Re: Full-Disclosure Digest, Vol 34, Issue 31

["Andrew A" <gluttony () gmail com>]

On Dec 13, 2007 12:10 AM, Kristian Erik Hermansen <
kristian.hermansen () gmail com> wrote:

> Andrew, you certainly are misinformed.  I did not claim authorship for
> anything, as you say.

You have no credibility. You've been spewing lies and claims of shellcode
authorship in a bunch of interviews in San Francisco. I have heard from
multiple people about your claims in interviews. These people I have known
for years as solid reverse engineers and exploit developers. They have
worked for years in pentesting, vuln assessment and auditing, and -never
plagiarized the work of others-. You work as desktop support and insult your
employer in your shitty blog. The entire SF based infosec scene is fucking
laughing at your antics. Personally, I stopped laughing and can feel only
disgust at your very presence.


> This whole discussion started with presenting the fact that the
> favicon issue could be a useful attack vector that people may not have
> thought of before.  I can't change the fact that people in the
> security community will always be hostile.

No, this discussion started when you claimed that there was a "gmail/google
bug, all accounts vulnerable". Lets run through the definition of web app
vulnerability for your "vuln". Can you:
* Steal a cookie or otherwise execute privileged javascript on the target
while the user is logged in? -no-
* Perform priviledged actions upon a user's account while they are logged
in? -no-
* Access private data, such as email content? -no-

You are a worthless fraud, a hype machine. This would be hilarious if you
were intelligent and trying to infuriate people, but instead you're hoping
someone reading this list will be dumb enough to hire you. Sorry, try again
Kristen. You're just setting yourself up to be the next n3td3v.



>  Ask anyone who has
> had a drink with me, or even too many drinks!

Passionately bi-curious queer date rapist?


> Even if I poke fun at people, it is usually in a fair way, showing
> reason to feel that way.  Your attitude is based on things which are
> made up, false, and you have no base to stand on with such hostility.

I have every base to stand on when calling out a lying, plagiarizing fraud.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/