lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu Aug 25 18:08:19 2005 From: aprotas at eeye.com (Andre Protas) Subject: talk.google.com One interesting point is how beta this software really is. Load it up into ida and you can see references to their .cpp src as well as their 'cricket' directories. Looks like there's quite a bit more functionality built in that is just disabled right now, would be kind of a fun little chore to patch it up and make it more functional (if the google jabber server is even configured to forward those different types of traffic). Also, they are doing some client-side bounds checking on their message sizes. But, if you connect to talk.google.com from a different client (gaim for instance), you can send quite a bit larger of a buffer. Hehe, but then gaim was also cutting me off too the larger I went (more of a gtk issue than anything). I loaded up a python jabber client but got blocked by the new google token everyone was talking about. Only worth so much time to play around with now that it's just in beta...but nonetheless, this thread should be about technical 'disclosures', and the political and conspiracy theories abound. Signed, Andre Derek Protas Security Researcher eEye Digital Security aprotas eeye com -----Original Message----- From: full-disclosure-bounces@...ts.grok.org.uk [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of My Name Sent: Thursday, August 25, 2005 6:29 AM To: Paul Melson Cc: adityad2005@...rs.sourceforge.net; Full Disclosure Subject: Re: [Full-disclosure] talk.google.com Someone kill this thread! I haven't seen anything disclosed in even ~1~ of these emails. On 8/25/05, Paul Melson <pmelson@...il.com> wrote: > -----Original Message----- > Subject: RE: [Full-disclosure] talk.google.com > > > Why do you have to use gmail when it is very easy to setup a mail server > On your own > > personal computer and also setup a jabber server if required > > > > Its your choice what you want to use.... > > > Well, I have a lot of old server hardware in my basement, but it's still > nowhere close to the thousands of servers Google has in various data centers > all over the US. They've also got more bandwidth than I do. And - nothing > personal - I'd rather use the bandwidth I actually pay for for important > things like college radio (http://www.impact89fm.org/) or Headkicker II > (http://www.adultswim.com/games/brak_headkicker/index.html) instead of > distractions like full-disclosure mailing list traffic. > > PaulM > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists