Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Security Researcher Not Particularly Humiliated

From: "George Ou" <george_ou () lanarchitect net>
Date: Sun, 8 Apr 2007 16:31:44 -0700
Neal, go find yourself a dog for a date.  Wait, I feel sorry for the dog, never mind.

Where do we find these retards like Neal on this board.

-----Original Message-----
From: neal.krawetz () mac hush com [mailto:neal.krawetz () mac hush com] 
Sent: Sunday, April 08, 2007 4:27 PM
To: raven () oneeyedcrow net; full-disclosure () lists grok org uk; george_ou () lanarchitect net
Subject: Re: [Full-disclosure] Security Researcher Not Particularly Humiliated

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Aren't you the guy that is dating Kevin Mitnick?

- - neal

On Sun, 08 Apr 2007 11:07:14 -0500 George Ou
<george_ou () lanarchitect net> wrote:

Yeah that's a stupid accusation against you Raven.  He was
suggesting
somehow that if you get your machine owned then you can't be
protecting
other people's computers or something and that was really
retarded.  Yes he
WAS a troll.

As for Apple going to the press to humiliate you, that's very
typical of
their PR operation.  After the SecureWorks incident and after I
spoke with
their PR, I know them all too well.  But even I'm shocked that
they would
bring your boyfriend in to this.

Thanks for taking the tough questions from the audience.  Don't
mind this
jerk and don't mind Apple.  You have nothing to be ashamed of.
Keep up the
good work.


George Ou

-----Original Message-----
From: full-disclosure-bounces () lists grok org uk
[mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of
Raven Alder
Sent: Sunday, April 08, 2007 2:00 AM
To: full-disclosure () lists grok org uk
Subject: [Full-disclosure] Security Researcher Not Particularly
Humiliated

Hiya --


Security conference staff needs to do a better job of screening
their audiences to prevent this sort of harassment during
presentations. I must admit that I am afraid to present at

future

conferences if there is the possibility of being humiliated like
this during my talks.


      As the researcher in question, I didn't feel particularly
humiliated.  Sure, I thought the guy was a troll, but I figured
that he
was just being a jerk to me because he had some chip on his
shoulder and
couldn't find anything to complain about in my talk.  But really,
his
big tac-nuke against me was that there was some undisclosed bug in
Apple's code?  That's hardly my fault.  I don't write their OS,
and the
thing was fully patched, firewalled, hardened, and still got
popped.
Shit happens.

      I didn't go public with it because I wanted a smoking gun first.
Security is very much a "show me" industry, and I didn't want to
make
claims that I couldn't substantiate.  I did approach Apple, and
they
pretty much blew me off.  I sent them a detailed event report,
offered
up my system for forensic analysis, and offered to help in any way
I
could.  They went to the press, gave a reporter my name (I had not
gone
to the press), and dished some crap about how I let my boyfriend
use my
computer and he probably did something to disable my firewall and
cause
it to auto-own itself or something.  Dude.  My boyfriend does not
have
admin permissions on my machine, for starters.  Way to help,
Apple.

      After realizing that Apple were not my friends and were more
interested in their PR spin than they were in finding and fixing
the
problem, I stopped talking to them.  I had several OS X geeks have
a
look at the system, and none of them were able to find anything
more
conclusive than I did.  Forensics geeks, same thing.  So, I dumped
the
filesystem for posterity, vowed that no OS X box was going on a
hostile
network again, and reformatted the thing.

      Sorry, folks, but I'm not going to share my filesystem dump with
people that I do not already know and trust.  Don't even ask.

      Not even if you're Apple.  You leak my name to the press when
I'm trying to help you find your flaw, you get no more help from
me.

      All of this is pretty irrelevant to the talk I gave.  Still, I
don't feel that audience screening is the way to solve the problem
-- I
don't want to quash honest questions and interest in the projects
I'm
working on, and I think any screening that wouldn't be trivially
defeated by lying-fu would be draconian enough to be detrimental
to free
and open discourse.  There are always going to be trolls.  I think
the
audience and convention response was about as good as it could
have been
-- the troll got told off by several people, two of them with the
mike,
but it was pretty clear that most people were more interested in
the
technical content of the talk than they were in his effort to get
my
goat.  The conference organizers offered sympathy, and that was
kind of
them; I believe the guy got pitched out of the con for going on to
harass a few other folks too.  Charming gent.

      So, really, I don't think I have anything to be ashamed of, and
I certainly don't feel humiliated.  I can see why getting ad
hominem
questions might make getting up on stage more intimidating for
future
speakers, but I don't intend to let that shut me up.  [grin]

Cheers,
Raven

--
@

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.5

wpwEAQECAAYFAkYZegEACgkQDpFP8dW5K4Y54QP+J0hS8Cfp+doUz2tZ6kzOtQl3KXE4
dUm+CRPAXimtXS8v6qcXbeQWoHDh/yk6XKbIiiRCQ2ECd40n+59yIRZuA1IjSOluNcBS
Zicq/9Ea9Yo0nO4Ujn3RqniSz9aOgNoXeWSXjfIkRQQ/pSvTDPOoZomIscBVg9WBb0al
Y6ee0oA=
=/QfY
-----END PGP SIGNATURE-----

--
Click for home mortgage, fast & free, no lender fee, approval today
http://tagline.hushmail.com/fc/CAaCXv1QbtbEtbvrbbAMfC9ZTw5neO18/



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: