lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <58DB1B68E62B9F448DF1A276B0886DF192FD8C45@EX2010.hammerofgod.com>
Date: Sat, 3 Sep 2011 16:46:18 +0000
From: "Thor (Hammer of God)" <thor@...merofgod.com>
To: "Valdis.Kletnieks@...edu" <Valdis.Kletnieks@...edu>, Tomm Foo
	<bl4kjeebus121@...il.com>
Cc: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>
Subject: Re: Full-Disclosure Digest, Vol 79, Issue 6

We both know the answer to that question: No, he doesn't, because it's not.   But that never stops people from *saying* it's out there in their *secret* botnets that they can't tell anyone about because it's all on the QT. 

I doubt it's even in lab environments sense the entire class of "vulnerability" is basically worthless, and working up valid PoCs is a waste of time.   I totally agree with the points you made in your earlier reply, btw - just didn't have a chance to reply.

I also agree with your comment regarding this type of thing being "the future of infosec as well."  I don't even know what to call it anymore... we've always had a high amount of FUD in the industry, but it's not at the point that "InfoSec" is actually the opposite of what it means: "Misinformation Insecurity" now, at a basic level.  It's commercial grandstanding.  All these guys have to do is post inane technical tidbits and wrap them in unquantifiable hyperbole, and some blog troll picks it up and posts it on ThreadPost or Computerworld.  Before you know it, they get accepted to speak at some conference where they further artificially inflate risk by claiming wide-spread existence of unauthenticated Internet-based shares and how "most" companies do A, B, or C when they really have no idea what companies do.  

I'll add to your prediction, and I'll even shorten the timeframe more.   From a social engineering standpoint, the focus will be delivering content through "trusted" channels in social networks where referred parties deliver 3rd party content in the way of video, links, ads, and of course, software downloads.   Aggregating social plug-ins will not only deliver this content, but they, in themselves, will provide reporting and redirection capabilities.  The thing is, these plug-ins will actually "work," in that they will perform the advertised function, but will also have additional "features" exposing attack vectors.    I think the cognitive psyches are already at work designing the UIs and triggers. 

t  

-----Original Message-----
From: full-disclosure-bounces@...ts.grok.org.uk [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of Valdis.Kletnieks@...edu
Sent: Saturday, September 03, 2011 8:45 AM
To: Tomm Foo
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: [Full-disclosure] Full-Disclosure Digest, Vol 79, Issue 6

On Sat, 03 Sep 2011 04:16:00 PDT, Tomm Foo said:

> what the..? gl0w0rm you dont know shiit bout nothin. keep hollerin at 
> yo boys at HF, cause them cats is legit leet, bra.

> > From: GloW - XD <doomxd@...il.com>
> > I must agree, considering i have yet to see it used in even botnet 
> > circles,

Ok Tomm, I'll bite. Do you have any actual evidence this one *is* being used in botnet circles (or anyplace else outside a lab environment)?

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ