Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Matthew Murphy (mattmurphy_at_kc.rr.com)
Date: Sun Aug 18 2002 - 09:51:02 CDT
[blah snip blah]
>> No, I mean the "discussion" over the values of our attackers, such as has
>> ensued from my initial post. Generally to me, discussion = has some
>> Some of the "discussion" here does not fit that criterion. Just take a
>> through the archives to discover this for yourself.
>your idea of discussion seems rather insular. i suggest broadening your
Broadening my horizons to pointless, stupid "discussion" (more like childish
name calling most of the time) serves no purpose for me or anybody else
>> I frankly am not interested in learning about the values of our phrack
>> and I could care less. I get more useless junk from the e-mails about
>> junk mail than the junk mail itself (which Outlook Express so nicely
>> for me now). The only thing it has to do with security is the target of
>> junk mail.
>whitehat using outlook express. hehe, gotta love the irony in life.
Your point? OE was free, and came installed on my machine (which was
important on my 28.8 kbps connection, which I have happily ditched now),
it's fast, and actually, OE 6 makes some nice security/privacy improvements
over previous versions, and I can access Hotmail from it, which is a plus.
Actually, if you keep your client patched (which us pretty easy with a
couple of apps named "wuauboot.exe" and "wuauclt.exe" from Microsoft that
*also* came conveniently installed as "Windows Update Automatic Update"),
and you have enough common sense not to go double clicking on every other
attachment you receive, OE is just as good as (and usually better than) many
>> >of course. moderating the list would also mean that we couldn't have
>> >discussion, which i feel is important, not for me though, Matthew, but
>> I think the discussion is equally important for everyone here, if nothing
>> else but
>> for clarity, in my case (which I will try to improve in the future)
you're right, you know. its not just about you. its about the other people
here too. you're absolutely right.
>> >you need to let go of all these fears that `hackers are trying to get
>> >into your system 24/7' and start to embrace concepts like "free
>> >"rationality", and "understanding".
>> Just FYI, the "fears" are the tools of a certain software company in
>> (cough Microsoft cough). I don't have such a fear that *everybody* is
>> always after me, but I need to be ready for the one who gets in.
>and do you really think that day is going to come? cuz i dont. though if
>*they* do, i doubt they'd be using something you're already protected
>catch my drift? you're screwed either way. this whole security business
>just a waste of time. all you're doing is protecting yourself against
>kiddies, who without whitehats, wouldn't know how to exploit
>in the first place. IF YOU STOP TELLING PEOPLE WHERE YOUR SYSTEM IS WEAK
>THEY WILL STOP TRYING TO ATTACK YOU WHERE YOU ARE MOST WEAK. its quite
I wouldn't be protected against it if the details weren't made public and
available to me. Just FYI blaming the industry for the proliferation of
is not a very good way to look at this. Vendors should have written secure
in the first place, so such vulnerability information would never have to be
>> >yeah no i disagree. i think over the past few days, if anything, real
>> >intelligence has hit the list and you're not entirely sure as to how you
>> >want to deal with it.
>> So, the "real intelligence" is from those advocating moderation? If I'm
>> what you're
>short answer: yes.
>long answer: hell yes.
Let me provide you with a rather incredible piece of information on this
the list will *never* be moderated. Plain and simple.
>> >that's natural, Matthew, you're being intimidated,
>> >your standing in the whitehat community seems to you as though it is
>> >threatened. thats OKAY. you just have to get past all that fear and
>> >to loosen up a bit.
>> You're wrong there. Frankly, I will not leave the list no matter what
>> to me. Nothing of mine is threatened, but the progress of the list *is*
>> if we give in to such pitiful and weak tactics as junk e-mail.
>glad to see we have another supporter then.
I'm not planning on leaving any time soon...
>> >> We must direct our anger towards these losers at these losers.
>> >this sentence didn't make sense to me. could you please clarify?
>> Ah, the principle of focus. Incredible, isn't it?
>after reading this sentence four times over i see where you goofed up.
>the sentence should read: "we must direct our anger towards these
>losers,... at these loosers..."
>amazing what a little punctuation can do isn't it :)
>>>could you please give an example to back up your views? because you must
>>>realise, Matthew, that we all come from different cultures. what is a
>>>spoiled child to you may be something completely different to the next
>>>person. also, by giving an example, and making your argument clearer, i
>>>think you'll find that people will not only understand you more, but also
>>>understand you enough that they can retort in a much more informed
>>>which helps the discussion overall.
>> Okay, I guess I should have put "spoiled children according to my
>no, i understand that you and i are from different subcultures. that was
>i asked for an example. so that i can better understand this difference,
>that it simply existed.
These "phrack" idiots are spoiled children -- whine about everything, and
they have some level of importance in the world by way of a pitiful attempt
destroy another sign of progress in information security.
>> was implying several specific characteristics, but my main argument was
>> one who calls themself a hacker and then resorts to (trivially blocked)
>> e-mail is both of low maturity and ability as well as simply wanting to
>> they have done something.
>this is much clearer thankyou. but are you sure it was a spoiled child who
>sent you spam, and not just normal advertising? i mean, there must be
>of spam bots trolling through this list for email addresses. unless you
>automated scripts "spoiled children" too. see what i mean? paranoia.
It wasn't *normal* advertising. It was/is a deliberate attempt to bring
list (I thought we had agreed on this, yes?). And, no, I don't call the
children. I call the spammers controlling them spoiled children.
>> The concept of full-disclosure *is* having a medium for discussion for
>> are affected, and in a timely manner, correct?
>yes i do agree. i have found Full Disclosure to be more than adequate for
>communicating my part of the discussions so far. i stated this before.
>where am i losing you?
You referred to the list (the list *named* "Full-Disclosure", btw) as a
ground between those in support of Full-Disclosure and those who aren't. I
don't think we would have named such at it is if it were a "middle ground",
>> >> Are you up for it?
>> >up for what exactly?
>> I suppose this links with your statement on the battlefield analogy.
>> am drawing at is a simple, but incredible thing known as *determination*.
>ah but discussion isn't war. i alluded to this in my previous email. even
>still, i cant help but be provoked by curiosity... why am i up for
You don't have to be fighting a war to be determined, as is true in this
I am (don't know about you) determined not to let a bunch of bored, anti-
social losers force this list into moderation.
>> To those who suggest the answer is moderation of the list -- get a life.
>oh i agree. i'm much prefer to see this list turned into an anti-whitehat
>discussion list. seems like much more of an appropriate place than a newer
>list for sure. i mean, this list is much more known than a list that
>even been created yet. and its audience is probably more likely to be less
>fearful of involving itself, than say, if this list were renamed to
>HOLOCAUST". dont you agree?
You won't have a whole ton of support on that one, I'm afraid... (definitely
not any from me) :-)
Full-Disclosure - We believe in it.