Mailing List Archive

Georgi,

Hi I've always admired your work :) Especially the AIX shellcode..
anyways I just thought I would write you to inform you of a small time
for exploit developers only mailing list. So far we have about 10 well
reputed exploit developers on our list. And that's it! No security
consultants, pen-testers, script kiddies... the URL is here. excuse the
pop-up; I've found friendly hosting for the list but not the page yet :)

http://www.crosswinds.net/~zerodaydigest/

Please take a look at the charter. Anyways, we'd all love to benefit
from your wide range of exploit development expertise!

best regards,
core

Georgi Guninski wrote:
> Here are my 2 stotinki on Securityfocus's sell out.
>
> I don't mind aleph1 & co. taking $75M. What I am concerned what price we
> shall pay for it. ($75M is too much for collecting other people's 0days,
> IMHO)
>
> What scares me about Securityfocus is that since the beginning 2002
> they started not posting some of my posts to bugtraq but seem to post
> "politically correct" messages.
>
> They went so far to not post a real vulnerability [1](later indirectly
> confirmed by Microsoft in a bulletin, not fixed yet).
> Then I decided - no 0days for securityfocus and started posting only
> comments and opinions, mainly on the topic of full disclosure.
> Most of them didn't get to the list, though the opposite of my opinions
> were
> posted.
>
> Hope they don't turn into mainstream media outlet and use the power of
> moderation for labelling people and ideas as good and bad in their user
> base.
>
> Note: I don't mean to whine for them moderating me down, it is their right
> to do whatever they want with their mailing lists, but think this should be
> publicly known.
>
> [1] http://www.guninski.com/signedactivex.html (also check ver. 2.0)
>
> Georgi Guninski
> http://www.guninski.com
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Full-Disclosure@lists.netsys.com
> http://lists.netsys.com/mailman/listinfo/full-disclosure
>
>

Er... please disregard that last e-mail it was sent to the list on
accident. If you're interested in joining our small list and develop
exploits feel free to contact core-owner@noops.english.org since I spilt
the beans.

best regards,
core

Charles 'core' Stevenson wrote:
> Georgi,
>
> Hi I've always admired your work :) Especially the AIX shellcode..
> anyways I just thought I would write you to inform you of a small time
> for exploit developers only mailing list. So far we have about 10 well
> reputed exploit developers on our list. And that's it! No security
> consultants, pen-testers, script kiddies... the URL is here. excuse the
> pop-up; I've found friendly hosting for the list but not the page yet :)
>
> http://www.crosswinds.net/~zerodaydigest/
>
> Please take a look at the charter. Anyways, we'd all love to benefit
> from your wide range of exploit development expertise!
>
> best regards,
> core
>
> Georgi Guninski wrote:
>
>> Here are my 2 stotinki on Securityfocus's sell out.
>>
>> I don't mind aleph1 & co. taking $75M. What I am concerned what price we
>> shall pay for it. ($75M is too much for collecting other people's 0days,
>> IMHO)
>>
>> What scares me about Securityfocus is that since the beginning 2002
>> they started not posting some of my posts to bugtraq but seem to post
>> "politically correct" messages.
>>
>> They went so far to not post a real vulnerability [1](later
>> indirectly confirmed by Microsoft in a bulletin, not fixed yet).
>> Then I decided - no 0days for securityfocus and started posting only
>> comments and opinions, mainly on the topic of full disclosure.
>> Most of them didn't get to the list, though the opposite of my
>> opinions were
>> posted.
>>
>> Hope they don't turn into mainstream media outlet and use the power of
>> moderation for labelling people and ideas as good and bad in their user
>> base.
>>
>> Note: I don't mean to whine for them moderating me down, it is their
>> right
>> to do whatever they want with their mailing lists, but think this
>> should be
>> publicly known.
>>
>> [1] http://www.guninski.com/signedactivex.html (also check ver. 2.0)
>>
>> Georgi Guninski
>> http://www.guninski.com
>>
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Full-Disclosure@lists.netsys.com
>> http://lists.netsys.com/mailman/listinfo/full-disclosure
>>
>>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Full-Disclosure@lists.netsys.com
> http://lists.netsys.com/mailman/listinfo/full-disclosure
>
>

Yeah my e-mail client doesn't even include the original posters address
if I hit reply-all...

core

KF wrote:
> Thats exactly why I love the reply-to on this list. =]
> -KF
>
> ----- Original Message -----
> From: "Charles 'core' Stevenson" <core@bokeoa.com>
> To: <full-disclosure@lists.netsys.com>
> Sent: Sunday, July 21, 2002 10:51 AM
> Subject: Re: [Full-Disclosure] On sf sell out
>
>
>
>>Er... please disregard that last e-mail it was sent to the list on
>>accident. If you're interested in joining our small list and develop
>>exploits feel free to contact core-owner@noops.english.org since I spilt
>>the beans.
>>
>>best regards,
>>core
>>
>>Charles 'core' Stevenson wrote:
>>
>>>Georgi,
>>>
>>>Hi I've always admired your work :) Especially the AIX shellcode..
>>>anyways I just thought I would write you to inform you of a small time
>>>for exploit developers only mailing list. So far we have about 10 well
>>>reputed exploit developers on our list. And that's it! No security
>>>consultants, pen-testers, script kiddies... the URL is here. excuse the
>>>pop-up; I've found friendly hosting for the list but not the page yet :)
>>>
>>>http://www.crosswinds.net/~zerodaydigest/
>>>
>>>Please take a look at the charter. Anyways, we'd all love to benefit
>>>from your wide range of exploit development expertise!
>>>
>>>best regards,
>>>core
>>>
>>>Georgi Guninski wrote:
>>>
>>>
>>>>Here are my 2 stotinki on Securityfocus's sell out.
>>>>
>>>>I don't mind aleph1 & co. taking $75M. What I am concerned what price
>>>
> we
>
>>>>shall pay for it. ($75M is too much for collecting other people's
>>>
> 0days,
>
>>>>IMHO)
>>>>
>>>>What scares me about Securityfocus is that since the beginning 2002
>>>>they started not posting some of my posts to bugtraq but seem to post
>>>>"politically correct" messages.
>>>>
>>>>They went so far to not post a real vulnerability [1](later
>>>>indirectly confirmed by Microsoft in a bulletin, not fixed yet).
>>>>Then I decided - no 0days for securityfocus and started posting only
>>>>comments and opinions, mainly on the topic of full disclosure.
>>>>Most of them didn't get to the list, though the opposite of my
>>>>opinions were
>>>>posted.
>>>>
>>>>Hope they don't turn into mainstream media outlet and use the power of
>>>>moderation for labelling people and ideas as good and bad in their user
>>>>base.
>>>>
>>>>Note: I don't mean to whine for them moderating me down, it is their
>>>>right
>>>>to do whatever they want with their mailing lists, but think this
>>>>should be
>>>>publicly known.
>>>>
>>>>[1] http://www.guninski.com/signedactivex.html (also check ver. 2.0)
>>>>
>>>>Georgi Guninski
>>>>http://www.guninski.com
>>>>
>>>>
>>>>_______________________________________________
>>>>Full-Disclosure - We believe in it.
>>>>Full-Disclosure@lists.netsys.com
>>>>http://lists.netsys.com/mailman/listinfo/full-disclosure
>>>>
>>>>
>>>
>>>
>>>_______________________________________________
>>>Full-Disclosure - We believe in it.
>>>Full-Disclosure@lists.netsys.com
>>>http://lists.netsys.com/mailman/listinfo/full-disclosure
>>>
>>>
>>
>>
>>_______________________________________________
>>Full-Disclosure - We believe in it.
>>Full-Disclosure@lists.netsys.com
>>http://lists.netsys.com/mailman/listinfo/full-disclosure
>>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Full-Disclosure@lists.netsys.com
> http://lists.netsys.com/mailman/listinfo/full-disclosure
>
>

Thats exactly why I love the reply-to on this list. =]
-KF

----- Original Message -----
From: "Charles 'core' Stevenson" <core@bokeoa.com>
To: <full-disclosure@lists.netsys.com>
Sent: Sunday, July 21, 2002 10:51 AM
Subject: Re: [Full-Disclosure] On sf sell out


> Er... please disregard that last e-mail it was sent to the list on
> accident. If you're interested in joining our small list and develop
> exploits feel free to contact core-owner@noops.english.org since I spilt
> the beans.
>
> best regards,
> core
>
> Charles 'core' Stevenson wrote:
> > Georgi,
> >
> > Hi I've always admired your work :) Especially the AIX shellcode..
> > anyways I just thought I would write you to inform you of a small time
> > for exploit developers only mailing list. So far we have about 10 well
> > reputed exploit developers on our list. And that's it! No security
> > consultants, pen-testers, script kiddies... the URL is here. excuse the
> > pop-up; I've found friendly hosting for the list but not the page yet :)
> >
> > http://www.crosswinds.net/~zerodaydigest/
> >
> > Please take a look at the charter. Anyways, we'd all love to benefit
> > from your wide range of exploit development expertise!
> >
> > best regards,
> > core
> >
> > Georgi Guninski wrote:
> >
> >> Here are my 2 stotinki on Securityfocus's sell out.
> >>
> >> I don't mind aleph1 & co. taking $75M. What I am concerned what price
we
> >> shall pay for it. ($75M is too much for collecting other people's
0days,
> >> IMHO)
> >>
> >> What scares me about Securityfocus is that since the beginning 2002
> >> they started not posting some of my posts to bugtraq but seem to post
> >> "politically correct" messages.
> >>
> >> They went so far to not post a real vulnerability [1](later
> >> indirectly confirmed by Microsoft in a bulletin, not fixed yet).
> >> Then I decided - no 0days for securityfocus and started posting only
> >> comments and opinions, mainly on the topic of full disclosure.
> >> Most of them didn't get to the list, though the opposite of my
> >> opinions were
> >> posted.
> >>
> >> Hope they don't turn into mainstream media outlet and use the power of
> >> moderation for labelling people and ideas as good and bad in their user
> >> base.
> >>
> >> Note: I don't mean to whine for them moderating me down, it is their
> >> right
> >> to do whatever they want with their mailing lists, but think this
> >> should be
> >> publicly known.
> >>
> >> [1] http://www.guninski.com/signedactivex.html (also check ver. 2.0)
> >>
> >> Georgi Guninski
> >> http://www.guninski.com
> >>
> >>
> >> _______________________________________________
> >> Full-Disclosure - We believe in it.
> >> Full-Disclosure@lists.netsys.com
> >> http://lists.netsys.com/mailman/listinfo/full-disclosure
> >>
> >>
> >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Full-Disclosure@lists.netsys.com
> > http://lists.netsys.com/mailman/listinfo/full-disclosure
> >
> >
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Full-Disclosure@lists.netsys.com
> http://lists.netsys.com/mailman/listinfo/full-disclosure
>

also sprach Charles 'core' Stevenson <core@bokeoa.com> [2002.07.21.2025 +0200]:
> Yeah my e-mail client doesn't even include the original posters address
> if I hit reply-all...

Which is entirely due to Reply-To being set. Anyway, I won't complain,
my mailer can handle it with the hook I wrote, and as it is, it can
only become amusing ;^>

--
martin; (greetings from the heart of the sun.)
\____ echo mailto: !#^."<*>"|tr "<*> mailto:" net@madduck

feature freeze means that everyone has a bad feeling
when they change something, almost nothing more."
-- stephan kulow

also sprach Charles 'core' Stevenson <core@bokeoa.com> [2002.07.21.1951 +0200]:
> Er... please disregard that last e-mail it was sent to the list on
> accident. If you're interested in joining our small list and develop
> exploits feel free to contact core-owner@noops.english.org since I spilt
> the beans.

Yes, but I am on of "those security consultants". You wouldn't want me
on that list, right?

--
martin; (greetings from the heart of the sun.)
\____ echo mailto: !#^."<*>"|tr "<*> mailto:" net@madduck

give me ambiguity or give me something else.

Well, I should clarify. The 0-Day Digest does not discriminate on the
basis of employment, race, creed, etc.. That was my own personal
false-generalisation or whatever you'd like to call it... prejudice...
which assumes that all security consultants/pen-testers rely on others
to create exploits and tools for them to perform their job, flesh out
their product, etc.. Obviosuly this is untrue as we have members in all
listed fields except script kiddie (we hope ;). So please accept my
appology for saying that, no hard feelings right? :)

core

martin f krafft wrote:
> also sprach Charles 'core' Stevenson <core@bokeoa.com> [2002.07.21.1951 +0200]:
>
>>Er... please disregard that last e-mail it was sent to the list on
>>accident. If you're interested in joining our small list and develop
>>exploits feel free to contact core-owner@noops.english.org since I spilt
>>the beans.
>
>
> Yes, but I am on of "those security consultants". You wouldn't want me
> on that list, right?
>

martin f krafft wrote:
> also sprach Charles 'core' Stevenson <core@bokeoa.com> [2002.07.21.2025 +0200]:
>
>>Yeah my e-mail client doesn't even include the original posters address
>>if I hit reply-all...
>
>
> Which is entirely due to Reply-To being set. Anyway, I won't complain,
> my mailer can handle it with the hook I wrote, and as it is, it can
> only become amusing ;^>
>


--
^herman^ .~. The best way to accelerate
Email:herman@ofzo.nl / v \ a computer running Windows
Homepage:cashcow.dyn.dhs.org/( _ )\ is at 9.8 m/s^2
ICQ:23752972________________ ^ ^ ____________________________
PGP PUBLIC KEY BLOCK:PGPKeyID:0x6B806B10
http://systemoperator.xs4all.nl/~herman/herman.asc
- bring choice to your computer -

Who says a security consultant can't write an exploit? :-)

> -----Original Message-----
> From: full-disclosure-admin@lists.netsys.com
> [mailto:full-disclosure-admin@lists.netsys.com] On Behalf Of
> martin f krafft
> Sent: Sunday, July 21, 2002 3:42 PM
> To: full-disclosure@lists.netsys.com
> Subject: Re: [Full-Disclosure] On sf sell out
>
>
> also sprach Charles 'core' Stevenson <core@bokeoa.com>
> [2002.07.21.1951 +0200]:
> > Er... please disregard that last e-mail it was sent to the list on
> > accident. If you're interested in joining our small list
> and develop
> > exploits feel free to contact core-owner@noops.english.org
> since I spilt
> > the beans.
>
> Yes, but I am on of "those security consultants". You
> wouldn't want me on that list, right?
>
> --
> martin; (greetings from the heart of the sun.)
> \____ echo mailto: !#^."<*>"|tr "<*> mailto:" net@madduck
>
> give me ambiguity or give me something else.
>

It really comes down to the intent of the person wishing to join. If the
individual's intent is to procure cutting edge technology without
reciprocating then we are not interested. On the contrary if the
individual and the existing members can benefit each other through
mutual association then I think we have a good thing. :)

Best Regards,
Charles Stevenson

KF wrote:
> The point of the statement was non-profit I think.
> -KF
>
> ----- Original Message -----
> From: "Steve" <steve@entrenchtech.com>
> To: <full-disclosure@lists.netsys.com>
> Sent: Sunday, July 21, 2002 7:38 PM
> Subject: RE: [Full-Disclosure] On sf sell out
>
>
>
>>Who says a security consultant can't write an exploit? :-)
>>
>>
>>>-----Original Message-----
>>>From: full-disclosure-admin@lists.netsys.com
>>>[mailto:full-disclosure-admin@lists.netsys.com] On Behalf Of
>>>martin f krafft
>>>Sent: Sunday, July 21, 2002 3:42 PM
>>>To: full-disclosure@lists.netsys.com
>>>Subject: Re: [Full-Disclosure] On sf sell out
>>>
>>>
>>>also sprach Charles 'core' Stevenson <core@bokeoa.com>
>>>[2002.07.21.1951 +0200]:
>>>
>>>>Er... please disregard that last e-mail it was sent to the list on
>>>>accident. If you're interested in joining our small list
>>>
>>>and develop
>>>
>>>>exploits feel free to contact core-owner@noops.english.org
>>>
>>>since I spilt
>>>
>>>>the beans.
>>>
>>>Yes, but I am on of "those security consultants". You
>>>wouldn't want me on that list, right?
>>>
>>>--
>>>martin; (greetings from the heart of the sun.)
>>> \____ echo mailto: !#^."<*>"|tr "<*> mailto:" net@madduck
>>>
>>>give me ambiguity or give me something else.
>>>
>>
>>
>>_______________________________________________
>>Full-Disclosure - We believe in it.
>>Full-Disclosure@lists.netsys.com
>>http://lists.netsys.com/mailman/listinfo/full-disclosure
>>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Full-Disclosure@lists.netsys.com
> http://lists.netsys.com/mailman/listinfo/full-disclosure
>
>

The point of the statement was non-profit I think.
-KF

----- Original Message -----
From: "Steve" <steve@entrenchtech.com>
To: <full-disclosure@lists.netsys.com>
Sent: Sunday, July 21, 2002 7:38 PM
Subject: RE: [Full-Disclosure] On sf sell out


> Who says a security consultant can't write an exploit? :-)
>
> > -----Original Message-----
> > From: full-disclosure-admin@lists.netsys.com
> > [mailto:full-disclosure-admin@lists.netsys.com] On Behalf Of
> > martin f krafft
> > Sent: Sunday, July 21, 2002 3:42 PM
> > To: full-disclosure@lists.netsys.com
> > Subject: Re: [Full-Disclosure] On sf sell out
> >
> >
> > also sprach Charles 'core' Stevenson <core@bokeoa.com>
> > [2002.07.21.1951 +0200]:
> > > Er... please disregard that last e-mail it was sent to the list on
> > > accident. If you're interested in joining our small list
> > and develop
> > > exploits feel free to contact core-owner@noops.english.org
> > since I spilt
> > > the beans.
> >
> > Yes, but I am on of "those security consultants". You
> > wouldn't want me on that list, right?
> >
> > --
> > martin; (greetings from the heart of the sun.)
> > \____ echo mailto: !#^."<*>"|tr "<*> mailto:" net@madduck
> >
> > give me ambiguity or give me something else.
> >
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Full-Disclosure@lists.netsys.com
> http://lists.netsys.com/mailman/listinfo/full-disclosure
>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Is this list going to be archived? Then anyone will be able to google the
archives, and make off with whatever knowledge that ends up collected being
here.

I think that we are all angry that things happened the way they did with
securityfocus, and that's understandable. However, knee-jerk reactions will
get us nowhere fast. Perhaps something in the charter forbidding the sale of
the list, or assurances that exploit info isn't prostituted, etc. etc. would
be cool, and sufficient.

- --Joey

Thou spake:
>It really comes down to the intent of the person wishing to join. If the
> individual's intent is to procure cutting edge technology without
>reciprocating then we are not interested. On the contrary if the
>individual and the existing members can benefit each other through
>mutual association then I think we have a good thing. :)
>
<snip>
- --

Joey Kelly
< Minister of the Gospel | Computer Networking Consultant >
http://joeykelly.net

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE9PHbRTACso8v35Y4RAifAAJ9iD/pMZbWzazMsddFzgRMV2XKgMACgyNed
AN88l88UPsPcnyjLGXyMU18=
=//VX
-----END PGP SIGNATURE-----

> Is this list going to be archived? Then anyone will be able to google the
> archives, and make off with whatever knowledge that ends up collected
being
> here.

This list is already being archived, as you can see at
http://lists.netsys.com/pipermail/full-disclosure/
And its archive is already in the news, as you can see at
http://www.theregister.co.uk/content/55/26315.html

Regards,

--------------------------------------------------------------------
Giordani Rodrigues
InfoGuerra's Editor
URL: http://www.infoguerra.com.br
E-mail: editor@infoguerra.com.br


----- Original Message -----
From: "Joey Kelly" <looseduk@ductape.net>
To: <full-disclosure@lists.netsys.com>
Sent: Monday, July 22, 2002 6:18 PM
Subject: Re: [Full-Disclosure] On sf sell out


> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Is this list going to be archived? Then anyone will be able to google the
> archives, and make off with whatever knowledge that ends up collected
being
> here.
>
> I think that we are all angry that things happened the way they did with
> securityfocus, and that's understandable. However, knee-jerk reactions
will
> get us nowhere fast. Perhaps something in the charter forbidding the sale
of
> the list, or assurances that exploit info isn't prostituted, etc. etc.
would
> be cool, and sufficient.
>
> - --Joey

On Mon, Jul 22, 2002 at 09:18:48PM +0000, looseduk@ductape.net said:
> Is this list going to be archived? Then anyone will be able to google the
> archives, and make off with whatever knowledge that ends up collected being
> here.

It's the Net. That's one of the major features. If you have something to say
that you don't want random strangers finding, why would you say it in a
public forum to begin with?

You can always use the X-No-Archive flag, which may or may not have the
effect you desire.

IMHO there's entirely too much angst over the ability of some *gasp*
non-list-subscriber reading one's valuable pearls of knowledge in a search
engine rather than a MUA. What's the difference, anyway? If you want your
words to stay private, encrypt them, or use a private list or network. Expect
that whatever you say in a public forum will be hanging around for some time
to come. That's the way of the Net.

> I think that we are all angry that things happened the way they did with
> securityfocus, and that's understandable. However, knee-jerk reactions will
> get us nowhere fast. Perhaps something in the charter forbidding the sale of
> the list, or assurances that exploit info isn't prostituted, etc. etc. would
> be cool, and sufficient.

They would be pointless. Consider what you're proposing a bit more and see if
you don't reach the same conclusion. Trying to control the degree of
disclosure
of information in a public forum on the Net is an exercise in futility.

(Besides, list archival is a good thing - many questions have been answered
for me thanks to google searches of old mailing list archives, or Usenet
posts. I think we'd all like to decrease, rather than increase, the number of
FAQs appearing on lists we frequent. Archives make this possible, even if
people seem averse to reading them.)

> --Joey

--
-= Scott Francis || darkuncle (at) darkuncle (dot) net =-
GPG key CB33CCA7 has been revoked; I am now 5537F527
illum oportet crescere me autem minui