lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20031225183127.GF13578@sparky.finchhaven.net>
From: jsage at finchhaven.com (John Sage)
Subject: Bugtraq Security Systems XMAS Advisory 0001

Wow!

On Thu, Dec 25, 2003 at 07:51:48AM -0500, Bugtraq Security Systems wrote:
> Date: Thu, 25 Dec 2003 07:51:48 -0500 (EST)
> From: Bugtraq Security Systems <research@...traq.org>
> To: John Sage <jsage@...chhaven.com>
> cc: full-disclosure@...ts.netsys.com
> Subject: Re: [Full-Disclosure] Bugtraq Security Systems XMAS Advisory 0001
> 
> 
> Hi John!
> 
> We at Bugtraq Security Systems take great grievance in your accusations.
> Especially coming from such a prominent Interweb netizen as yourself. As
> we nopsled around the digital frontier in these times of vigilance, we
> feel that frontier laws apply. Team Bugtraq Security thus challenges you to a
> duel at defcon 2004. Furthermore, in light of your overall infosec
> excellence we would like to take this oppurtunity to point out your
> incredible skill level to our list reading friends:
> 
> [1] http://www.finchhaven.com/pages/incidents/ACK_hole.c.html

I bow down before your l33t research sk1llz!

And I'm flattered that you would take time out of your obviously busy
schedule to go over my paltry little scrap and show me the error of my
ways.

No. Seriously. I am :-/


> In light of this sourcecode, Team Bugtraq Security would like to urge you

/* snip */

> /* ACK_hole01.c - Sun Aug 11 13:00:54 PDT 2002
>  * John Sage - jsage@...chhaven.com
>  *
>  * A first attempt at a TCP/IP network data sink
>  *   along the lines of trafficrcv.c - see:
>  *   http://www.psc.edu/~web100/pathprobe/
>  *
>  * Now based upon WR Stevens tcpserv04.c
>  *   "UNIX Network Programming", p.128
>  *   modified to do nothing with packets received

/* snip */

I stand humbled, chastised and thoroughly embarrassed by your
relentless and all-seeing Full Disclosure(tm)


However, I shall sleep easier tonight for knowing that researchers
such as yourselves are scouring the Internet for buggy software, and
dragging feeble attempts at "coding" (although that word clearly gives
too much undeserved importance and diginity to cr*p such as mine),
kicking and screaming, into the bright glare of public scrutiny and
ridicule.


Now that you've brought this humilitating little farce of mine to the
attention of the entire world, I think I'll just go off and kill myself.

No. Seriously. I will.

Really...



- John
-- 
"What's the frequency, Kenneth?"
-
John Sage: InfoSec Groupie
-
ABCD, EFGH, IJKL, EmEnOh, Pplus+, Mminus-
-
ATTENTION: this entire message is privileged communication, intended
for the sole use of its recipients only. If you read it even though
you know you aren't supposed to, you're a poopy-head.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ