Mailing List Archive

On Sep 20, 2004, at 11:35 AM, Fred Newtz wrote:

>>> The penalties have to be such that one is deterred from committing
>>> a crime.
>>> Well...
>
>
> This has never worked before, just look at NYC and the drug laws
> there. Shoot, how come the death penalty does not deter people from
> committing murder?

No system is perfect. But if you're suggesting that no laws have any
effect at all, I think you need much broader anecdotal support.



-==-
Jack Repenning
CollabNet, Inc.
8000 Marina Boulevard, Suite 600
Brisbane, California 94005
o: +1 650.228.2562
c: +1 408.835.8090

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

--On Monday, September 20, 2004 01:35:46 PM -0500 Fred Newtz
<fbnewtz@houston.rr.com> wrote:
>
> This has never worked before, just look at NYC and the drug laws there.
> Shoot, how come the death penalty does not deter people from committing
> murder?
>
If it was a deterrent, it would be called "the death deterrent". It's
called a "penalty" for a reason...

Paul Schmehl (pauls@utdallas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

guess they shouldnt have publicized it. ( who cares )

@stake / Symantec - business is business, Symantec is aquiring not only
tools and expertise,
but possibly more importantly a broader, richer client base. ( again, who
cares )

I do however find this interesting... the below "suggests" that a persons
and or persons affilliated
with a TROJAN coding history ( and a bad one at that ) is now ( or has
been ) working
with / for GFI.

look here:
http://s93625203.onlinehome.us/news.php

"we will see you on sub7.net...
in the not so distant future,
for new tools...
in the mean time visit www.forcedcontrol.com
and www.gfi.com for blades LanGuard"

"fc.com ( trojan ddos kiddie :ed) and its crew have finished to move onto
other
professional projects." bla bla

conclusion:
blade ( a former? virus / trojan coder ) works for and is / was a major
player for GFI.
and now ( blade / GFI ) is possibly now recruting other known viri / trojan
coders?????

research:
http://www.google.com/search?hl=en&ie=UTF-8&newwindow=1&safe=off&q=blade+Languard&spell=1

www.come.to/soul4blade <---- GFI

http://www.google.com/search?q=soul4blade&btnG=Search&hl=en&lr=&ie=UTF-8&newwindow=1&safe=off

http://www3.ca.com/securityadvisor/virusinfo/virus.aspx?ID=3282
"Removal of the file and/or the registry entry will disable Blade Runner.
For further information on Blade Runner please see
http://www.come.to/soul4blade (link valid 29/03/00). "



nuff said,
m.wood

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

i wouldnt exactly call fc a 'coder'
he slaps together delphi code from other sources
and if GFI aquired him it'd create less business
knowing that he also creates backdoors within his
backdoors using masterpasswords i.e. the trojan
'infector' had the masterpass ITS_ME_FC
here's some examples of his sourcecode
http://mitglied.lycos.de/master0305/fag/

proof of ripping
http://spiff.tripnet.se/~iczelion/files/CapScreen.txt
v.s.
http://mitglied.lycos.de/master0305/fag/fc_code_capture.txt








--- morning_wood <se_cur_ity@hotmail.com> wrote:

> guess they shouldnt have publicized it. ( who cares
> )
>
> @stake / Symantec - business is business, Symantec
> is aquiring not only
> tools and expertise,
> but possibly more importantly a broader, richer
> client base. ( again, who
> cares )
>
> I do however find this interesting... the below
> "suggests" that a persons
> and or persons affilliated
> with a TROJAN coding history ( and a bad one at that
> ) is now ( or has
> been ) working
> with / for GFI.
>
> look here:
> http://s93625203.onlinehome.us/news.php
>
> "we will see you on sub7.net...
> in the not so distant future,
> for new tools...
> in the mean time visit www.forcedcontrol.com
> and www.gfi.com for blades LanGuard"
>
> "fc.com ( trojan ddos kiddie :ed) and its crew have
> finished to move onto
> other
> professional projects." bla bla
>
> conclusion:
> blade ( a former? virus / trojan coder ) works for
> and is / was a major
> player for GFI.
> and now ( blade / GFI ) is possibly now recruting
> other known viri / trojan
> coders?????
>
> research:
>
http://www.google.com/search?hl=en&ie=UTF-8&newwindow=1&safe=off&q=blade+Languard&spell=1
>
> www.come.to/soul4blade <---- GFI
>
>
http://www.google.com/search?q=soul4blade&btnG=Search&hl=en&lr=&ie=UTF-8&newwindow=1&safe=off
>
>
http://www3.ca.com/securityadvisor/virusinfo/virus.aspx?ID=3282
> "Removal of the file and/or the registry entry will
> disable Blade Runner.
> For further information on Blade Runner please see
> http://www.come.to/soul4blade (link valid 29/03/00).
> "
>
>
>
> nuff said,
> m.wood
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
> http://lists.netsys.com/full-disclosure-charter.html
>




__________________________________
Do you Yahoo!?
Yahoo! Mail - 50x more storage than other providers!
http://promotions.yahoo.com/new_mail

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

On Mon, 20 Sep 2004, morning_wood wrote:

> I do however find this interesting... the below "suggests" that a persons
> and or persons affilliated
> with a TROJAN coding history ( and a bad one at that ) is now ( or has
> been ) working
> with / for GFI.

Who cares about a mere trojan author? At least that horrible,
anti-Microsoft Dan Geer feller ain't workin for Symantec now.

What's worse, I ask you? A trojan author, skilled in Win32 programming
and pretty much adhering to The Corporate Philosophy (or at least driving
the need for a "signature update"), or some dadgum "free thinker", who
says that the status quo has some flaws?!? Why, if the status quo has
some flaws, the Free Market in desktop operating systems has some flaws,
and if the Free Market has some flaws, aren't you criticizing America
Itself?

I, for one, won't stand for it. Maybe Symantec bought @stake to hack
those flipping pirated-Norton-Works-spammers.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Actually, the idea of hiring people such as author of Sasser worm is to get
their
brilliance minus the negative effects of them being unreliable. How will the
company
which hires such guys ensures that for instance he does not take away
company's
IP secrets, hack into company's network or hack into some other company's
network
using this company's resources?

If these issues can be resolved and the person's brilliiance used, then
certainly
it would be a win-win situation for the company.

The other issue is the PR angle. It would be an interesting question to
answer: by
hiring such a person, does the company increase its PR or diminish it?

regards,
Samir Kelekar
Teknotrends Software
http://www.teknotrends.com

----- Original Message -----
From: "Georgi Guninski" <guninski@guninski.com>
To: "Vincent Archer" <var@deny-all.com>
Cc: <full-disclosure@lists.netsys.com>
Sent: Tuesday, September 21, 2004 1:14 AM
Subject: Re: [Full-Disclosure] Scandal: IT Security firm hires the author of
Sasser worm


> On Mon, Sep 20, 2004 at 05:03:59PM +0200, Vincent Archer wrote:
> > Which of those are more important to you? Trust or technical skills?
>
> speaking of trust, long time ago pink floyd asked in a song
> http://www.pink-floyd-lyrics.com/html/mother-wall-lyrics.html
>
> "Mother should I trust the government?"
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, 20 Sep 2004, bb wrote:

> If he has fulfilled all the obligation of his sentence, whats wrong with him
> being allowed to seek gainful employment that plays to his skills?

He hasn't even been sentenced yet, or in fact tried... However, from the
press release, Securepoint is hiring him BECAUSE he wrote Sasser, so
"innocent until proven guilty" doesn't work either, Securepoint is
assuming he's the guilty party and hiring him before he's even started
paying his Debt to Society.

> Second chance anyone? Being allowed to learn from his mistakes?

When he's actually learnt, no problems. I don't think he's actually
learnt, since he hasn't owned up to it yet, which is a precursor to
learning.

>
> ----- Original Message -----
> From: "Feher Tamas" <etomcat@freemail.hu>
> To: <full-disclosure@lists.netsys.com>
> Sent: Monday, September 20, 2004 10:21 AM
> Subject: [Full-Disclosure] Scandal: IT Security firm hires the author of
> Sasser worm
>
>
>> Hello,
>>
>> The german IT security company "Securepoint" has hired Sven
>> Jaschan, who wrote and spread the Sasser Internet worm,
>> which caused widespread and costly damages to legions of
>> Windows computers.
>>
>> He will work as a developer for security softwares such as
>> firewalls.
>>
>> This is a scandal! Whether or not you like the 250k USD
>> head-hunting bounty which Microsoft Corp. paid to have Mr.
>> Jaschan nailed, he is still a criminal. Hiring him is a
>> taboo. It is totally unacceptable to picture him as a modern
>> age Robin Hood or freedom fighter. He is a criminal, similar
>> to an arsonist, who sets a house alight and the fire spreads
>> to an entire city.
>>
>> I urge all to boycott the Securepoint and I urge those who
>> suffered losses due to the Sasser worm to sue Securepoint
>> and seek damages. VXing must end and we must send a strong
>> message to teenagers that cracking is not hacking and will
>> not be tolerated.
>>
>> Securepoint website:
>> http://www.securepoint.cc/
>>
>> Info about Sven Jaschan's hiring:
>> http://www.f-secure.com/weblog#00000296
>>
>> Sincerely: Tamas Feher from Hungary.
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>

- --
The Internet must be a medium for it is neither Rare nor Well done!
<a href="mailto:galt@locutus.isu.edu">John Galt </a>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Made with pgp4pine 1.76

iD8DBQFBT7J2+TX+nYGFQPsRAlPvAJ9DKL5HEIdRvzI8vvzM3G9vlUWKRQCgmIh3
2QExtsJP31PWL2oRd4rWDm4=
=DelD
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Mr. Thomas,

Oh, do shut up! Three words: Robert Morris Junior!

-- Greg

On or about 2004.09.20 11:21:23 +0000, Feher Tamas (etomcat@freemail.hu) said:

> Hello,
>
> The german IT security company "Securepoint" has hired Sven
> Jaschan, who wrote and spread the Sasser Internet worm,
> which caused widespread and costly damages to legions of
> Windows computers.
>
> He will work as a developer for security softwares such as
> firewalls.
>
> This is a scandal! Whether or not you like the 250k USD
> head-hunting bounty which Microsoft Corp. paid to have Mr.
> Jaschan nailed, he is still a criminal. Hiring him is a
> taboo. It is totally unacceptable to picture him as a modern
> age Robin Hood or freedom fighter. He is a criminal, similar
> to an arsonist, who sets a house alight and the fire spreads
> to an entire city.
>
> I urge all to boycott the Securepoint and I urge those who
> suffered losses due to the Sasser worm to sue Securepoint
> and seek damages. VXing must end and we must send a strong
> message to teenagers that cracking is not hacking and will
> not be tolerated.
>
> Securepoint website:
> http://www.securepoint.cc/
>
> Info about Sven Jaschan's hiring:
> http://www.f-secure.com/weblog#00000296
>
> Sincerely: Tamas Feher from Hungary.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html

--
Gregory A. Gilliss, CISSP E-mail: greg@gilliss.com
Computer Security WWW: http://www.gilliss.com/greg/
PGP Key fingerprint 2F 0B 70 AE 5F 8E 71 7A 2D 86 52 BA B7 83 D9 B4 14 0E 8C A3

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

All the guys from @stake, securityfocus, fatelabs ....
What do you know about their past?

Look at all the famous hacker sites 10 years ago. They are all security
consultants now.

If your 15 year old son steals $50 out of your purse, do you shoot him?
Ok. It's not much. Do you shoot him if it is $5000?

Do you know if the author is a bad person at all?

Maybe you should calm down a little bit.

On Tuesday 21 September 2004 07.17, Gregory A. Gilliss wrote:
> Mr. Thomas,
>
> Oh, do shut up! Three words: Robert Morris Junior!
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

the best legal hackers (not me) came from 'the scene' and are still
active there...
the smartest legal hackers team up with 'crackers' and learn the trics
from them fast
(the shit is that the trics change every day :-)
on the other hand, I would not hire a burglar to put new locks on my
doors; he might just duplicate the keys
so if you hire a hacker/cracker/whatever, trust him (or her) just as far
as you can throw him and (ab)use him to improve your security or product.
it's smart to hire a good hacker, but not smart to trust him
in the end it's so easy... just don't trust anyone
hojje!

Peter Bruderer wrote:

>All the guys from @stake, securityfocus, fatelabs ....
>What do you know about their past?
>
>Look at all the famous hacker sites 10 years ago. They are all security
>consultants now.
>
>If your 15 year old son steals $50 out of your purse, do you shoot him?
>Ok. It's not much. Do you shoot him if it is $5000?
>
>Do you know if the author is a bad person at all?
>
>Maybe you should calm down a little bit.
>
>On Tuesday 21 September 2004 07.17, Gregory A. Gilliss wrote:
>
>
>>Mr. Thomas,
>>
>>Oh, do shut up! Three words: Robert Morris Junior!
>>
>>
>>
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Dear Peter,

You mean all the would-be blackhats-turned-sellouts? Yea, sure,
SecurityFocus spawned such elitists as BlueBoar(you know we love you),
Aleph1(we love you too sweetums), etc, etc. Who can forget our pals
from f8Labs, gotta love that 'Loki' guy! In all seriousness though(I
know it's hard to be serious when talking about Eric Hines), we can't
forget about fatelabs1.tar.gz. That had to be a bit embarrassing, but
as with everything embarrassing, there's always an explanation(Ha).
Too bad you didn't mention anything about our boy KF from the e-hood
known as SNOsoft, we could have had a ballgame talking about that
one(and yes, we do love you also KF).

Love,
#MSNetworks

>All the guys from @stake, securityfocus, fatelabs ....
>What do you know about their past?
>
>Look at all the famous hacker sites 10 years ago. They are all security
>consultants now.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

On Mon, 20 Sep 2004, Vincent Archer wrote:

> He has also demonstrated his absolute lack of ethical restraint, [...]

This makes him a perfect employee for any modern business because he won't
make trouble when his employer lies to its customers and sells crappy
products and services to them. :P

--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

cry cry, moan moan!!
zzzzz

you made me waste about 1 mintue of my life reading this little rant, is the
real problem that your not getting enough attention?? do you need some
loving in your life??

come on guys group hug syke needs some attention!!!

YAY FOR SYKE!!!
YAAAAAY!!!

that enough for you or you gonna have a bitch about some one else now?
----- Original Message -----
From: "Syke" <r00t3d@gmail.com>
To: <brudy@bruderer-research.com>; <full-disclosure@lists.netsys.com>
Sent: Tuesday, September 21, 2004 8:58 PM
Subject: [Full-Disclosure] Re: IT Security firm hires the author of Sasser
worm


> Dear Peter,
>
> You mean all the would-be blackhats-turned-sellouts? Yea, sure,
> SecurityFocus spawned such elitists as BlueBoar(you know we love you),
> Aleph1(we love you too sweetums), etc, etc. Who can forget our pals
> from f8Labs, gotta love that 'Loki' guy! In all seriousness though(I
> know it's hard to be serious when talking about Eric Hines), we can't
> forget about fatelabs1.tar.gz. That had to be a bit embarrassing, but
> as with everything embarrassing, there's always an explanation(Ha).
> Too bad you didn't mention anything about our boy KF from the e-hood
> known as SNOsoft, we could have had a ballgame talking about that
> one(and yes, we do love you also KF).
>
> Love,
> #MSNetworks
>
>>All the guys from @stake, securityfocus, fatelabs ....
>>What do you know about their past?
>>
>>Look at all the famous hacker sites 10 years ago. They are all security
>>consultants now.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Note, this isn't addressed to the admin's or virus
helpdesk folks, but to the whitehats trying to sell
another product or service and try to pretend that
they did it out of the "good of the community".

=======================================================

Did everyone just sober up from defcon already?

Where would the security industry be if it weren't for
criminals?

Who would write the books for you (or the research
they're based on)? Who would make nice pretty power
point slides for the next Blackhat Conference? Where
would ISS be without TESO? Where would iDefense be
without their "anonymous" tip program?

Everything you guys know can be traced to evil
criminals. Your whole industry is based on
perception. They hire a virus writer, because now
they can scare client's with him. Just like how you
guys publish way too much information.... "to help out
the admins".

ha ha ha ha ha ha

The "admins" dont need offsets, and your PoC's don't
protect them. Your "full-disclosure" is
"fear-disclosure". You guys scare the shit out of
everyone in some twisted hope that vendors will make
patches avialible faster, and admins will patch
quicker. Its fear that drives this industry, and fear
which makes your profits.

In the recent Oracle debacle, why did Application
Security Inc release information for 44 Oracle
vulnerabilities. Was it to help with problems that
the patch caused? Nope. It was to once again install
fear. If they make you think there is a clear and
present danger, perhaps you'll buy there products.
And if there wasn't any present danger, they give
other hackers a head start to manufacture the danger.

You whitehats play the game, and you tell me you don't
know the rules? Fear is Money. Thats why Application
Security Inc did it, thats why Securepoint bought Sven
Jaschan, thats why ISS X-Force creates 0day, thats why
iDefense buys "intellegence", and thats why you bought
Kevin Mitnick's latest book.

If you're going to play the game, then learn to play
it well. Who knows, you may put up a challenge. If
you're going to whine that someone else figured out a
better strategy, then you should either copy them or
leave the industry.

Stinny,
Internet Sniper

--- "Gregory A. Gilliss" <ggilliss@netpublishing.com>
wrote:

> Mr. Thomas,
>
> Oh, do shut up! Three words: Robert Morris Junior!
>
> -- Greg
>
> On or about 2004.09.20 11:21:23 +0000, Feher Tamas
> (etomcat@freemail.hu) said:
>
> > Hello,
> >
> > The german IT security company "Securepoint" has
> hired Sven
> > Jaschan, who wrote and spread the Sasser Internet
> worm,
> > which caused widespread and costly damages to
> legions of
> > Windows computers.
> >
> > He will work as a developer for security softwares
> such as
> > firewalls.
> >
> > This is a scandal! Whether or not you like the
> 250k USD
> > head-hunting bounty which Microsoft Corp. paid to
> have Mr.
> > Jaschan nailed, he is still a criminal. Hiring
> him is a
> > taboo. It is totally unacceptable to picture him
> as a modern
> > age Robin Hood or freedom fighter. He is a
> criminal, similar
> > to an arsonist, who sets a house alight and the
> fire spreads
> > to an entire city.
> >
> > I urge all to boycott the Securepoint and I urge
> those who
> > suffered losses due to the Sasser worm to sue
> Securepoint
> > and seek damages. VXing must end and we must send
> a strong
> > message to teenagers that cracking is not hacking
> and will
> > not be tolerated.
> >
> > Securepoint website:
> > http://www.securepoint.cc/
> >
> > Info about Sven Jaschan's hiring:
> > http://www.f-secure.com/weblog#00000296
> >
> > Sincerely: Tamas Feher from Hungary.
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter:
> http://lists.netsys.com/full-disclosure-charter.html
>
> --
> Gregory A. Gilliss, CISSP
> E-mail: greg@gilliss.com
> Computer Security WWW:
> http://www.gilliss.com/greg/
> PGP Key fingerprint 2F 0B 70 AE 5F 8E 71 7A 2D 86 52
> BA B7 83 D9 B4 14 0E 8C A3
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
> http://lists.netsys.com/full-disclosure-charter.html
>


__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

On Mon, 2004-09-20 at 15:43 -0400, Barry Fitzgerald wrote:
> ktabic wrote:
>
> >Well, I vaguely recall laws that state that a convicted criminal isn't
> >allowed to profit from his crime, even after he has served his sentence.
> >This does, however, sound like he is profiting from his crime.
> >Think: would he have been given this job if he hadn't had his named
> >plastered all over the newspapers?

> I don't have an opinion on this particular situation. I really,
> seriously don't.
>
> But, here are some things everyone should think about:
>
> - Have you ever exceeded 20 mph above the speed limit? If so,
> does that make you incapable of driving a big rig truck? If so, I think
> we should probably be very wary of our use of the roads. It's much more
> difficult to get a commercial license if you've been caught speeding,
> but no one ever said it was impossible.

Funnily enough. No. I haven't.
>
> - What about the people who were never caught? How's the
> paranoia setting in now? :) Seriously, though, which is more
> dangerous? A cracker's who's been caught and knows he's being watched,
> or a cracker who has never been caught and knows that he can silently
> observe the inner workings of an organization and, with time on his side,
> exploit it. If you say "the guy who got caught", then you need to rethink
> your stance on reality.

Nope, the paranoia hasn't kicked in. It was already there. Paranoia is a
vital skill for any Sysadmin, imho. And I agree that the unknown ones
are more dangerous. That, however isn't a reason to allow the known ones
of the hook with a: Well, now we know about you.
Popping back to the speeding example above. If you get caught doing 20
mph above the speed limit, you are liable to lose you license (in this
country) unless you can come up with a really good reason. And: my job
depends on being able to drive usually isn't good enough. And even if
you don't lose the license, you gain penalties, which can accumulate
into lost of the privilage to drive.
So there is a difference between being caught for speeding. Get caught
doign the proverbial 20mph above on a computer, you penalty is:
Getting offered a job, and still being allowed to use a computer. To do
what ever you want.
That, at least, is what I see from this, and others like this.
>
> - How do criminals reintegrate into society if they're not
> allowed to be gainfully employed in their specialty? You may scoff at
> this, but it's a very valid question.

Nope, I don't scoff at this.
However, I have yet to see a job advertised: Professinal Virus
Programmer, or with a job description of exploiting flaws in computers
to compromise them againist thier owners will. *
So he has a speciality that isn't really in demand.

* There may, however, be openings in the CIA, NSA, GCHQ, <insert
favoured intelligence gathering agency here>.

> Not allowing a criminal, once released, to be openly and
> gainfully employed only gives them more reason to again turn to crime.
> Would you prefer that he work for the russian mafia writing web exploits?
> If you want to take away his ability to be employed, then you're virtually
> forcing him into a life of crime. How productive is that?

<cynic>Hmm, yes. Thats actually a good idea. Since he is already known
to those whose job it is to investigate and catch criminals, they may
find things eassier</cynic>
Hmm, so the armed robber should be allowed, as part of his
rehabilitation, to become gainfully employed as...? Well, what ever he
could become gainfully employed as, it won't be as an armed robber.
Theres nothing to stop him from becoming gainfully employed as, say, a
builder. Or even a dustman, which is actually quite and important job.
>
> - Employing known crackers is not new. People have been throwing
> around the term "unethical" with regard to his employment, but I fail to
> see how his being employed is unethical. It would be unethical if the company
> were employing him to crack their opponents, but thus far there's no indication
> that that's the case. In fact, it hasn't even been mentioned what he was employed
> to do. How do you know that he's not in a basement somewhere with a 386 and a
> floppy drive dissecting malware that's been handed to him physically? You don't
> know what he's doing, so why start making silly assumptions about the basis for
> his employment? But this practice, of employing known crackers, is not new and
> it's not unethical. The act of simply employing someone to do a legal job can't
> be unethical unless what they're being told to do is unethical.

Ok, he's working as a a trainee software developer working on security
products. Hows that?

> If your perspective is that it's unethical *because* he wrote a worm and should be
> barred from employment for the rest of eternity because of it -- well, you're
> advocating the use of stigma judication, like having a scarlet A for adultery.
> I thought we were beyond that?

Not at all. It's unethical, not because he has that job. It's unethical
because securepoint wrote to him and invited him to apply. Thats the
unethical part. I have no problem with him applying for jobs, as a
programmer, or pentester, whatever.
The unethical part is a firm that specialises in security invites a
known virus writer to write software for them.

> I don't have an opinion on the specific case at hand, but these points
> apply to the issue. This seems to be the hot topic on the list right
> now. Can't we just agree that we simply don't have enough information
> to pass judgement?
>
> And, for the sake of the list, let's get off whether someone should be
> employed or not -- isn't that a better topic for a sociology list than
> this one? I'll tell you one thing, you'll get better formed opinions on
> the sociology list. So far, people seem to be taking emotional sides...
> and that will never lead to a reasoned solution.
>
Unfortunatley, it's likely to become hotter, more deatails are emerging.
You know, I'm sure some of the IT rags subscribe to this list.;)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

On Mon, 2004-09-20 at 09:38 -0400, stilist wrote:
> What you're forgetting is the fact that the kid probably has more
> skills than most of the people in the industry. He may be a criminal,
> but he's a darn good person to have working on your side.
Really?
What about his abilites is so impressive?
Baer in mind that he dind't discover the exploit he used.
So his entire ability comes down to writting a wrapper for the work of
someone else.
It's isn't that I am disagreeing with you. I've met security consultants
that wouldn't know the difference between a DDoS and a password cracker.
I'm just intrested in knowing what makes him so special to most of the
people in the industry.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

On Mon, 2004-09-20 at 11:11 -0700, Harlan Carvey wrote:
> > Todd...what on earth makes you think they did not?
> > This is not new behavior...at all.
>
> Exactly. If you don't really believe that the movie
> "Catch me if you can" was based on a true story, check
> out this site:
> http://www.abagnale.com/index2.asp

>From the bottom of that page:

* Mr. Abagnale is not engaged in the security business, but works only
as a lecturer and consultant in the areas described in this website

So, not only is he not emploted by a company working in that field, he
also does not work in that field.
So kinda makes me wonder about how he compares to Securepoint employing
a known virus writer.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

The myopic and narrow-minded view of respondants in
this forum never ceases to amaze me. More often than
not, it's clear that the person responding is more
interested in disproving statements made by others,
rather than attempting to understand those statements.

So, ktabic, you want to know "how he compares to
Securepoint employing a known virus writer"? Well, if
you had bothered to (a) watch the movie, or (b) read
anything more than simply one small portion of the web
site, you would have seen:

"In the private sector, he has designed the IPS
(Integrated Payment System) Official Check used in
place of cashiers checks. Thousands of financial
institutions issue the IPS Check over 300 million
times each year. Mr. Abagnale also designed and
developed SAFEchecks(TM) and Check Plus(TM) programs
that provide small and medium size businesses with an
inexpensive secure check. His expertise is retained by
Standard Register-USA, Leigh-Mardon-Australia and the
Pacific Rim, PRG-Schultz, Progeny Marketing,
Trilegiant Corp., Discover Financial Services, Inc.,
Audemars Piguet and many others."

It's all there...simply click on "Company" and you'll
see it. Also, further down on the same page, you'll
see that his company's "services include: in-house
consulting, negotiable document reviews, document
design, specialized training and seminars...".

It's pretty clear, then, how this particular example
compares to the issue of a security firm hiring
someone who wrote malware.

If you need it spelled out in any more detail, please
feel free to contact me offline.




> > > Todd...what on earth makes you think they did
> not?
> > > This is not new behavior...at all.
> >
> > Exactly. If you don't really believe that the
> movie
> > "Catch me if you can" was based on a true story,
> check
> > out this site:
> > http://www.abagnale.com/index2.asp
>
> >From the bottom of that page:
>
> * Mr. Abagnale is not engaged in the security
> business, but works only
> as a lecturer and consultant in the areas described
> in this website
>
> So, not only is he not emploted by a company working
> in that field, he
> also does not work in that field.
> So kinda makes me wonder about how he compares to
> Securepoint employing a known virus writer.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Awwwwwww... I love you too Mantis Security!
Can I get a group hug for all the pr0ud supp0rt3rz 0f pr0j3kt m4yh3m!

Remember folks... take your daily dosage of whiteh8 http://msnetworkz.tk/
-KF

Syke wrote:
> Dear Peter,
>
> You mean all the would-be blackhats-turned-sellouts? Yea, sure,
> SecurityFocus spawned such elitists as BlueBoar(you know we love you),
> Aleph1(we love you too sweetums), etc, etc. Who can forget our pals
> from f8Labs, gotta love that 'Loki' guy! In all seriousness though(I
> know it's hard to be serious when talking about Eric Hines), we can't
> forget about fatelabs1.tar.gz. That had to be a bit embarrassing, but
> as with everything embarrassing, there's always an explanation(Ha).
> Too bad you didn't mention anything about our boy KF from the e-hood
> known as SNOsoft, we could have had a ballgame talking about that
> one(and yes, we do love you also KF).
>
> Love,
> #MSNetworks
>
>
>>All the guys from @stake, securityfocus, fatelabs ....
>>What do you know about their past?
>>
>>Look at all the famous hacker sites 10 years ago. They are all security
>>consultants now.
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Dear ktabic,
Piss off and die plz. Tnx!
Bye.
(Hate to spam the rest of the list but just deal with this retards inane comments any longer).

ktabic <lists@ktabic.co.uk> wrote:
On Tue, 2004-09-21 at 05:08 -0700, Harlan Carvey wrote:
> It's pretty clear, then, how this particular example
> compares to the issue of a security firm hiring
> someone who wrote malware.
>
> If you need it spelled out in any more detail, please
> feel free to contact me offline.
>
No, no need to spell it out any clearer. You made my point.
Mr. Abagnale is an expert in and on the finacial institusions and fraud,
who (in return for a reduced sentence) provided that immense knowledge
to the industry and has even worked towards getting the industry to
adopt meathods to reduce fraud by designing systems that (we hope) he
himself cannot beat.

The other is a virus writer who used a flaw developed by someone else,
and propagated by a meathod that has been used countless times before,
and really introduced nothing new.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


---------------------------------
ALL-NEW Yahoo! Messenger - all new features - even more fun!

On Tue, 2004-09-21 at 05:08 -0700, Harlan Carvey wrote:
> It's pretty clear, then, how this particular example
> compares to the issue of a security firm hiring
> someone who wrote malware.
>
> If you need it spelled out in any more detail, please
> feel free to contact me offline.
>
No, no need to spell it out any clearer. You made my point.
Mr. Abagnale is an expert in and on the finacial institusions and fraud,
who (in return for a reduced sentence) provided that immense knowledge
to the industry and has even worked towards getting the industry to
adopt meathods to reduce fraud by designing systems that (we hope) he
himself cannot beat.

The other is a virus writer who used a flaw developed by someone else,
and propagated by a meathod that has been used countless times before,
and really introduced nothing new.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

uhm... are we getting a little bit too excited?

jamie fisher wrote:
> Dear ktabic,
> Piss off and die plz. Tnx!
> Bye.
> (Hate to spam the rest of the list but just deal with this retards inane
> comments any longer).

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

On Tue, 2004-09-21 at 05:08 -0700, Harlan Carvey wrote:

>The other is a virus writer who used a flaw developed by someone else,
>and propagated by a meathod that has been used countless times before,
>and really introduced nothing new.

So lets say someone did not turn him in and he never got busted. What
happens when he goes out and finds a job in the security industry? Does
that mean he will work with malicious intent and make all the back doors in
products that he wants to or would he do his job just like everyone else in
the world? He obviously has skills of some sort that are valuable. Maybe
he is just doing penetration testing on their products, you never know.

All nitty picky things aside, what about all of the other virus writers out
there that never got busted? The hackers and crackers and phreaks and
everyone else that did something wrong or maybe even destroyed some
important data. Does that mean that we already have people like that
working at security companies or not? Does that make the products of
companies who hire virus writers or crackers less secure? Does that mean
that the PHACV people do not take their jobs seriously? Does that mean that
they can do a better or worse job than someone who does not have the desire
to beat the system so to speak? I mean there are tons of people out there
that are into this scene and they obviously will get a job or already have a
job somewhere.

This has been going on for quite some time. Just look at the LOD/h boys and
the security consulting firm they started at least 10 years ago and what
happened to them because people like SWBT totally dogged them and warned
everyone that they could not be legitimate even though they were all
convicted and just needed an honest job to go straight just like everyone
else. I know some of those guys and they were good people. They were some
of the best minds out there and they could have done just as good of a job
as everyone else. They had already conquered the world in their own way,
why not let that knowledge work in a good way for people that needed
protection from other kids trying to do the same thing. Or worse yet, hired
hackers trying to steal secrets.

Saying that no teenager can be reformed is like saying you can't change your
mind about what to eat for dinner. I have over 13 convictions and have been
in prison as well as spent more than my fair share of time in county jails.
However, that has been 10 years now and I am integrated into society making
my way in life. All of this happened before I turned 21 years old.

So if I can change then anyone can change. If you have a 250000 fine or
whatever coming against you wouldn't you want to work it off so that some
day in the future you might be able to own a car, or even a bicycle? What
about a house or to even get married? Who would marry someone with a debt
like he will have very soon?

Good people do bad things sometime, it is a fact of life. Deal with it.

Fred



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Larry Seltzer wrote:

>>>If you don't really believe that the movie "Catch me if you can" was
>>>
>>>
>based on a true story, check out this site:
>http://www.abagnale.com/index2.asp
>
>I don't want to put words in anyone's mouth, but I hope we're not
>comparing a genius like Abagnale to vandal like Jaschan, who only ever
>picked low-hanging fruit. Personally I think hiring a sociopath like
>Jaschan diminishes a company and I wouldn't trust them.
>
>
>
Some would say that the banking system was low hanging fruit.

I'm not assailing Abagnale nor his actions, but let's separate hollywood
from reality a bit. The guy, for all intents and purposes, was a forger
and an identity thief. Though he was very good at it, forging documents
isn't THAT difficult and identity theft can't be considered appropriate
in any sense, no matter how well it's done.

Abagnale was very smart, but Harlan's comparrison stands.

I'm not defending Jaschan either, but last I knew Jaschan wasn't
diagnosed as being a sociopath - so why slander the man (Mr.
"journalist")? He wrote a worm. Big freaking deal. It's not an
endearing quality but it's also not like he's Hitler or something.
Let's put things in perspective here.

-Barry

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

>>He wrote a worm. Big freaking deal.

Yeah, very big freaking deal. He loosed an attack he had good reason to
believe would do damage to innumerable people all over the world. He
belongs in jail and for a long time, if only to send a message that such
behavior is wrong.

And anyone who trusts him with their computers is an idiot.

Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
http://blog.ziffdavis.com/seltzer
larryseltzer@ziffdavis.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html