ASLR, Mail Spools, and Ego

[<compsecsux () hushmail com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hey dave, sinan

On the topic of greg's mail spools:

I don't really think it was fair to mention the incident for a lot
of reason.  First of all, "everyone" didn't get a copy, infact it
seems like way more people haven't seen the spools than people who
have.  All you did was bring to light something that makes a (
somewhat) competitor look bad.  Congrats.

Also, you are publically admitting to not only receiving the spools
(meaning you probably have some sort of remote attachment with some
people involved in the incident), and you admit to reading them.
Even if someone did offer you the achives, it seems to be bad
etiquette to not only read their private mails, but then to discuss
about how you read them, and even the contents of the email in a
public forum.

I guess you pretty much set up a standard for yourself.  If your
email spools ever got leaked, you've spoke with your actions that
distributing/reading/talking about/mocking the situation is fair
game.  This would probably (and hopefully) never happen, but still,
what if it were you?  Imagine how much everyone in this business
has on the line when things like that happen.  Some people choose
to act ethically.

This is something that I'm sure is really hard on Greg, and all you
do is stand up in a public forum and quietly rub it in?  Fuck you.
What did he ever do to deserve it?


On the topic of ASLR and Sinan the Supreme Being:

I'm sure Immunity's Windows HIPS is much better than that crap
everyone else is busting their asses on.  Everything has it's
weakness, we all know this.  And 3rd party vendors working on
microsoft products can only do so much, it's a limitation that
makes the stuff they are doing even cooler.

Yes, you can possibly off-by-one a return address.  If you are
dealing with string functions, you are mostly likely also going to
have to have a null byte somewhere, whether it's the LSB, or not.
That limits you a lot, and sometimes you can find some code that
works.  That's great.  But, as I'm sure these "retards" writing
HIPS products know, you can also do randomization up to cache
alignment, and then, say your alignment is 64 bytes, you waste as
most a single page of memory, and then you are going to have a
really really tough time making your off-by-one work.  Feel free to
send your uber-leet-VSC exploits on over, and I'll give you an
assesment of how well they actually stand up to current defensive
technologies.

I think these "proud" vendors are probably proud for a reason.
Doing a solid HIPS implemtation in windows is probably a decent
amount harder than say, slapping a python gui on 3rd-world-labor-
exploits.  I think if anything, they've come a long way, and are
continuing to get better.  I'm sure the authors understand their
limitations, but just because it isn't 100% (which would be very
hard, specially 3rd party), doesn't mean they deserve to get torn
at by some arrogant dick.  I don't know when you got so high headed,
 maybe dave is wearing off on you.

I know it's current Immunity police to talk leeter than you are,
but the people you mock are you doing way more for the security
industry than you guys are.  Atleast they show up at blackhat and
share technical information, instead of just trying to show off
their complete superiority.

You guys are all really smart, but seriously, fuck you.  A lot of
the people working on this stuff you bash are spending a lot of
hard time and energy, and they are making progress, even if it isn'
t up to the Immunity calibre.  The offense is always much easier,
so don't think you're that fucking awesome.

I hope this stupid text could provide you guys enough entropy to
take your head's out of your asses and show some respect to the
people working in the field around you.  This isn't a pissing
contest.

I know you're much smarter than anyone at Stanford could ever be,
but I'm sure I could point out some people that have given some
worthwhile contributions.  You guys contribute shitty ports of perl
disassemblers.  Woo hoo, go team.

- -css
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.4

wkYEARECAAYFAkGG55UACgkQXwOxb3n1RzH9CACfTnxG7Q5GpF0a2P5EzX2sEJnuYEUA
oKp9mnNZFZbGlRRV6dC3EB2xjf5I
=SG17
-----END PGP SIGNATURE-----




Concerned about your privacy? Follow this link to get
secure FREE email: http://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
http://www.hushmail.com/services-messenger?l=434

Promote security and make money with the Hushmail Affiliate Program: 
http://www.hushmail.com/about-affiliate?l=427
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave