lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <AANLkTikbqinHLBCtKS6MhC7x0qGZCtOcbjCnZa1TtmXH@mail.gmail.com>
Date: Tue, 26 Oct 2010 19:56:32 +0200
From: Christian Sciberras <uuf6429@...il.com>
To: PsychoBilly <zpamh0l3@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Fwd: ipv6 flaw (is bullshit)

> Why don't you all STFU and go play with your little IRC bots!




I was wondering, did anyone actually miss the point?
Over and out.





On Mon, Oct 18, 2010 at 11:10 AM, Christian Sciberras <uuf6429@...il.com> wrote:
>
> Why don't you all STFU and go play with your little IRC bots!
>
>
>
>
> On Mon, Oct 18, 2010 at 11:08 AM, PsychoBilly <zpamh0l3@...il.com> wrote:
>>
>> Anyways...
>> http://images.encyclopediadramatica.com/images/thumb/e/ed/Internet_business.jpg/569px-Internet_business.jpg
>>
>> [[   Andrew Auernheimer   ]] @ [[   18/10/2010 10:58   ]]--------------------------------------------------
>> > ---------- Forwarded message ----------
>> > From: Andrew Auernheimer <gluttony@...il.com>
>> > Date: Mon, 18 Oct 2010 04:51:59 -0400
>> > Subject: Re: ipv6 flaw
>> > To: edit@...et.com.au
>> > Cc: Eugene Teo <eugene@...hat.com>
>> >
>> > Dear ZDnet,
>> >
>> > This story: http://www.zdnet.com.au/4chan-finds-linux-kernel-flaw-for-attacks-339306657.htm
>> >  is someone talking straight out of their ass. We have no such
>> > exploit, If we did have such an exploit, there is absolutely no way we
>> > would share it with external parties. Not 4chan, not anyone. Due to
>> > the immense success and resiliency of the Linux platform, a 0-day
>> > kernel remote is worth serious money ($100k+ if you know the right
>> > buyers), and we would have given it to the highest bidder or put it on
>> > Bugtraq for maximum industry publicity. We would not have given it
>> > away for free to ineffectual idiots in their moms basements who aren't
>> > accomplishing anything.
>> >
>> > Beyond that, many of my closest friends make their living off of
>> > intellectual property. I do not support defacement and DDoS as a
>> > method of protest against anything, especially not a childish protest
>> > against copyright. Authors have a right to charge however much they
>> > please for their creative works. The people involved with these DDoS
>> > attacks and web site defacements need to grow up and do something
>> > useful with their lives.
>> >
>> > This article is ridden with a number of verifiably false errors. I'm
>> > sure a quick talk with Eugene from the Red Hat Linux corporation (he
>> > is cc'd to this email) could get you in touch with Linus who could
>> > confirm that no such communication with us ever existed. In addition,
>> > while I am probably one of the most skilled web application and
>> > browser exploit hackers in the world, I do not do kernel bugs. I have
>> > never done kernel work, with the exception of some stuff I did years
>> > ago related to Mac OS X kext. Every single bit of my previous public
>> > research has been related to a web browser bug or a web application
>> > bug. If someone in Goatse Security were to be involved with the
>> > creation of a kernel-related exploit, it would not be me.
>> >
>> > Lastly, my contact info is amazingly public. I was awake and checking
>> > my email when your story was posted, and for the 11 or so hours
>> > preceeding it. I have also talked with reporters at ZDnet previously,
>> > including ZDnet Australia. So the next time you have the urge to print
>> > libelous, sensational misinformation defaming both the integrity of my
>> > information security working group and the security of Linux, please
>> > give me an e-mail or phonecall first. The contact info is on the
>> > Goatse Security website. I should be informed of this stuff by your
>> > "journalists" (who are supposed to do things such as contact parties
>> > involved in a suspect claim from a random anonymous idiot on the
>> > Internet) and not someone from a major software vendor.
>> >
>> > Thanks,
>> > weev
>> >
>> > On Mon, Oct 18, 2010 at 2:35 AM, Eugene Teo <eugene@...hat.com> wrote:
>> >>
>> >> Hi Weev,
>> >>
>> >> I read a ZDNet news report that you have discovered a Linux kernel vulnerability, and I am wondering if you will be willing to share the technical details of the flaw.
>> >>
>> >> http://www.zdnet.com.au/4chan-finds-linux-kernel-flaw-for-attacks-339306657.htm
>> >>
>> >> Thanks, Eugene
>> >> --
>> >> Eugene Teo / Red Hat Security Response Team
>> >
>> > _______________________________________________
>> > Full-Disclosure - We believe in it.
>> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> > Hosted and sponsored by Secunia - http://secunia.com/
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists