lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Sun, 07 Aug 2011 16:47:04 -0400
From: "Mr. Hinky Dink" <dink@...inkydink.com>
To: full-disclosure@...ts.grok.org.uk
Cc: Valdis.Kletnieks@...edu
Subject: Re: Yet Another Chinese Multimedia Player
 Supplies Thousands Of Open Proxies

On Sun, 2011-08-07 at 16:27 -0400, Valdis.Kletnieks@...edu wrote:
> On Sat, 06 Aug 2011 19:59:23 EDT, "Mr. Hinky Dink" said:
> > 
> > 23,000+ showed up in July.  Over 16,000 new ones in the first week of
> > August.  Somebody doesn't get it.
> > 
> > http://mrhinkydink.blogspot.com/2011/08/tcp-port-8909-proxies.html
> > 
> > See also...
> > 
> > http://mrhinkydink.blogspot.com/2011/04/insecure-defaults-in-ppliveav-client.html
> 
> "Doesn't get it"?  You're making the rash assumption it's not intentional.
> 
> You yourself say "Government spooks and contractors take note: you can use
> these to stage your false flag attacks!".  Now take it one step further - what if
> they're intentionally open so the Chinese gov't can launch an attack through them
> and claim it was somebody else pulling a false flag attack?
> 
> You think that's too devious? Go read up on who financed the research that
> lead to TOR - and *why* they financed it. (tl;dr: US Gov. financed it, so the US
> spooks could more easily fly under the wire mixed in with all the other nefarious
> people using TOR.  So yes, it's patriotic to use TOR so it's even harder to use
> traffic analysis to track down our spooks. :)
> 

There's always the possibility that *I* don't get it.

Because I'm SOMEBODY dammit!

So... are you a spook or a contractor?  Or both?

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ