lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4b6ee9310804141417y33da50dfmc9c0f2221f3750d3@mail.gmail.com>
Date: Mon, 14 Apr 2008 22:17:31 +0100
From: n3td3v <xploitable@...il.com>
To: full-disclosure@...ts.grok.org.uk, n3td3v <n3td3v@...glegroups.com>
Subject: Re: Fwd: n3td3v has a fan

On Mon, Apr 14, 2008 at 9:05 PM,  <Valdis.Kletnieks@...edu> wrote:
> On Mon, 14 Apr 2008 20:04:37 BST, n3td3v said:
>
> > There are many ways the parking setup could be used against Yahoo
> > adversaries, think car bomb, or truck bomb? It was hugely
> > irresponsible of Yahoo to allow such photos to be taken by on-the-fly
> > employees.
>
> For the wannabe bomber, the fact that the area has *also* been mapped by Google
> Maps and Microsoft Terra and probably bunches of others is probably a lot more
> important.  Among other things, the average amateur photo does a really shitty
> job of telling you things about stuff like approaches, ramps, lane markings for
> turns, and where you can and can't drive a vehicle of a given size.
>
> http://maps.google.com/?ie=UTF8&ll=39.112212,-76.771844&spn=0.000856,0.001529&t=h&z=20
>
> If the owner of that gatehouse doesn't care about publicly available
> satellite imagery at that resolution, why should Yahoo care about amateur
> photos?
>
> Yahoo may suck enough to motivate a car bomb, but the owner of the gatehouse
> is truly a world-class Hoover.. ;)

Ok, my comment above was slightly a drop in the sky to get attention
of the problem, but look let's concentrate more on something else,
which you seem to have purposely bypassed and snipped out, even though
it was one of the key points...

On Mon, Apr 14, 2008 at 8:04 PM, n3td3v <xploitable@...il.com> wrote:
> The identify of cars belonging to employees, partners and others
> connected could be used against them, be followed off-site for thier
> devices to be technically eavesdropped on, or company documentation to
> be obtained, by stolen laptop, by breaking into car, by breaking into
> personal home space of employee.

n3td3v

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ