Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Not even the NSA can get it right
From: James Tucker <jftucker () gmail com>
Date: Fri, 27 May 2005 17:50:41 +0100

Actually if one wanted to perform covert inter-government attacks, to
do so from any government infrastructure would be stupid as under many
modern laws this constitutes a state of war. To perform these attacks
as a portion of a script kiddie attack would make far more sense, and
would no implicate the government.

Futhermore, communications to and form such authorities may span many
mediums an operate in many directions. Real authentication in this
world occurs through KNOWLEDGE and knowledge alone, as no keys or
other authentication methods are viably secure. I say again, no-one
here really knows anything that they are talking about when it comes
to agencies who specialise in deception, as even your inference may
have been corrupted by previous operations.

This thread is entirely pointless.

On 5/27/05, Barrie Dempster <barrie () reboot-robot net> wrote:
Absolutely spot-on Dan,

My original posting was merely a link to an area of a page where someone
made a mistake, it's not a threat to US National Security in any big
way, the NSA don't give a damn about it. It's just a mistake made by a
developer on their public website, there are worse mistakes on that site
too, for anyone bored enough to go look.

The only people that care enough are defacers looking for a bit of fame.
No one with a life spends time trawling the NSA's website for trivial
errors, if you want to hack the NSA and you think their webserver is a
good place to start, you just might be out of your depth a little.

It wasn't supposed to spark a debate about what the NSA know, don't
know, would like to know, invented, stole or dreamed about. Although
that was probably my error, bringing it up in the first place, I should
have known there would be a tinfoil responses

I was in Nelson from the Simpsons mode and felt like I had to say
"HA-HA!" in public.

Anyone that thinks it's a honeypot is a nutter, if it was a honeypot as
Dan says its a very badly thought out one.

Just relax and feel safe in the knowledge that governments employ people
that make mistakes (there's a startling revelation!! :-P), point it out
to your next client so that it helps you get a contract or something.
Just don't come on FD and scream conspiracy though, because I've heard
them all and I'm the ringleader of most of them :-P.

BTW, I sell enhanced tinfoil very cheap, we all know that with simple
XSS regular tin foil is rendered useless!

Buy your enhanced tin foil now, it has built-in XSS protection!

On Thu, 2005-05-26 at 16:31 -0400, Dan Margolis wrote:
{Lot's of snipped out but extremely well said and utterly correct opinion}

With Regards..
Barrie Dempster (zeedo) - Fortiter et Strenue

blog: http://zeedo.blogspot.com
site: http://www.bsrf.org.uk

[ gpg --recv-keys --keyserver www.keyserver.net 0x96025FD0 ]

"He who hingeth aboot, geteth hee-haw" Victor - Still Game

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]