Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Setting the record straight on "The Return of Koobface"
From: J Roger <securityhocus () gmail com>
Date: Sat, 20 Mar 2010 12:28:33 -0700

This reads as "waaa i noticed this first and didn't think much of it but now
that someone else is making a big deal, i want my credit". Maybe you
reported on it first on your blog, with a single sentence that wasn't even
the primary focus of the post. Regardless if an up rise in koobface is
significantly news worthy or not, you apparently failed to draw enough
attention (or the right attention) to it at the time.

In other words, maybe you did it first, but someone else did it better.

What's more valuable to an enterprise, someone that quickly writes a risk
assessment that's so sloppy the management with authority to act on the
findings don't even bother to read it, or someone that takes the time to
write a report on the same findings that actually speaks to the business and
be able to make positive changes happen.

You talk about being bitter towards the security industry (which IS
understandable) but maybe it's time to reflect back a little on yourself.
Maybe it's not ALL the industries fault. Maybe the sources of your
bitterness have a little something to do with your inability to make enough
of the right things happen. Sure you're a "Big Time Security Professional",
but maybe your blog wasn't enough to get the word out. Maybe you felt it
wasn't even worth getting the word out or sounding any alarms. If that's the
case though, don't go back now and try to take credit.

On Sat, Mar 20, 2010 at 10:15 AM, Mr. Hinky Dink <dink () mrhinkydink com>wrote:

Today I ran across this article...


... in which it is noted that Kaspersky Labs "recently discovered the
resurgence of the malicious programme (Koobface) and sounded the alarm."

Gentlemen, I beg to differ.

I first mentioned the resurgence of Koobface on February 23rd, 2010 here...


I admit I did not "sound the alarm".  I simply lol'd because Koobface is
sign of the EPIC FAIL of the security industry.

Just ask Dancho Danchev.  He's made quite a name for himself by doing
absolutely nothing worthwhile about Koobface except raising his won blood
pressure spewing vitriol about "The Koobface Gang" (sorry, Danny, but I'm
not part of "the gang".  I'm just another BlogSpot loser).

For those wondering, I am not a hacker.  I am a Big Time Security
Professional (you may remember me if you Google "Websense Policy Bypass" -
unfortuantely those bastards at Warner Brothers killed the soundtrack to my
YouTube video).  But I am at heart a skeptic, disappointed at what the
security industry has become.  I created my Proxy List
(http://www.mrhinkydink.com/proxies.htm) two years ago as a tool for an as
yet unpublished paper on open SOCKS proxies in the wild.  It has had the
unintended side effect of tracking the spread of Koobface, since Kooberz
proxies exclusively (until this month) appear on TCP port 8085.  And it has
tracked it quite well.

I'd like to take this opportunity to say "Hello" (no, not "GREETZ") to all
the Cameroonian Puppy Scammers (papa Dollars, STARVO, Dabbleed, et. al.)
abuse my proxy list.  Enough is enough.  Get a real job, fellas.

http://twitter.com/mrhinkydink  : (Follow me! I have no friends!) :

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]