lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: uberguidoz at gmail.com (GuidoZ)
Subject: why o why did NASA do this.

> Ok Mr. Limpy..lol

Just for the record, I fixed that problem I was having with my Linux
install! Of course, I've gone and broken it again, but that's besides
the point. Now you should be referring to me as Mr. No Limbs (it's
completely dead). lol

> Great point about the "career" job. Even if they aren't there, knowing a
> time and a name can get you more information out of a person in another
> dept, I think. I wouldn't try =)

I thought it was too. =D I wouldn't try it either, but then again, I'm
not someone who would be interested in hacking into NASA. It's the
ones who WOULD be interested that I worry about.

I realize that such information is generally available through public
records and such. However, that's no reason to post it all for easy
access and saving. ;)

--
Peace. ~G


On Tue, 19 Oct 2004 12:59:37 -0500, Todd Towles
<toddtowles@...okshires.com> wrote:
> 
> GuidoZ wrote:
> > =) Yeah, I do. I wasn't sure if you were having a brain fart
> > or something. lol
> Ok Mr. Limpy..lol
> 
> > Well said. It was finally removed from public view, though
> > I'd imagine quite a few saved it just in case (myself
> > included). No, it's not some perfect list for every malicious
> > purpose, though it's certainly better then nothing. Spammers
> > really don't care if it's active or not - they will still
> > sell it. Social Engineering can go a long way though. It's
> > entirely possible someone that worked at NASA in 1996 would
> > be there still today. It's called a career. =)
> Great point about the "career" job. Even if they aren't there, knowing a
> time and a name can get you more information out of a person in another
> dept, I think. I wouldn't try =)
> 
> -Todd
> 
> > --
> > Peace. ~G
> >
> >
> > On Tue, 19 Oct 2004 07:59:36 -0500, Todd Towles
> > <toddtowles@...okshires.com> wrote:
> > > I meant this outdated NASA e-mail list. I undestand that FD
> > could be
> > > used for this purpose.
> > >
> > > The fact that NASA just hands you this information
> > (outdated or not)
> > > is pretty sad. As I stated before it is free information leakage at
> > > best and because it is outdated it should be removed from
> > public view.
> > > This could be used for social attacks and e-mail attacks. I don't
> > > think SPAMmers care about some 6 year old list but hackers
> > would. Any
> > > information that they can get free of charge is just that
> > much better.
> > >
> > > You know me better than that GuidoZ .....lol
> > >
> > > > -----Original Message-----
> > > > From: GuidoZ [mailto:uberguidoz@...il.com]
> > > > Sent: Tuesday, October 19, 2004 1:24 AM
> > > > To: Todd Towles
> > > > Cc: full-disclosure@...ts.netsys.com
> > > > Subject: Re: [Full-Disclosure] why o why did NASA do this.
> > > >
> > > > > how would this list help me spam?
> > > >
> > > > Google your email address - then simply use a bot to
> > gather ALL the
> > > > email addresses listed in the posts along with it. ;) The
> > sad fact
> > > > is that the email addresses used to post to this list (and any
> > > > others like it) are freely there for the taking. Plus, it's quite
> > > > obvious they are active. (More obvious then, say, email
> > addies fro
> > > > 1996?) ;)
> > > >
> > > > --
> > > > Peace. ~G
> > > >
> > > >
> > > > On Mon, 18 Oct 2004 11:02:00 -0500, Todd Towles
> > > > <toddtowles@...okshires.com> wrote:
> > > > > Exactly as I stated eariler...this is just information
> > > > leakage...old
> > > > > as it might be, it helps...the people on the list are just
> > > > doing their
> > > > > jobs...getting paid and giving information to a employee that
> > > > > knows their name (and is higher in the company) seems harmless.
> > > > Spam isn't
> > > > > the issue with this information leakage, I can buy a CD
> > > > with 6 million
> > > > > e-mail address on it...how would this list help me spam?
> > > > >
> > > > >
> > > > >
> > > > > > -----Original Message-----
> > > > > > From: full-disclosure-admin@...ts.netsys.com
> > > > > > [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of
> > > > > > KF_lists
> > > > > > Sent: Monday, October 18, 2004 9:06 AM
> > > > > > To: Harry de Grote
> > > > > > Cc: full-disclosure@...ts.netsys.com
> > > > > > Subject: Re: [Full-Disclosure] why o why did NASA do this.
> > > > > >
> > > > > >
> > > > > > Forget about the spammers, how about social engineers.
> > > > This is quite
> > > > > > the gold mine for that.
> > > > > >
> > > > > > Hi this is Joe Schmoe from building 69 I need to have my
> > > > > > password reset.
> > > > > > -KF
> > > > > >
> > > > > >
> > > > > > >
> > > > > > > i have to admit... it's pretty old and useless, but i think
> > > > > > this may
> > > > > > > be a nice place for spammers to try out some new adresses...
> > > > > > >
> > > > > >
> > > > > > _______________________________________________
> > > > > > Full-Disclosure - We believe in it.
> > > > > > Charter: http://lists.netsys.com/full-disclosure-charter.html
> > > > > >
> > > > >
> > > > > _______________________________________________
> > > > > Full-Disclosure - We believe in it.
> > > > > Charter: http://lists.netsys.com/full-disclosure-charter.html
> > > > >
> > > >
> > >
> >
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ