that comment about them not being scriptkids,
> and then when attacked for that comment on this list,
> you informed us that you have worked with these guys in the
> past and know their skillset. Yet, why is it that no ~el8
> member knows you as being anything more than The VulnWatch
> Guy or The NMRC Guy?

This was based on the assumption that various people who claim to be
PHC/el8/Project Mayhem are actually that.  Seeing how no one is willing to
stand up and use their real names (no balls?) I have to base this on who I
consider and who I have been told is part of this so called "movement".

But, my overall assessment of who I think is in el8/PHC/Project Mayhem, is
that a lot of them are not script kiddies.

> If, on the other hand, you wish to concede that you're
> merely pretending to know these guys or that you have
> been misinformed, then that's fine with me.

If I have been misinformed then great, correct me, who is in el8?  Who is
in PHC?  Who cares?

> P.S. Making money by doing what you enjoy does not make
> doing what you enjoy morally right. I doubt even a hitman
> would justify his criminal acts by saying such a thing.

I never said it made it morally right.  But I am not the one running
around trying to own boxes and embarrass people.  I am the one trying to
prevent it from happening.

> I must also ask... if the security world has accomplished
> so much in the last decade other than arming scriptkids and
> cashing in on self-fulfilling prophecies, then why are the
> hack logs of iss.net, securityfocus.com, bindview.com,
> openwall.com, snort.org, and some individuals not worth
> mentioning... awaiting publication in ~el8[4] ?

Again, lets see them -- lets see the proof.  You are quick to call me out
and say that I am mearly pretending or misinformed (which I admit I might
be misinformed) yet all I have seen here is all kinds of FUD being created
by the el8/PHC people.  And you say the security industry is bad for FUD
generation...............  :-)




-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

"I don't intend to offend, I offend with my intent"

hellNbak@...c.org
http://www.nmrc.org/~hellnbak

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ