lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 19 Jul 2007 10:36:13 -0400
From: "Joey Mengele" <joey.mengele@...hmail.com>
To: <joey.mengele@...hmail.com>, <andre@...rations.net>, <lmh@...o-pull.com>,
	<dave@...atasec.com>
Cc: full-disclosure@...ts.grok.org.uk, fuzzing@...testar.linuxbox.org,
	dailydave@...ts.immunitysec.com
Subject: Re: [fuzzing] The truth

Well "David", you clearly have not followed the life and times of 
the Doctor. The Great Doctor (I am not referring to myself here) 
has also been impersonated by hackers who cleverly used PGP to fool 
the masses. I talked to Neal about this and he has told me he 
suspects PGP has been cracked. 

So yes, PGP is good, but the only real evidence one can provide as 
proof of identity are pictures of his or her own butt as Jarod 
DeMott has previously offered up on this list.

So "David", wheres the REAL proof?

J

On Thu, 19 Jul 2007 10:27:18 -0400 David Maynor 
<dave@...atasec.com> wrote:
>I am going to guess it has something to do with the pgp signature, 
>I can post from dave@...atasec.com and I can update the erratasec 
>blog. 
>
>-----Original Message-----
>From: Joey Mengele [mailto:joey.mengele@...hmail.com] 
>Sent: Thursday, July 19, 2007 10:16 AM
>To: andre@...rations.net; lmh@...o-pull.com; David Maynor
>Cc: full-disclosure@...ts.grok.org.uk; 
>fuzzing@...testar.linuxbox.org; dailydave@...ts.immunitysec.com
>Subject: Re: [Full-disclosure] [fuzzing] The truth
>
>But what does Dr. Neal Krawetz have to say? I will not draw any 
>conclusions until he has the time to analyze the writing samples. 
>As Neal has taught us, the students of Full Disclosure, there is 
>no 
>validation required for online impersonation [1]. How do we know 
>you are not impersonating this David Maynor character?
>
>More importantly, and of equal relevance to this list (these 
>lists?), how can we be sure you aren't n3td3v? Or GOBBLES? Or both?
>
>J
>
>[1] http://www.securityfocus.com/columnists/441
>
>On Thu, 19 Jul 2007 09:36:49 -0400 David Maynor 
><dave@...atasec.com> wrote:
>>http://erratasec.blogspot.com/2007/07/i-am-not-lmh.html
>>
>>-----Original Message-----
>>From: full-disclosure-bounces@...ts.grok.org.uk [mailto:full-
>>disclosure-bounces@...ts.grok.org.uk] On Behalf Of 
>>andre@...rations.net
>>Sent: Thursday, July 19, 2007 9:15 AM
>>To: Lance M. Havok
>>Cc: full-disclosure@...ts.grok.org.uk; 
>>fuzzing@...testar.linuxbox.org; dailydave@...ts.immunitysec.com
>>Subject: Re: [Full-disclosure] [fuzzing] The truth
>>
>>Dave / LMH / whatever,
>>
>>Give up.
>>
>>You really don't get it, do you?
>>
>>Rouland, Ptacek, hdm, myself - we're all out to get you.
>>Infosecsellout is a collaborative effort to drive you insane.
>>
>>Aitel even wrote that script just to make you more paranoid.
>>
>>If anyone actually cares that you used two identities online I'll
>>really be surprised.  So did my grandma.
>>
>>Is this some kind of story?  A confession?  A bug report?  Your 
>>whole
>>paragraph about SILC leads nowhere - it doesn't make any sense.
>>
>>Ptacek, hdm, myself, et al - we all know who Infosecsellout is.  
>>Not
>>because we wrote clever scripts that do user fingerprinting via
>>behavorial statistical analysis.  Think of it more like hearing 
>the
>>voice of an old friend call you on the phone.  Someone you haven't
>>heard from in awhile.  Easy to identify, correct?
>>
>>Wait, why am I asking you? - that's probably never going to 
>happen 
>>to you.
>>
>>dre
>>
>>_______________________________________________
>>Full-Disclosure - We believe in it.
>>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>Hosted and sponsored by Secunia - http://secunia.com/
>
>--
>Click for free info on real estate schools and make $150K/ year
>http://tagline.hushmail.com/fc/Ioyw6h4eCnIQ58QE5Xosh8kr94mzZOAPaFhG
>AZliJ13oEnyV3lCONS/

--
Need cash? Click to get an instant cash advance
http://tagline.hushmail.com/fc/Ioyw6h4dP5F8DOcft1JJV5wDm0jMPpxdoKPVar6fLOZRp7rmSx5bmw/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ