lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <200211230305.gAN353H19432@netsys.com>
From: ratel at mailvault.com (ratel)
Subject: Please post to the list 

-----BEGIN PGP SIGNED MESSAGE-----

On 22-Nov-2002 12:19:52 -0500, you wrote:

>in your ideal world, how would you help
> me stay secure and prevent all the attacks that bludgeon my network?
> This is a legitimate question, and I would appreciate a legitimate
> answer, rather than the usual blather that has dominated this list. 

Two words: AIR GAP.

Nothing could be simpler: don't put anything you wouldn't mind losing on
a box that connects to the intenet. 

Radical, I know--but if it works for JTF-CNA it certainly works for
me.

Speaking of the Devil, do you really think those delightful fellows
employed by JTF-CNA, NSA &c. really run to tell Microsoft and other
vendors everytime they find a hole/sidechannel/backdoor in their
software? Do you honestly think any man jack of them spends two seconds
concerning himself with this kind of anguished hand-wringing debate? 

Forget it. In their world, full disclosure is irrelevant. Dead. A bad
joke. Grow up and stop kidding yourselves. 

The ugly truth is that some of the greatest, most technically brilliant,
truly ethical-after-their-own fashion blackhats are pulling paychecks
from Ft. Meade. 

Ethical, because for them it's not about money.
It's about control. 
After all, "Information is Power".

They've been running rings around all you poor suckers for years. 

And as long as you aren't protecting your critical information yourself
with an air gap? Content to rely on corrupt scumbag snake oil vendors to
"protect you" as they pick your pocket and sell you out time and again
to the highest bidder? 

They always will.

In the end, it all comes down to blackhat vs. blackhat. 
He with the best tools wins.
Who are you writing tools for?


Ratel.


***



"Americans used to roar like lions for liberty. Now we bleat
like sheep for security." - Norman Vincent Peale.



-----BEGIN PGP SIGNATURE-----
Version: MailVault 2.2 from Laissez Faire City http://www.mailvault.com

iQA/AwUAPd7wJuYNtyh3zif9EQL55wCfUKM5WTdGmuiWI7egB3vW8EfULdsAn0pq
qcEpreRCr4yJ1xfMhmOjwZY+
=I2c5
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ