lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 18 Mar 2008 22:59:03 -0500
From: "Nate McFeters" <nate.mcfeters@...il.com>
To: reepex <reepex@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: agile hacking?

Ok, I'll buy that, that's reasonable.  I wasn't in the exchange with thoth.
I guess when I read about a community project to write the ultimate hacking
book, I assumed people from all backgrounds of security would be interested
in contributing... maybe that's a bit of a Utopian view, but I could imagine
a one stop Frankenstein of a book (probably one so large you couldn't even
carry a hard-copy) that has some really great great stuff if the right
people contribute.

Right now, I've got disjointed information everywhere that I reference for
various things all over my damn computer and bookshelfs... Uninformed
papers, presentations from various sources, manuals, books, blah blah blah.
If it was done right, I think the book could be pretty damn cool.  Of
course, that depends on the community support and the content that comes out
of that.  I'm not sure what PDP has envisioned for the book, I've been just
too busy today to give the article a good read, but I've always been very
interested in these community projects.

I think that's why I love ToorCon and really was bummed that I didn't get to
make it out to 24c3 this year... lots of collaboration going on there.

Nate


On 3/18/08, reepex <reepex@...il.com> wrote:
>
> On Tue, Mar 18, 2008 at 10:36 PM, Nate McFeters <nate.mcfeters@...il.com>
> wrote:
>
> > I don't consider myself a 'kiddie' and I've considered contributing to
> > it.  I feel like the old adage of blowing out someone elses flame to make
> > yours burn brighter applies here.  Reepex, I didn't get a chance to see your
> > presentation at kiwicon, bit to expensive for an American on a tight budget
> > to get out there, but if you have a link, I'd love to have a look.  We've
> > talked before, so I assume the presentation is good since I know you know
> > your stuff; however, I've also seen some cool stuff come out of PDP and
> > Gnucitizen... why the need to bash?
> >
>
> I did not give the talk, thoth did. The reason I brought it up is because
> of
> http://www.gnucitizen.org/blog/agile-hacking/#comment-116766
> where pdp blindly assumes thoth does not have a clue, while not knowing
> his background which must be some strange complex where people think anyone
> who disagrees with them is inferior.
>
>
> >   Web app hacking may not be the coolest topic in the world to yourself
> > and many others, but it is something that a lot of companies are concerned
> > with these days,
> >
>
> Yes and we agreed web hacking has its place... the point I made was that
> you cannot write 'the best hacking manual ever made' as pdp is touting it
> while only covering web hacking and running combinations of different tools
> such as kismet/tcpdump that pdp mentined as an example.
>
>
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ