Full Disclosure mailing list archives
Re: Return of the Phrack High Council
From: James Eaton-Lee <james.mailing () gmail com>
Date: Fri, 25 Nov 2005 17:00:49 +0000
On Fri, 2005-11-25 at 16:24 +0000, n3td3v wrote: <snip>
Last first, making threats doesn't help either - again, you say two things in one breath - you proclaim yourself as a fantastic, righteous member of the community and also make veiled threats about other peoples computer systems.There was no threat. I asked if their web site was very secure. No remark on anyone compromising any computer systems related to the person.
I never said that there was a 'threat', I said that it came across as a 'veiled threat'. Making ambiguous remarks about the security of someone's webserver after having what amounts to an argument with them and ending it with an imperative that they ensure it ('Best go check') certainly comes across as a veiled threat to me. The best mental check in situations like this is to ask whether or not if the conversation in question came up in court, a jury would conclude that the remark was indicative of a threat (or motive) or not, and I think here the clear answer is yes. You're free to disagree - as I pointed out, the intention of my message was either to ensure that "the list [would] have some of their concerns allayed" (through the answers to the questions I posed you) or to help you in "[realising] where you're going wrong".
I think the majority of people on this list who have an unfavourable reaction to you have it for the following reasons:I don't care why they unfavour... infact I forget about haters within seconds
The overwhelming impression I get with regard to this (from the number of replies you make to people who are 'haters', and the veracity with which you try to hammer home your point and insult them) is that this is absolutely not the case.
* You've never provided any concrete indication that you have any technical knowhow (I've never read a post of yours on a technical topic)I wasn't aware I had to prove myself
As I'm sure you would have been quick to point out were I to tell you you did, you don't "have" to do "anything". Again, my point in e-mailing you (and the list) was to try to bring some element of resolution to all of this. One recurring theme of virtually every e-mail that's been sent about you on this list is the complete lack of respect that (as far as I can see) everyone who's expressed an opinion has for you - given that I'm sure in some respect you'd rather have respect at least from those you had respect for onlist, I can't see how this is a bad thing for you. I'm sure you can counter with some remark about the respect you have from people who don't post to the list - but such a remark doesn't do anything other than save (well, actually, maintain) face for you, and as the point here is about *ameliorating* the opinion people have of you, maintaining the existing situation isn't much help if it's all you do. For my own selfish aims, I like life much better when everyone gets along (it makes me happy), so I'd rather we were all friends. Or at the least, kept our bitching to ourselves / conducted it in private channels.
* You (unlike most people who work in "corporate" security) are falling for the trao of hiding behind an alias rather than using your real name.Theres common sense reasons for using an alias, it doesnt mean youre malicious.
I never said it did - my basic point was that there tends to be a pattern amongst people who work in Information Security and have more contact with corporations of not hiding about silly aliases, because (in general) the impression that anyone working 'professionally' has is that it's unprofessional. Again, this is all about impression and I'm trying here to help you improve the impression others have of you, and I think this is a key point. Speaking personally, I have an alias (which you appear to have found already - unsurprising since it's in my signature and appears if you google for my name) which I've used for quite some time (and still use, as a nickname), but I make no attempt to hide my real name and haven't for quite some time. One important point about this is that aliases are to some extent disposable, and those who use them don't have a lot to risk in that they can wipe the alias afresh and start anew. Aside from those amongst us who just don't care what others think, a name is permanent, and any remarks you make (and impressions you form) under your real name have a long shelf life, especially on a mailing list like this. I know for a fact that this post (along with every other I've made to this and similar lists) will be kicked up when any employer I go to work for does an obligatory google of my name. This permanence factor (in my opinion) tends to make people listen to you more, since there's an unspoken assumption that anyone posting something under their real name is doing so understanding what I've just explained, rather than knowing that their comments don't really matter, aren't representative of them, etc. There is also the general correlation between idiocy in certain communities and not-real-names. ;) <snip>
Using corporate services allows you to detect bugs when they occur. How else can you detect bugs if you don't regulary use any of a vendor's products?
This would be a good point if we were talking about the diversity of firewalls which you used, or what operating system your computers ran. Using geocities to host your website really doesn't "allow you to detect bugs when they occur", and even if your goal in life is to be the guy who spots errors with geocities massively tested (since they have so many clients) free webhosting accounts, doesn't really help you with anything. Far more usefully, if you wanted to really probe any vendor's webhosting offerings (or anything else, for that matter), you'd be signing up for accounts, prying, seeing how they worked, and learning about the standards those services worked upon by running (breaking/modifying/etc) them yourself, on test systems or in production. Again, this is why I suggested that you demonstrate your technical knowhow, because if you actually had some technical ability which had been demonstrated in public you'd have a far more constructive time talking to a list like this. Running your personal homepage on geocities just doesn't help here, and again, it comes down to that 'impression' thing. How many people do you see on full disclosure who link to a geocities homepage in their signature? <snip>
Chances are that if you are 'just some kid' someday, you may want to work in IT. It'd probably be in your interest in this case to distance yourself from 'n3td3v', find an alias (completely disassociated) to use (or, if you're brave enough, start using your real name), and heed some of the advice you've been (with varying degrees of kindness) given.We're all kids at heart. This alias is only used to post on public sites. I have a multitude of usernames for intelligence building. You'll never see n3td3v anywhere else. I'm actually heavily involved in your BSRF, but you wouldn't know that, since youre too busy making judgements on people you are misinformed about. Go ask some of your IRC channel operators, many of them are great friends of mine. I'm everywhere and you didn't even know it. Youre commenting on someone you're most likely friends with and you might be making yourself look stupid. I could make you look more stupid in public by reveiling my nickname on your IRC channel and your direct involvement with me by yourself and your channel operators and users of BSRF.
If you are an active user of BSRF, and if you are a "great friend" of mine, and you do "reveil [your] nickname on [my] IRC channel", then I'll instantly lose any and all respect I may already have for you in your other guise. I also have to speculate that this just isn't true and you're trying to fabricate points, but since you won't substantiate your claims, this is just idle speculation, really.
Even if you don't have the inclination (or ability) to reply sensible, you might want to at least try and take some of this in! You're welcome to message me offlist if you're so inclined and have questions.An on list comment must be met by an on list reply.
Of course. Again, in the interest of helping you change the impression others have of you, I was offering you the ability to message me in private and save face. My mistake, never mind! I retract the offer. - James.
- James.Youre James, that makes you ammune from being a n3td3v and wipes any criminality from the minds of many, or thats what you real name people wish people to believe. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
-- James (njan) Eaton-Lee | 10807960 Semper Monemus Sed Non Audiunt, Ergo Lartus - (Jean-Croix) sites: http://www.bsrf.org.uk - http://www.security-forums.com ca: https://www.cacert.org/index.php?id=3
Attachment:
smime.p7s
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Return of the Phrack High Council, (continued)
- Re: Return of the Phrack High Council poo (Nov 25)
- Re: Return of the Phrack High Council Valdis . Kletnieks (Nov 25)
- RE: Return of the Phrack High Council Cassidy Macfarlane (Nov 25)
- Re: Return of the Phrack High Council n3td3v (Nov 25)
- RE: Return of the Phrack High Council ad (Nov 25)
- Re: Return of the Phrack High Council sk / GroundZero (Nov 25)
- Re: Return of the Phrack High Council poo (Nov 25)
- Re: Return of the Phrack High Council James Eaton-Lee (Nov 25)
- Re: Return of the Phrack High Council n3td3v (Nov 25)
- Re: Return of the Phrack High Council Disco Jonny (Nov 25)
- Re: Return of the Phrack High Council James Eaton-Lee (Nov 25)
- Re: Return of the Phrack High Council n3td3v (Nov 25)
- Re: Return of the Phrack High Council n3td3v (Nov 25)
- Re: Return of the Phrack High Council xyberpix (Nov 29)
- Re: Return of the Phrack High Council Rodrigo Barbosa (Nov 25)
- Re: Return of the Phrack High Council n3td3v (Nov 25)
- Re: Return of the Phrack High Council Simon Biles (Nov 25)
- Re: Re: Return of the Phrack High Council Disco Jonny (Nov 25)
- Re: Re: Return of the Phrack High Council Jason (Nov 25)
- Re: Re: Return of the Phrack High Council php0t (Nov 25)
- RE: Re: Return of the Phrack High Council-We haved learned jason! Randall M (Nov 25)
- Re: Return of the Phrack High Council Michael Simpson (Nov 29)