lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <001c01c3283d$17319f70$118b8451@cancerbox>
From: Packetninja at btinternet.com (W1ZARD)
Subject: Antigen  Path Disclosure

>Nopes. Im not a part of the security industry itself, im a programmer.
>If it was my choice there would be no industry coming out of this cause
>we, the programmers, would be given the time to test our apps before
>releasing them, we would be given time to program it decently, not with
>8 or 24 or 72 hour deadlines hanging over our shoulders at every time.

Ah well put more time to the code and less into the rants =)

>How'bout a filtering router? Access rules? Oh wait, I guess you haven't
>heard about that before?

Umm fraid i have heard of those =) but then again you are part of the
industry so what your saying is every average home user who listen to a bit
of music and plays the odd game should be going to fairly extreme measures
to secure thier home pc.
A filtering router? for a kids home pc that gets to connected to a laptop
once in a while with a bit of crossover, thats just insanely ott/overkill
imo.

>Honestly I think its bitchy f*cking over a 13yr-olds puter. There aren't
>excuses for such actions. We are all on this list to fight shit like
>that by going full disclosure hoping vendors patch the holes, hoping
>people secure their computers, or even hope that company sites keep
>their security up, so no, I don't encourage such actions, nor do I
>approve of them.

Point was it wasnt a hole, he didnt actully own anything, he deleted a few
files in an shared dir that well was allowed to be modfied, thats as far as
he got. But Still decided to uploaded 2 dodgey files and a jpg like he was
some super hacker. Just thought it was funny someone on a mailing list
claiming to be a security professional would consider that kinda attitude
professional and well err hacking lol.
(on lighter note found them and ill proper nosey later on, one appears to be
some webserver/ircbot trojan anyways from googling with the filename)
.



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ