lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 14 Apr 2008 14:50:37 -0500
From: "Nate McFeters" <nate.mcfeters@...il.com>
To: n3td3v <xploitable@...il.com>
Cc: n3td3v <n3td3v@...glegroups.com>, full-disclosure@...ts.grok.org.uk
Subject: Re: Fwd: n3td3v has a fan

n3td3v,

Are you Bin Laden?  You're doing his job for him!  If we can't even park
without being afraid someone is going to blow up our building, wtf?
Pictures of the parking lot?  Big fucking deal!

Nate


On 4/14/08, n3td3v <xploitable@...il.com> wrote:
>
> On Mon, Apr 14, 2008 at 6:54 PM, G. D. Fuego <gdfuego@...il.com> wrote:
> > On Mon, Apr 14, 2008 at 12:56 PM, n3td3v <xploitable@...il.com> wrote:
> >
> > >
> > > Security Threater: reader comment from n3td3v
> > >
> > > Posted on: April 10, 2008, 9:17 AM PDT
> > > Story: Bruce Schneier's new view on Security Theater
> > >
> > > Security threater is good because it scares potential terrorists from
> > > being caught. It keeps the terrorists on their toes and worrying all
> > > the time. You've got to have security threater in place to deter
> > > terrorists or people thinking about it, or in the middle of plotting
> > > it.
> > >
> >
> > Do you understand the point of terrorism?  The end goal is not to kill
> > people.  There are plenty of more effective methods to kill people than
> > they've been using.  No, the end goal is to cause TERROR.  They want us
> to
> > be afraid to live our lives.
> >
> > Security Theater does more to cause terror in the minds of the people
> than
> > it does to deter terrorists from committing these crimes.  People in the
> US
> > are starting to believe its reasonable to prevent tourists from taking
> > pictures from a moving train.  As though taking these photos are somehow
> > going to threaten our lives.
> >
> > How does this help?
> >
>
> I have to contest, at Yahoo--- Mark Seiden and others said Sunnyvale
> isn't MI5/MI6 and that people shouldn't be stopped on premises without
> permission for taking photos.
>
> And I was angry that Mark Seiden and others at Yahoo weren't going to
> take my e-mail seriously, athough later on it turns out that Yahoo
> non-cyber staff who patrol the grounds of Sunnyvale have stopped photo
> taking without permission, this has to be a good thing.
>
> The case of mine was highlighted by "ycantpark". of which flickr
> photos were published of the parking lots of Yahoo of employees who
> couldn't park, although that sent off triggers for me to send the
> multiple e-mail to their cyber security e-mail address to stop this
> happening.
>
> There are many ways the parking setup could be used against Yahoo
> adversaries, think car bomb, or truck bomb? It was hugely
> irresponsible of Yahoo to allow such photos to be taken by on-the-fly
> employees.
>
> The photos ended up being a major publicity event on employee blogs
> who thought it was funny to make fun and take photographs of the
> carpark, and employees number plates of those cars without the
> explicit permission of the owners of those cars or automobiles.
>
> However---n3td3v had other ideas, n3td3v was straight on the e-mail to
> Yahoo's cyber security team to make sure policy was changed in the
> real world ground staff team, so that, cameras and mobile phone snaps
> were taken more seriously as a threat towards the corporation of
> Yahoo.
>
> The identify of cars belonging to employees, partners and others
> connected could be used against them, be followed off-site for thier
> devices to be technically eavesdropped on, or company documentation to
> be obtained, by stolen laptop, by breaking into car, by breaking into
> personal home space of employee.
>
> Mark Seiden thinks Yahoo campus known as Sunnyvale isn't MI5/6 but
> that doesn't say such agencies wouldn't find that kind of photography
> useful to plan and carry out surveillance operations to determine
> what's going on, especially in times of big business deals between
> Microsoft and Yahoo.
>
> Through my protests of the Ycantpark, Yahoo has taken photography and
> other suspicious activity more seriously, although they have failed to
> rip down Ycantpark. This is probably because the intelligence services
> and state enemies have probably obtained and capatured the
> intelligence electronically and fed it back to their operation center,
> so it would make no difference if the information is publically
> available, although it _still_ offers insight to amateur hackers and
> terrorists who stumble upon it through casual or purpose built
> reconnaissance operations.
>
> http://www.flickr.com/photos/ycantpark
>
> n3td3v
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ