lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: jonathan at xcorps.net (Jonathan Rickman)
Subject: Global HIGH Security Risk

-----BEGIN PGP SIGNED MESSAGE-----

On Mon, 3 Feb 2003, ^Shadown^ wrote:

> Dear Folks,
>
> 	I'm sorry if anybody didn't like the subject, but is *that* important.
> 	While a research I've developed a technique to literaly bypass *every* security network software and device (*every* firewall, ids, etc), which become an unstopable security risk for the hole security community, but I don't know the legal term on how to post something like this.
> 	And I need help on this, need people who may advice me on how to share this information.
> 	I'm really scared, because i.e "The arrest that happends after the DEFCON X conference because of the *PDF security*", and I swear that this is a large *mayor* security risk.
> 	I will *NOT* answer any question about the new technique (the one I've developed and applied) until I get adviced on how to post it *without* getting in trouble, so please don't write to me because I'll delete them all.
> 	I hope for your help.
> 	Best Regards.
>
> 	^Shadown^
>
> PD: As this mail was sent to SecurityFocus, Vuln-Watch and Cert lists (last Friday) and It wasn't posted, this msg and the information I'm gonna release will *not* be allow to post or referenced on other lists but Full-Disclosure. (except by myself).
> Thnx.


Well, it's pretty obvious why they didn't post it. Honestly, and I'm not
trying to insult you, this is probably something you should keep to
yourself. The odds of you making an ass out of yourself seem pretty good
at this point. Anything's possible, but what you're describing sounds far
fetched to me. But hey, who knows? I've been wrong at least three times
this year, and we're barely a month into it. :)

- --
Jonathan Rickman
X Corps Security
http://www.xcorps.net

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8

iQEVAwUBPj7DXzTwrX0N9QH/AQEIGwf/Uawkm5UiP01HTVIZxf6xD+TlaUxCnoPt
977Zsr1pYQTt7qF64XpUX0FDOJCAIyiSU9JOjUwnbNJBRqv+0RG8SBWdgCFDoFq+
ukfC/cqlFI4J+iiHR6L9RM3d66JSvqqoIl3gAfwCbq3kQcBkWKG5WJJ4tHXwvcnr
Dg8XEZs/JtdyTO+quvtMTlITvgnZ9lQZ3dADdN/EkfB+5HGoC3s98uMEe+EE1tme
dlmC4Ve6ls/4ZNApf5DLlphMZR5cQf3D+4kPj8pJZD/2IRTEgPilnvCIRwE2yoOK
1uL2kSh2kc4L4+mOsZ3wH0EmsC4NEt593a3reix5N5I5zy99mRPlqA==
=jmZK
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ