Full Disclosure mailing list archives

Re: Fwd: ipv6 flaw (is bullshit)

From: Andrew Auernheimer <gluttony () gmail com>
Date: Mon, 18 Oct 2010 16:17:25 -0400

FYI---

the prosecution has refused to comply with discovery, effectively quietly
droppin the charges. I walk.

On Mon, Oct 18, 2010 at 3:35 PM, king of pain <n3ptun3 () london com> wrote:

Mr. Auernheimer,

..."Notions of criminal activity"[1]. Interesting. ZDNet is funded by sheep
dumb enough to swallow retweeted blogcruft on shiny magazine stock. Why
don't you represent yourself in a court if it's so libelous? And also if you
do in fact have a brand you should register a trademark or servicemark to
protect your rights.

How's that narcotics case coming along? 4 felonies was it?You claim you
hacking iPads is a free speech case and, after all your bragging of
substance abuse on the iProphet video, you suggest you may not hold
culpability for this possession of this contraband because of your "landmark
free speech case"? [2]

Enjoy Prison.

ZDNet,

  http://seclists.org/fulldisclosure/2010/Mar/84

You people at zdnet are also part of the problem. You are just another hack
clogging the tubes with your spam and cruft. We don't need 50 news sources
with identical content - you just get into blackhat spamwars with
sensational article titles, topics on Google News and Magazine covers to get
people to buy. You're a dying a breed. For christ sakes, instead of being a
bunch of pretentious losers in thick rimmed glasses trying to hit on
attention whores who don't put out. What is the matter with you.


Evidence:

[1] AUERNHEIMER, ANDREW. weev loves you. 2010-10-18. URL:
http://weev.livejournal.com/. Accessed: 2010-10-18. (Archived by WebCite®at 
http://www.webcitation.org/5tZu573jE)<http://www.webcitation.org/5tZu573jE>
[2] AUERNHEIMER, ANDREW. Hypocrites and pharisees. 2010-10-18. URL:
http://security.goatse.fr/hypocrites-and-pharisees. Accessed: 2010-10-18. (Archived
by WebCite® at http://www.webcitation.org/5tZuhmpYn)<http://www.webcitation.org/5tZuhmpYn>
 <http://www.webcitation.org/5tZu573jE>

 -----Original Message-----
From: Andrew Auernheimer <gluttony () gmail com>
To: full-disclosure () lists grok org uk
Sent: Mon, Oct 18, 2010 8:58 am
Subject: [Full-disclosure] Fwd: ipv6 flaw (is bullshit)

 ---------- Forwarded message ----------


From: Andrew Auernheimer <gluttony () gmail com>


Date: Mon, 18 Oct 2010 04:51:59 -0400


Subject: Re: ipv6 flaw


To: edit () zdnet com au


Cc: Eugene Teo <eugene () redhat com>




Dear ZDnet,




This story: http://www.zdnet.com.au/4chan-finds-linux-kernel-flaw-for-attacks-339306657.htm


 is someone talking straight out of their ass. We have no such


exploit, If we did have such an exploit, there is absolutely no way we


would share it with external parties. Not 4chan, not anyone. Due to


the immense success and resiliency of the Linux platform, a 0-day


kernel remote is worth serious money ($100k+ if you know the right


buyers), and we would have given it to the highest bidder or put it on


Bugtraq for maximum industry publicity. We would not have given it


away for free to ineffectual idiots in their moms basements who aren't


accomplishing anything.




Beyond that, many of my closest friends make their living off of


intellectual property. I do not support defacement and DDoS as a


method of protest against anything, especially not a childish protest


against copyright. Authors have a right to charge however much they


please for their creative works. The people involved with these DDoS


attacks and web site defacements need to grow up and do something


useful with their lives.




This article is ridden with a number of verifiably false errors. I'm


sure a quick talk with Eugene from the Red Hat Linux corporation (he


is cc'd to this email) could get you in touch with Linus who could


confirm that no such communication with us ever existed. In addition,


while I am probably one of the most skilled web application and


browser exploit hackers in the world, I do not do kernel bugs. I have


never done kernel work, with the exception of some stuff I did years


ago related to Mac OS X kext. Every single bit of my previous public


research has been related to a web browser bug or a web application


bug. If someone in Goatse Security were to be involved with the


creation of a kernel-related exploit, it would not be me.




Lastly, my contact info is amazingly public. I was awake and checking


my email when your story was posted, and for the 11 or so hours


preceeding it. I have also talked with reporters at ZDnet previously,


including ZDnet Australia. So the next time you have the urge to print


libelous, sensational misinformation defaming both the integrity of my


information security working group and the security of Linux, please


give me an e-mail or phonecall first. The contact info is on the


Goatse Security website. I should be informed of this stuff by your


"journalists" (who are supposed to do things such as contact parties


involved in a suspect claim from a random anonymous idiot on the


Internet) and not someone from a major software vendor.




Thanks,


weev




On Mon, Oct 18, 2010 at 2:35 AM, Eugene Teo <eugene () redhat com> wrote:

Hi Weev,

I read a ZDNet news report that you have discovered a Linux kernel



vulnerability, and I am wondering if you will be willing to share the technical


details of the flaw.

http://www.zdnet.com.au/4chan-finds-linux-kernel-flaw-for-attacks-339306657.htm

Thanks, Eugene

--

Eugene Teo / Red Hat Security Response Team





_______________________________________________



Full-Disclosure - We believe in it.


Charter: http://lists.grok.org.uk/full-disclosure-charter.html


Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Fwd: ipv6 flaw (is bullshit) Andrew Auernheimer (Oct 18)
- Re: Fwd: ipv6 flaw (is bullshit) PsychoBilly (Oct 18)
  - Re: Fwd: ipv6 flaw (is bullshit) Christian Sciberras (Oct 18)
    - Re: Fwd: ipv6 flaw (is bullshit) Andrew Auernheimer (Oct 18)
    - Re: Fwd: ipv6 flaw (is bullshit) Christian Sciberras (Oct 26)
    - Re: Fwd: ipv6 flaw (is bullshit) Cal Leeming [Simplicity Media Ltd] (Oct 26)
    - Re: Fwd: ipv6 flaw (is bullshit) Benji (Oct 26)
- Re: Fwd: ipv6 flaw (is bullshit) Benji (Oct 18)
  - Re: Fwd: ipv6 flaw (is bullshit) Andrew Auernheimer (Oct 18)
- Re: Fwd: ipv6 flaw (is bullshit) king of pain (Oct 18)
  - Re: Fwd: ipv6 flaw (is bullshit) Andrew Auernheimer (Oct 18)
    - Re: Fwd: ipv6 flaw (is bullshit) king of pain (Oct 18)
    - Re: Fwd: ipv6 flaw (is bullshit) coderman (Oct 22)
- Re: Fwd: ipv6 flaw (is bullshit) Ana Kismet (Oct 19)
- <Possible follow-ups>
- Re: Fwd: ipv6 flaw (is bullshit) Michael Krymson (Oct 18)
- Re: Fwd: ipv6 flaw (is bullshit) batch stack (Oct 19)
  - Re: Fwd: ipv6 flaw (is bullshit) Benji (Oct 19)
  - Re: Fwd: ipv6 flaw (is bullshit) king of pain (Oct 19)
- Re: Fwd: ipv6 flaw (is bullshit) p1n00n3 () p1n00n3 com (Oct 27)