lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <62335.82.240.52.3.1179702967.squirrel@webmail.larryseltzer.net>
Date: Sun, 20 May 2007 16:16:07 -0700 (PDT)
From: larry@...ryseltzer.net
To: full-disclosure@...ts.grok.org.uk
Subject: iDEFENSE VCP Challenge and botnet technologies

Good evening list members,

Here is Larry Seltzer, your beloved on-field journalist reporting
about the latest iDEFENSE challenge. An internal source who wishes to
remain anonymous, provided information about possible bankruptcy of
the VA-based "cyberintelligence" company, which offers monetary
rewards for exploits, vulnerability information (Cross Site
Scripting, LD_PRELOAD mis-use and VCP member list leakage issues).

The confidential information shows certain inconsistencies in the
financial department, possibly caused by the increasing money
laundering crime from eGold and the other payment methods they
accept. Anonymous sources comment that the company could be investing
in "pleasing slave Russian wifes" since December of past year, with
the departure of Richard Johnson and Pedram Amini (working at
Microsoft and 3Com's ZDI, respectively). The remaining employees are
known to have leaked CANVAS exploits as their own, causing major
struggle in the Miami-based basement of the ImmunitySec team (which I
hate so much, due to my affiliations with Matasano and some old
@Stake people).

This all might be the cause for the low prices offered by the
continuous VCP challenges that the company launches on quarterly
basis. The current one, offering as much as 16K USD dollars for flaws
in OpenSSH, Apache, etc.

Security experts from all over the world, consider the price value
fair after rumors of potential pre-authentication flaws in the listed
applications. Possible reasons include the retirement of GOBBLES
Security, the groundbreaking revelations of the well known Dr. Neal
Krawetz, the relaunch of SNOSOFT or even the raising of a new
neo-luddite terrorist organization known as The Rogue Parrot
Squadron, which could be linked to the tsunami disasters and 11th
September.

The FBI is reportedly investigating a security compromise of the
systems used by the Gibson Research Corporation to host and sponsor
the OpenBSD project, after DARPA stopped their funding (due to Theo
De Raadt's comments to a Calgary based publication, regarding the War
on Terror and gay marriages involving parrot sex and plastic
surgery). This could be connected to the aforementioned underground
neo-luddite organizations as well as the mysterious Internet identity
known as n3td3v or it's counterpart, v3dt3n.

In a conference call with Gandhi Evron, details about unsuspected
botnets taking over control of Israeli nuclear facilities have been
made available. A crack commando lead by Gandhi (who showed up in
boxing gloves and elastic pants) managed to destroy an Iranian
building complex used to conduct Denial of Service attacks against
str0ke's private IRC intelligence service. Other sources confirm the
compromise of individuals connected to the kidnapping of the world
most well known whitehat expert, Andre Protas, who still works at
eEye and obtains IDA Pro bulk licenses (albeit Ilfak Guilfanov
publicly refuses to support him) for the now infamous CRACKlab.ru

Similar conditions seem to surround GOBBLES Security operatives,
after they were forced out of retirement by the Krawetz HackerFactor
gang (in retardement since circa 100 years ago). Anonymous sources
agree that this message will be flagged as 'Made in GOBBLES, 100%
Mighty Turkey meat' by the well known Doctor.

Rumors say he will soon move to a remote, lone Island in the middle
of nowhere, to create a new race portraying thick nerdy glasses, fat
faces and a desperate need of publishing utterly
scientifically-flawed crap in security conferences, forums, blogs and
Ranum's podcast.

Finally, Matasano LLC., managed to make a world out of a single
Quicktime exploit. This crack commando, known for bashing the LMH/IPU
identity (known to be a group of desperate gangsters willing to do
real mayhem over whitehats' wifes) arguing "they are publicity
stunts". Drugs must be working, meds still in pharmacy. Anonymous
sources comment that this desperate move for publicity might be a
sign of serious financial problems in the consulting firm, which is
being managed by a real moron from outer-space, Thomas P-ee-tacek
(phonetic emphasis is mine). Known for publishing an IDS evasion
paper circa 10 years ago, he possesses strong management skills, as
well as a talent for pissing off the wrong people. He also forgot
that IDS evasion is more than your own version of 'hping'. They were
also stupid enough for getting as much as 10K USD from the ZDI, when
they could have sold it to iDEFENSE for a higher value and
fingerprinting. The consulting firm denied negotiations with Apple
Computer Inc. for a possible Leopard-related contract, which could
explain the absolute lameness and faggotry shown in all the public
mentions of the Cupertino-based manufacturer as "pleasing to work
with, absolutely reliable and honest, smooth and tight as the ass of
a 7-year old".

Shall the world end in major struggle, fire and massive ruckuz, your
beloved journalist-on-field, Larry Seltzer, will continue to bring
unbiased news reports and save the world from evil h4x0r forces
utilizing the giant honeypot force, completely controlled by him.
Nothing will stop him from getting the job done. No fear, no pain.
Sacrifice and hard work. Drugs and heavy attention deficit disorder.
The Great Asperger Army. Nothing, absolutely nothing will stop him.
Ever.

Regards and kisses,
Larry Seltzer - reporting from the outer space.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ