lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <AANLkTimRu16pG=wiXTs-opEtMk_oFXdCjkmnpsySW9Lq@mail.gmail.com>
Date: Thu, 18 Nov 2010 01:30:17 -0600
From: Andrew Auernheimer <gluttony@...il.com>
To: R S <fifteenfourtyone@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Open Letter to Lee Vartan,
 Assistant United States Attorney in regards to the Goatse Security
 iPad case.

"The reality is that you are inconsequential to security because you
are a script kiddie."

Perhaps you are confused as to what this term means. Script kiddies
are people who do not produce innovation of their own, and solely run
things downloaded from Packetstorm. I have repeatedly stood up and
done unique things to advance my nation, not just in information
security but in an interdisciplinary manner. As far as my
accomplishments in information security, I recently watched one of
Samy Kamkar's presentations at Blackhat that cites our group
repeatedly. One of our advisories is mentioned in his slides:
http://i.imgur.com/YIl9I.jpg
and he also states that cross-protocol scripting was "made big" by us.

What about Robert Hansen/RSnake? He said "I don’t see anyone outside
of a handful of people, like Weev, Wade Alcorn, Samy Kumkar, Aaron
Weaver and myself doing this kind of research. There’s literally
thousands of potentially exploitable services out there!" --
http://ha.ckers.org/blog/20100329/safari-integer-overflow-aids-inter-protocol-exploitation/

RSnake is well respected in the security community. Does he suddenly
not know what he's talking about just for recognizing the validity of
my research? I have stacks of internal government memos highlighting
the implications of stuff we've outlined-- clearly a number of people
think the things that we're doing are notable and have real world
implications.

I do not post on this list looking for sympathy-- quite the opposite.
Unlike you, I believe in free speech, and even want to give my deepest
critics a chance to hop into the dialogue.
Finally, your profession deserves to be cheapened. I've actually
attempted to innovate, and who are you? Oh yeah, you're some dude that
hits a button on Core Impact for a living. There are a number of
amazing individuals in the information security community doing great
things, but for every one of them there's a hundred snake-oil peddling
losers who are the real scriptkiddies. Though dated, the PHC
production of the same name rings true for individuals such as
yourself. Maybe you should read it and it'll challenge you to actually
do something useful instead of tossing ad hominems on a mailing list:
http://antisec.wordpress.com/2005/12/18/hack4txt-a-phc-production-the-real-scriptkiddies/

On Wed, Nov 17, 2010 at 9:10 PM, R S <fifteenfourtyone@...il.com> wrote:
>
> Speaking for only myself, I could care less about your personal / political views. The reality is you are inconsequential to security because you are a script kiddie. I had read articles about your various high profile 'trolling' incidents before, but until your asinine post here had never bothered to research you. What I've read was nothing but humorous. At one point you claim to hate bloggers, yet in a pre Web 2.0 world, you and your Encyclopedia Dramatica generation script kiddies would have no notoriety at all. Nobody would care about your bizarre high profile cries for attention, and personally, I certainly don't.
> You are a troll and a script kiddie. Your whiney rants have no place on a mailing list for the security community. I'm sure the kids that support you on various forums eat your crap up, but you will find little sympathy here. You claim constantly to hunt pedophiles, thats great. Somehow I'm sure most people in prison have done good in their lives as well as bad. Hopefully, if my tax dollars do their job, you will have plenty of time in the near future to contemplate all of this in jail.
> Grow up kiddo. Personally I resent how you and your ilk cheapen this profession, and applaud law enforcement for doing their job.
>
>
> R
>
>
> From: Andrew Auernheimer <gluttony () gmail com>
> Date: Wed, 17 Nov 2010 19:06:02 -0600
> ________________________________
>
> Troy,
>
> As with many of my critics, you insist on attempting to libel me and defame
> my character (clearly having an objection to my political views) instead of
> honestly debating the merits of my actions and the reality of my many
> well-received research contributions. I take ad hominem attacks like yours
> in stride with the civility and grace befitting of a Christian man, and urge
> you to think more critically before you say more things that
> will embarrass you in front of your peers.
>
> "You see no evidence of"
>
> Your implication that because you have not seen evidence of something it has
> not happened is fallacious. Regardless, I will enlighten you with some
> history of our anti-pedophile activity (with links to backdated posts
> pedophile posts detailing our successes against their infrastructure and
> payment systems, emails with full headers and evidence of ongoing pedophile
> activity), some of which predates the iPad incident by years.  You haven't
> seen any evidence of it because we, unlike many people, do not wear every
> bit of public service we do on our sleeve. We live in the spirit of Matthew
> 6:6.
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ