Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: talk.google.com

From: "Andre Protas" <aprotas () eeye com>
Date: Thu, 25 Aug 2005 10:08:10 -0700
One interesting point is how beta this software really is.  Load it up
into ida and you can see references to their .cpp src as well as their
'cricket' directories.  Looks like there's quite a bit more
functionality built in that is just disabled right now, would be kind of
a fun little chore to patch it up and make it more functional (if the
google jabber server is even configured to forward those different types
of traffic).

Also, they are doing some client-side bounds checking on their message
sizes.  But, if you connect to talk.google.com from a different client
(gaim for instance), you can send quite a bit larger of a buffer.  Hehe,
but then gaim was also cutting me off too the larger I went (more of a
gtk issue than anything).  I loaded up a python jabber client but got
blocked by the new google token everyone was talking about.

Only worth so much time to play around with now that it's just in
beta...but nonetheless, this thread should be about technical
'disclosures', and the political and conspiracy theories abound.

 
Signed,

Andre Derek Protas
Security Researcher
eEye Digital Security
aprotas eeye com


-----Original Message-----
From: full-disclosure-bounces () lists grok org uk
[mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of My Name
Sent: Thursday, August 25, 2005 6:29 AM
To: Paul Melson
Cc: adityad2005 () users sourceforge net; Full Disclosure
Subject: Re: [Full-disclosure] talk.google.com

Someone kill this thread!  I haven't seen anything disclosed in even
~1~ of these emails.

On 8/25/05, Paul Melson <pmelson () gmail com> wrote:

-----Original Message-----
Subject: RE: [Full-disclosure] talk.google.com


Why do you have to use gmail when it is very easy to setup a mail

server

On your own

personal computer and also setup a jabber server if required

Its your choice what you want to use....



Well, I have a lot of old server hardware in my basement, but it's

still

nowhere close to the thousands of servers Google has in various data

centers

all over the US.  They've also got more bandwidth than I do.  And -

nothing

personal - I'd rather use the bandwidth I actually pay for for

important

things like college radio (http://www.impact89fm.org/) or Headkicker

II

(http://www.adultswim.com/games/brak_headkicker/index.html) instead of
distractions like full-disclosure mailing list traffic.

PaulM


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: