lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <200209201644.g8KGitN95637@mailserver2.hushmail.com>
From: empirical at hushmail.com (empirical@...hmail.com)
Subject: RE:  EMPIRICAL SECURITY ADVISORY 0x02

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>Not to be picky but you have a couple errors in your advisory t
>hat I feel
>I must correct.

Please, share.

>Also your calculation of the unit "Manzuik" was way off.
>
>> Steve Manzuik (hellNbak)
>> Height: 5' 5"
>> Width: 5' 5"
>> Weight: 350lbs
>> (this unit of measurement henceforth referred to as a "Manzui
>k")
>
>It is more like Height:  6' 3"
>                Width:   1' 3"
>                Weight:  250lbs
>
>And these numbers are not even exact.  Height can change with m
>y state of
>arrousal (hows that for a mental picture....) as can width.  We
>ight, well
>that is easily plus or minus 30lbs depending on a number of fac
>tors.

This is, mathematically, impossible.  And is so for a number of reasons.

First, the pressure equation:

P = F / A

where P is pressure, F is force, and A is area.

Area equation:

A = L * W

where A is area, L is legth, and W is width.

If you're 6' 3", the accepted norm of foot size for a person of that height is 11 inches in length, and 4 inches width.

So, the area of your foot would be:

A = 11in. * 4in.
A = 44in. sq.

At 250lbs, you'd exert the following pressure:

P = 250lbs / 44in. sq.
P = 5.68181.. lbs./sq. inch

Almost 6lbs. per square inch!  Now, anybody here that's seen you squish along like the large, sea-going creature you are knows you fudged your weight a little, and not by just 30 lbs.

The actual problem here is that, for a person of your alleged size and stature, you'd have to have some sort of infrastructure to support it.  You see, one can not stack 250lbs. of shit to a height of 6' 3" without supporting the pile with something solid.  And, well, let's face it Steve.  You're spineless.  Just like good 'ole Jeff (rfp), Chris (weld pond), Jay Dyson (cancer omega), Mohammad Bagta (phc), you don't have a solid thing inside you that you haven't absorbed.

Alas, I think you've not only fudged your weight, but also your height.  Fudged along with any idea you've ever had.  VulnWatch is an example.  The Open Source Vulnerability Database is another one.  Oh, and let's not forget CSICON.  Much like you, all incredible successes.

>So yeah, based on the numbers, and the forgotten gas ratio, you
> don't want
>any more than 8 Manzuik on the elevator.  But most elevator con
>tain
>redundant cabling and braking systems so this vulnerability is
>nothing
>but theoretical.

Which "gas ratio" would you be speaking of?  Surely not Boyle's Gas Law.  According to Boyle's Gas Law, Pressure and Volume are directly inproportional.  And as anybody that's had the esteemed pleasure of being around you knows, atmospheric pressure does NOT affect the amount of hot air you're full of at any given time.

>Boy, its nice to be loved enough that I get the honor of being
>used in
>this example.  Do you mind if I attach this advisory to my resu
>me, I am
>sure I can drive up my consulting fees with it.

>From what I've heard, almost anything would at this point, including A+ certification.  Word about the whole E & Y thing gets around.  Of course, your professionalism regarding the HP issue, where you told HP to "stick your resume up their collective ass" was pretty priceless too.  This is why you, and the rest of the bunch you associate with, have little or no significance and credibility.  You all lack one thing that will forever elude you:  honor.

I digress, you may use this advisory freely.  Unlike people that have to whine about their information being reused by others (Guninski and TESO will remain nameless), I extend the courtesy to anybody by not attempting to leverage a frivilious copyright.

Speaking of TESO, has anybody ever noticed that scut looks like Deeta from SNL?

>PS:  Eat me bitch.

One final note:  there are several million starving people in Africa.  If I were to end up with a fucking Manatee like you in my nets, I'd send you somewhere you could at least do some good.

Just like Jeff, Chris, Jay, Len, and the rest of the bunch here, you'll only ever be one thing Steve:  something you're not.
-----BEGIN PGP SIGNATURE-----
Version: Hush 2.1
Note: This signature can be verified at https://www.hushtools.com

wl4EARECAB4FAj2LUOoXHGVtcGlyaWNhbEBodXNobWFpbC5jb20ACgkQKZiWmX9gB9bL
2QCfRkLdN36b1GTSyRnLwVkiuDO+DTgAoKzPM6Hf93tM08t2OlYXVnxFixn0
=t8oh
-----END PGP SIGNATURE-----




Get your free encrypted email at https://www.hushmail.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ