lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: purdy at tecman.com (Curt Purdy)
Subject: RE: [ISN] DARPA pulls OpenBSD funding

Course "them" includes Micro$oft who claims that the use of the term
"_NSAKEY" in all their OS's since W95/NT4 was "an unfortunate use of
words"...

Curt

-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com]On Behalf Of yossarian
Sent: Sunday, April 20, 2003 6:47 AM
To: Darren Reed
Cc: full-disclosure@...ts.netsys.com
Subject: Re: [Full-Disclosure] RE: [ISN] DARPA pulls OpenBSD funding


> > Is "them" including corporate interests if they conflict with personal
> > freedom? Probably, since the companies = the shareholders = people.....
> > Are you including DMCA / Patriot Act / etc.?
>
> What have they got to do with this ?  Nothing so far as I can see.

A lot. Under patriot act, bookstores can be asked to inform authorities who
buys what books. This can and does include books we in the security industry
consider must have reads. It might include a new book on hardening IIS,
considered 'unfair' and 'not wise' by MS - whatever the reasons. Under this
legislation, knowledge can be considered a WMD, and the population must be
datamined. If you break in to the connection your fritz chip opens to see
what info it sends on your computer use - i.e. want to know how far your
privacy is invaded - you break DMCA. If your behavioural patterns match a
predefined risky lifestyle ... enter demonisation.

> > Is this including being
> > prepared for being put in the slammer since someone in uniform dislikes
what
> > you put on your T-shirt? Funny how judicial people get to work around
the
> > principle of freedom of speech. How many here went to law school? Speech
is
> > not necessarily verbal.
> >
> > BTW, whose wellbeing is suffering by Theo's statement? If you are that
> > sensitive, forget the Internet and travel abroad.
>
> My comments were not specific to this particular instance of implied
> impairment of free speech but rather to point out that with it comes
> the responsibility of speaking in a fair and wise manner and that if
> you are careless with your words then expecting the notion of "free"
> speech to protect you is somewhat naive.

Who is to decide what is fair and wise? Limiting free speech by these
non-defined values to be decided on by undefined external parties is imho
very dangerous, so a statement believing  you have free speech, so can say
and think anything you like, as long as it is fair and wise, is naive at
best. What i think is fair, my be considered unfair by others, which it
probably is. The "Responsibility to be Fair and Wise' thingie may sound
ligit, but are the ultimate weapons for self-censorship, which is much more
effective and never illegal, than government led censorship. Relate self
censorship to the forum you are on, plz.

As an author on security issues, you will not disclose on vulns in certain
systems, since it is not wise, since it is a threat to national security,
but you will on other systems. Why? cause they are not used by the
government. Wait a minute, you cannot just 'not disclose' on systems used by
the government, but also that of its 'willing' allies, so don't disclose on
these either. Lemme give you another thought - disclosing on security flaws
in any US software is allowing economic warfare against the US - let us only
disclose on say, russian, french and german software. Oh, well, and on
Syrian, North Korean and Iranian software. There isn't any worthwile
software from these countries? And if there is, it is probably used by the
US, one of it's allies or a corporation in one of these countries.
Corporations? Yes, damage to say, MS, is major damage to the american
economy, so it is damage against its national interests = security. Well
then, let us be responsible people, let us not disclose at all, close this
list, get a haircut and a real job.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ