lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <20090315042515.AF8F91A003A@smtp.hushmail.com>
Date: Sun, 15 Mar 2009 00:25:15 -0400
From: "Elazar Broad" <elazar@...hmail.com>
To: tbiehn@...il.com
Cc: full-disclosure@...ts.grok.org.uk, acastigliola@...m.com
Subject: Re: BBC cybercrime probe backfires

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

No, and besides, we all have a /dev/null for whatever we don't want
to listen to...

On Fri, 13 Mar 2009 17:04:48 -0400 T Biehn <tbiehn@...il.com> wrote:
>Here's one to mull over.
>Is changing someone's mind with relentless logic tantamount to
>'breaking and entering' into their mind?
>
>-Travis
>
>On Fri, Mar 13, 2009 at 4:53 PM, Elazar Broad
><elazar@...hmail.com> wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> I am inclined to agree, except that you still have issues with
>the
>> electronic equivalent of breaking and entering. Case in point,
>> there is a good chance you would be arrested and prosecuted if
>you
>> opened the door to another persons dwelling which did not have a
>> lock installed, and installed a lock and left him/her the key,
>> simply because you entered their property without permission.
>From
>> a ethics perspective, most people would judge you a good
>Samaritan,
>> you helped someone else protect their property, however the law
>> doesn't see it that way, primarily because of the fact that, if
>you
>> don't have permission to be there, chances are you are not
>wanted
>> there, no matter what your intentions may be.
>>
>> As far as hijacking bot nets, one who steals from a thief may be
>a
>> thief, but one who stops one in the act is a hero. Bot nets are
>> always "in the act"...
>>
>> On Fri, 13 Mar 2009 14:00:47 -0400 T Biehn <tbiehn@...il.com>
>wrote:
>>>More people should hijack machines and push updates to them if
>>>their
>>>users are unable or unwilling.
>>>
>>>First an Analogy:
>>>If someone's letting money launders use their bank account to
>>>launder
>>>money out of INACTION that's still illegal, the same SHOULD be
>>>true of
>>>people who leave their systems unpatched.
>>>
>>>These machines are negligently left open to be used in
>'nefarious
>>>criminal activity.'
>>>
>>>Plan of Action:
>>>It's your civic duty to write worms, hijack botnets and patch
>>>machines
>>>with or without user consent.
>>>This is absolutely moral holding to the various tests (is it
>self
>>>defeating if -everyone- does it etc etc)
>>>Just don't get caught doing it.
>>>
>>>I'm disgusted by the imposition that you'd decry their actions
>for
>>>being illegal when they were clearly moral and represent a net
>>>benefit
>>>for society. Haven't you heard of this guy called Gandhi who
>>>didn't
>>>subscribe to the arbitrary superficial morality provided by the
>>>word
>>>of the law and only acted on what he knew to be moral?
>>>
>>>It's time to elevate yourself out of your own mind-slime and
>into
>>>2009.
>>>We all still have a long way to go.
>>>
>>>-Travis
>>>
>>>On Fri, Mar 13, 2009 at 9:00 AM, Castigliola, Angelo
>>><ACastigliola@...m.com> wrote:
>>>> Very unorthodox and unethical.
>>>>
>>>>
>>>>
>>>> Angelo Castigliola III
>>>> EISRM - Application Security Architecture
>>>>
>>>> Unum
>>>>
>>>> acastigliola@...m.com
>>>>
>>>>
>>>>
>>>> Disclaimer: The opinions expressed are my own personal
>opinions
>>>and do not
>>>> represent my employer's view in any way.
>>>>
>>>> ________________________________
>>>>
>>>> From: full-disclosure-bounces@...ts.grok.org.uk
>>>> [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf
>Of
>>>James
>>>> Matthews
>>>> Sent: Friday, March 13, 2009 8:10 AM
>>>> To: Ivan .
>>>> Cc: full-disclosure
>>>> Subject: Re: [Full-disclosure] BBC cybercrime probe backfires
>>>>
>>>>
>>>>
>>>> I agree! Why can't another people hack into computers to
>>>show.... This is
>>>> such BS and the BBC should be hit hard by what they did.
>>>>
>>>> On Fri, Mar 13, 2009 at 7:18 AM, Ivan . <ivanhec@...il.com>
>>>wrote:
>>>>> The BBC hacked into 22,000 computers as part of an
>>>investigation into
>>>>> cybercrime but the move quickly backfired, with legal experts
>>>claiming
>>>>> the broadcaster broke the law and security gurus saying the
>>>experiment
>>>>> went too far.
>>>>>
>>>>>
>>>>> http://www.smh.com.au/news/technology/security/bbc-cybercrime-
>
>>>probe-backfires/2009/03/13/1236447465056.html
>>>>>
>>>>> _______________________________________________
>>>>> Full-Disclosure - We believe in it.
>>>>> Charter: http://lists.grok.org.uk/full-disclosure-
>charter.html
>>>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> http://www.astorandblack.com/
>>>>
>>>> _______________________________________________
>>>> Full-Disclosure - We believe in it.
>>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>>
>>>
>>>_______________________________________________
>>>Full-Disclosure - We believe in it.
>>>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>>Hosted and sponsored by Secunia - http://secunia.com/
>> -----BEGIN PGP SIGNATURE-----
>> Charset: UTF8
>> Version: Hush 3.0
>> Note: This signature can be verified at
>https://www.hushtools.com/verify
>>
>>
>wpwEAQECAAYFAkm6x64ACgkQi04xwClgpZhBnQP9Gyf79ajWHLQWT/qwpcTlXRRo2Ae
>v
>>
>RPy7fqKDezxbdW6Wj4+NF01jJKnN1hxvzO6y7UJu8nZb/8MjFjQpptX8cDEOXkSS/eL
>2
>>
>6BQk6awvUVE3bDaGnSGtKxzRoB/9QacSWIY2aesUei3SO+nLvDY6yDSTgluY297qecO
>2
>> 5IDsLvU=
>> =uFrf
>> -----END PGP SIGNATURE-----
>>
>> --
>> Easy-to-use, advanced features, flexible phone systems.  Click
>here for more info.
>>  
>http://tagline.hushmail.com/fc/BLSrjkqmC5s0cVnImZliAxEhB1b6kUbEPkcG
>C3SbSb1Sw8sd47WCW5Tgx8k/
>>
>>
-----BEGIN PGP SIGNATURE-----
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQECAAYFAkm8gysACgkQi04xwClgpZgc2gP9GBVrdlmeIYKTioAXWcxyOFBq+v8j
0G2yKF3gmFHuj0XSk+VEJei+G5HXQW31YvmXnCLG/fLytngqEeKHl8ZAyjxjowWW7FlN
Vtv5wdcn3nadFN5VP7J2yaqAqd5oDYQnt4TEtjRJ7LtpFVXEsJrSP0bgGqCSt/mkjueI
l24DZXY=
=2407
-----END PGP SIGNATURE-----

--
Click to replace your roof - modern technology.
 http://tagline.hushmail.com/fc/BLSrjkqfVeJH4KSFJiWW8RQM697XcXEB38lgsGPyOmHFnxJnLE0VmIiAJkE/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ