full-disclosure-uk May 2007 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: Re: [Full-disclosure] iDEFENSE VCP Challenge

Re: [Full-disclosure] iDEFENSE VCP Challenge and botnet technologies

From: scott <redhowlingwolves_at_nospam>
Date: Mon May 21 2007 - 00:57:12 GMT
To: full-disclosure@lists.grok.org.uk

Hash: SHA1

Steve Ragan wrote:
> Wow
> What is with all the junk mail over the last few days on the list?
> -----Original Message-----
> From: full-disclosure-bounces@lists.grok.org.uk
> [mailto:full-disclosure-bounces@lists.grok.org.uk] On Behalf Of
> larry@larryseltzer.net
> Sent: Sunday, May 20, 2007 7:16 PM
> To: full-disclosure@lists.grok.org.uk
> Subject: [Full-disclosure] iDEFENSE VCP Challenge and botnet technologies
> Good evening list members,
> Here is Larry Seltzer, your beloved on-field journalist reporting about the
> latest iDEFENSE challenge. An internal source who wishes to remain
> anonymous, provided information about possible bankruptcy of the VA-based
> "cyberintelligence" company, which offers monetary rewards for exploits,
> vulnerability information (Cross Site Scripting, LD_PRELOAD mis-use and VCP
> member list leakage issues).
> The confidential information shows certain inconsistencies in the financial
> department, possibly caused by the increasing money laundering crime from
> eGold and the other payment methods they accept. Anonymous sources comment
> that the company could be investing in "pleasing slave Russian wifes" since
> December of past year, with the departure of Richard Johnson and Pedram
> Amini (working at Microsoft and 3Com's ZDI, respectively). The remaining
> employees are known to have leaked CANVAS exploits as their own, causing
> major struggle in the Miami-based basement of the ImmunitySec team (which I
> hate so much, due to my affiliations with Matasano and some old @Stake
> people).
> This all might be the cause for the low prices offered by the continuous VCP
> challenges that the company launches on quarterly basis. The current one,
> offering as much as 16K USD dollars for flaws in OpenSSH, Apache, etc.
> Security experts from all over the world, consider the price value fair
> after rumors of potential pre-authentication flaws in the listed
> applications. Possible reasons include the retirement of GOBBLES Security,
> the groundbreaking revelations of the well known Dr. Neal Krawetz, the
> relaunch of SNOSOFT or even the raising of a new neo-luddite terrorist
> organization known as The Rogue Parrot Squadron, which could be linked to
> the tsunami disasters and 11th September.
> The FBI is reportedly investigating a security compromise of the systems
> used by the Gibson Research Corporation to host and sponsor the OpenBSD
> project, after DARPA stopped their funding (due to Theo De Raadt's comments
> to a Calgary based publication, regarding the War on Terror and gay
> marriages involving parrot sex and plastic surgery). This could be connected
> to the aforementioned underground neo-luddite organizations as well as the
> mysterious Internet identity known as n3td3v or it's counterpart, v3dt3n.
> In a conference call with Gandhi Evron, details about unsuspected botnets
> taking over control of Israeli nuclear facilities have been made available.
> A crack commando lead by Gandhi (who showed up in boxing gloves and elastic
> pants) managed to destroy an Iranian building complex used to conduct Denial
> of Service attacks against str0ke's private IRC intelligence service. Other
> sources confirm the compromise of individuals connected to the kidnapping of
> the world most well known whitehat expert, Andre Protas, who still works at
> eEye and obtains IDA Pro bulk licenses (albeit Ilfak Guilfanov publicly
> refuses to support him) for the now infamous CRACKlab.ru
> Similar conditions seem to surround GOBBLES Security operatives, after they
> were forced out of retirement by the Krawetz HackerFactor gang (in
> retardement since circa 100 years ago). Anonymous sources agree that this
> message will be flagged as 'Made in GOBBLES, 100% Mighty Turkey meat' by the
> well known Doctor.
> Rumors say he will soon move to a remote, lone Island in the middle of
> nowhere, to create a new race portraying thick nerdy glasses, fat faces and
> a desperate need of publishing utterly scientifically-flawed crap in
> security conferences, forums, blogs and Ranum's podcast.
> Finally, Matasano LLC., managed to make a world out of a single Quicktime
> exploit. This crack commando, known for bashing the LMH/IPU identity (known
> to be a group of desperate gangsters willing to do real mayhem over
> whitehats' wifes) arguing "they are publicity stunts". Drugs must be
> working, meds still in pharmacy. Anonymous sources comment that this
> desperate move for publicity might be a sign of serious financial problems
> in the consulting firm, which is being managed by a real moron from
> outer-space, Thomas P-ee-tacek (phonetic emphasis is mine). Known for
> publishing an IDS evasion paper circa 10 years ago, he possesses strong
> management skills, as well as a talent for pissing off the wrong people. He
> also forgot that IDS evasion is more than your own version of 'hping'. They
> were also stupid enough for getting as much as 10K USD from the ZDI, when
> they could have sold it to iDEFENSE for a higher value and fingerprinting.
> The consulting firm denied negotiations with Apple Computer Inc. for a
> possible Leopard-related contract, which could explain the absolute lameness
> and faggotry shown in all the public mentions of the Cupertino-based
> manufacturer as "pleasing to work with, absolutely reliable and honest,
> smooth and tight as the ass of a 7-year old".
> Shall the world end in major struggle, fire and massive ruckuz, your beloved
> journalist-on-field, Larry Seltzer, will continue to bring unbiased news
> reports and save the world from evil h4x0r forces utilizing the giant
> honeypot force, completely controlled by him.
> Nothing will stop him from getting the job done. No fear, no pain.
> Sacrifice and hard work. Drugs and heavy attention deficit disorder.
> The Great Asperger Army. Nothing, absolutely nothing will stop him.
> Ever.
> Regards and kisses,
> Larry Seltzer - reporting from the outer space.
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> --
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.5.467 / Virus Database: 269.7.6/813 - Release Date: 5/20/2007
> 7:54 AM
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

I'm beginning to believe in full-disclosure going to full-moderated-disclosure.
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGUO5nKjKn8kQC6H8RAp2gAJ9Bg0h/6+x1kw/WpUk12X15WcyAEwCeMbmr xsBxp9KMFt5GHF+FgEQnIa0=

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/