| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 7 May 2008 18:45:12 -0500 From: "J. Oquendo" <sil@...iltrated.net> To: Paul Schmehl <pauls@...allas.edu> Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com Subject: Re: Microsot DID DISCLOSE potential Backdoor On Wed, 07 May 2008, Paul Schmehl wrote: > Please point to the part where they are "relying on IP" when they > explicitly state "No identifiable personal information that is related to > you ***or to the computer*** is sent...." What's going on Paul. You're right. "No identifiable personal information that is related to you ***(adding more stars for empashis)****** or to the computer ******* is sent..." Mea culpa. For a moment here I thought LEA's used IP as an identifier in courts of law. Silly me. / SNIP http://tinyurl.com/54h9fu They contacted Special Agent Adam D. Aichele of the Allentown FBI, Wolfe said. Wolfe said Aichele took her to a Lehigh library computer to look at the e-mail and retrieve the IP address from which it was sent. / SNIP / SNIP http://www.fbi.gov/congress/congress04/lourdeau050604peer.htm Therefore, despite the fact that a Peer-to-Peer connection is not facilitated by a central server, users can still be identified in real time by the IP addresses associated with +their computers. / SNIP So before you argue back with "but your IP information is not sent!" really? And how did the information from your machine get there? Smoke signals? As for "sniffing the wire" to see what MS is sending. Sort of difficult to do. 1) I'm not on Windows that much. 2) When I am on Windows, the machines I use are sanitized. Furthermore, if you go back to the original article in PC World, I don't know about you but to me its in black and white the correlation. I don't know anyone who begins to talk about one thing, then goes off into a complete different tangent in the next paragraph: "Information obtained from WMSRT etc, etc, etc,..." ... "Officials were able to identify..." If at any point anyone here including LEA's believe wholeheartedly there is nothing wrong with this in the sense it doesn't have a huge potential for abuse (not the information sent by WMSRT but the concept of using data WITHOUT NOTIFYING THE USER), if none have qualms with this, you're in the wrong business (security). I should make it a point to point out the flaws in the system but alas that would lead to a complete misunderstanding of it. With this said, here is a scenario for you Paul... Let's say I despised you. Let's say I AM A BOTNET operator. Let's say I take my EXISTING botnet and tweak the logged information being sent to Microsoft. I don't know... I guess I'll make it look as YOUR NETWORK is a CNC for a large botnet. I can only imagine 1) You will be going through an insane ghost analysis for something that doesn't exist after being raided... 2) Frustrated as an engineer since you know for a fact there is no damn reason a LEA should be even talking to you. Look I can think of the horrors behind this. If you can't see it again, perhaps you and I aren't on the same level of thinking outside of the box. The abusive side of "hacking" and I won't go into the political bs of what a hacker is or does or is supposed to be. -- =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ J. Oquendo SGFA #579 (FW+VPN v4.1) SGFE #574 (FW+VPN v4.1) wget -qO - www.infiltrated.net/sig|perl http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x3AC173DB _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists