full-disclosure-uk May 2007 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: Re: [Full-disclosure] iDEFENSE VCP Challenge

Re: [Full-disclosure] iDEFENSE VCP Challenge and botnet technologies

From: Steve Ragan <sragan_at_nospam>
Date: Sun May 20 2007 - 23:47:59 GMT
To: <full-disclosure@lists.grok.org.uk>


Wow
What is with all the junk mail over the last few days on the list?

-----Original Message-----
From: full-disclosure-bounces@lists.grok.org.uk [mailto:full-disclosure-bounces@lists.grok.org.uk] On Behalf Of larry@larryseltzer.net
Sent: Sunday, May 20, 2007 7:16 PM
To: full-disclosure@lists.grok.org.uk
Subject: [Full-disclosure] iDEFENSE VCP Challenge and botnet technologies

Good evening list members,

Here is Larry Seltzer, your beloved on-field journalist reporting about the latest iDEFENSE challenge. An internal source who wishes to remain anonymous, provided information about possible bankruptcy of the VA-based "cyberintelligence" company, which offers monetary rewards for exploits, vulnerability information (Cross Site Scripting, LD_PRELOAD mis-use and VCP member list leakage issues).

The confidential information shows certain inconsistencies in the financial department, possibly caused by the increasing money laundering crime from eGold and the other payment methods they accept. Anonymous sources comment that the company could be investing in "pleasing slave Russian wifes" since December of past year, with the departure of Richard Johnson and Pedram Amini (working at Microsoft and 3Com's ZDI, respectively). The remaining employees are known to have leaked CANVAS exploits as their own, causing major struggle in the Miami-based basement of the ImmunitySec team (which I hate so much, due to my affiliations with Matasano and some old @Stake people).

This all might be the cause for the low prices offered by the continuous VCP challenges that the company launches on quarterly basis. The current one, offering as much as 16K USD dollars for flaws in OpenSSH, Apache, etc.

Security experts from all over the world, consider the price value fair after rumors of potential pre-authentication flaws in the listed applications. Possible reasons include the retirement of GOBBLES Security, the groundbreaking revelations of the well known Dr. Neal Krawetz, the relaunch of SNOSOFT or even the raising of a new neo-luddite terrorist organization known as The Rogue Parrot Squadron, which could be linked to the tsunami disasters and 11th September.

The FBI is reportedly investigating a security compromise of the systems used by the Gibson Research Corporation to host and sponsor the OpenBSD project, after DARPA stopped their funding (due to Theo De Raadt's comments to a Calgary based publication, regarding the War on Terror and gay marriages involving parrot sex and plastic surgery). This could be connected to the aforementioned underground neo-luddite organizations as well as the mysterious Internet identity known as n3td3v or it's counterpart, v3dt3n.

In a conference call with Gandhi Evron, details about unsuspected botnets taking over control of Israeli nuclear facilities have been made available. A crack commando lead by Gandhi (who showed up in boxing gloves and elastic pants) managed to destroy an Iranian building complex used to conduct Denial of Service attacks against str0ke's private IRC intelligence service. Other sources confirm the compromise of individuals connected to the kidnapping of the world most well known whitehat expert, Andre Protas, who still works at eEye and obtains IDA Pro bulk licenses (albeit Ilfak Guilfanov publicly refuses to support him) for the now infamous CRACKlab.ru

Similar conditions seem to surround GOBBLES Security operatives, after they were forced out of retirement by the Krawetz HackerFactor gang (in retardement since circa 100 years ago). Anonymous sources agree that this message will be flagged as 'Made in GOBBLES, 100% Mighty Turkey meat' by the well known Doctor.

Rumors say he will soon move to a remote, lone Island in the middle of nowhere, to create a new race portraying thick nerdy glasses, fat faces and a desperate need of publishing utterly scientifically-flawed crap in security conferences, forums, blogs and Ranum's podcast.

Finally, Matasano LLC., managed to make a world out of a single Quicktime exploit. This crack commando, known for bashing the LMH/IPU identity (known to be a group of desperate gangsters willing to do real mayhem over whitehats' wifes) arguing "they are publicity stunts". Drugs must be working, meds still in pharmacy. Anonymous sources comment that this desperate move for publicity might be a sign of serious financial problems in the consulting firm, which is being managed by a real moron from outer-space, Thomas P-ee-tacek (phonetic emphasis is mine). Known for publishing an IDS evasion paper circa 10 years ago, he possesses strong management skills, as well as a talent for pissing off the wrong people. He also forgot that IDS evasion is more than your own version of 'hping'. They were also stupid enough for getting as much as 10K USD from the ZDI, when they could have sold it to iDEFENSE for a higher value and fingerprinting. The consulting firm denied negotiations with Apple Computer Inc. for a possible Leopard-related contract, which could explain the absolute lameness and faggotry shown in all the public mentions of the Cupertino-based manufacturer as "pleasing to work with, absolutely reliable and honest, smooth and tight as the ass of a 7-year old".

Shall the world end in major struggle, fire and massive ruckuz, your beloved journalist-on-field, Larry Seltzer, will continue to bring unbiased news reports and save the world from evil h4x0r forces utilizing the giant honeypot force, completely controlled by him. Nothing will stop him from getting the job done. No fear, no pain. Sacrifice and hard work. Drugs and heavy attention deficit disorder. The Great Asperger Army. Nothing, absolutely nothing will stop him. Ever.

Regards and kisses,
Larry Seltzer - reporting from the outer space.



Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.5.467 / Virus Database: 269.7.6/813 - Release Date: 5/20/2007 7:54 AM
_______________________________________________
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/