Full Disclosure mailing list archives
Re: Steam defaced
From: Sam Johnston <samj () samj net>
Date: Fri, 11 Nov 2011 12:32:51 +0100
On Fri, Nov 11, 2011 at 12:54 AM, xD 0x41 <secn3t () gmail com> wrote:
about the clouds, dude, i found the whole attacking of amazon as rude,
So did I, which is why I came to Amazon's defense in pointing out that those in glass houses shouldn't be throwing stones. The company (Enomaly) abusing Amazon over a complex SAML XML digsig vulnerability[1] was/is still using a trivial vulnerable signature mechanism in their own products that Amazon had fixed years ago[2], among other issues which I had reported 6+ months earlier (not validating requests, passing prices to clients in hidden form fields, etc). Their security response is also appalling[3].
and shit, so, as i said before, your a lamer. and, just stfu and wear it, thats MY opinion i did not say the whole list has to follow shithead. stfu and ride your magical carpet thru the clouds... :P~ to the others who find cloud bs amusing, or ripping or fucking with amazon as amusing, go read what your kids are buying shit from.. then maybe you would see, some places, you do not fuck with, you ttreat with respect, because they sometimes wont affect you directly, but oneday, it wmay well do this, thanks to your silly exploits on things that should not be used like this, features manipulated into exploits...shit, you should not be disclosing shit with amazon, on Fd, fullstop. If you cannot see my view then, your just as stupid as i have thought. now go play with your cloud formations, and upload some f1les to s0m3 l33t 4p4ch3 s3rv3r kid. eh sorry henri and others, but i had to just get that out to, about cloud/sploitcloud... it is fkn ridicuoud...asking for trouble, people like that should get knocks on the door, simply to be put into a mnental home for theyre own good.
Sorry for the confusion but that's not at all what I said[4]. No harm done — others replied off list to say they found it amusing. Anyway I have a credit card to go cancel (per the subject of this thread). Sam 1. http://www.theregister.co.uk/2011/11/01/amazon_downplays_cloud_crypto_flaw/ 2. http://www.daemonology.net/blog/2008-12-18-AWS-signature-version-1-is-insecure.html 3. http://samj.net/2011/11/how-not-to-respond-to-vulnerability.html 4. http://samj.net/2011/10/sploitcloud.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Steam defaced Henri Salo (Nov 10)
- Re: Steam defaced xD 0x41 (Nov 10)
- Re: Steam defaced Sam Johnston (Nov 11)
- Re: Steam defaced xD 0x41 (Nov 11)
- Re: Steam defaced Sam Johnston (Nov 11)
- Re: Steam defaced Jacqui Caren (Nov 11)
- Re: Steam defaced xD 0x41 (Nov 11)
- Re: Steam defaced xD 0x41 (Nov 10)