Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Fwd: ipv6 flaw (is bullshit)
From: king of pain <n3ptun3 () london com>
Date: Mon, 18 Oct 2010 15:35:06 -0400

Mr. Auernheimer,

..."Notions of criminal activity"[1]. Interesting. ZDNet is funded by sheep dumb enough to swallow retweeted blogcruft 
on shiny magazine stock. Why don't you represent yourself in a court if it's so libelous? And also if you do in fact 
have a brand you should register a trademark or servicemark to protect your rights.

How's that narcotics case coming along? 4 felonies was it?You claim you hacking iPads is a free speech case and, after 
all your bragging of substance abuse on the iProphet video, you suggest you may not hold culpability for this 
possession of this contraband because of your "landmark free speech case"? [2]

Enjoy Prison.



You people at zdnet are also part of the problem. You are just another hack clogging the tubes with your spam and 
cruft. We don't need 50 news sources with identical content - you just get into blackhat spamwars with sensational 
article titles, topics on Google News and Magazine covers to get people to buy. You're a dying a breed. For christ 
sakes, instead of being a bunch of pretentious losers in thick rimmed glasses trying to hit on attention whores who 
don't put out. What is the matter with you.



[1] AUERNHEIMER, ANDREW. weev loves you. 2010-10-18. URL:http://weev.livejournal.com/. Accessed: 2010-10-18. (Archived 
by WebCite® at http://www.webcitation.org/5tZu573jE)
[2] AUERNHEIMER, ANDREW. Hypocrites and pharisees. 2010-10-18. URL:http://security.goatse.fr/hypocrites-and-pharisees. 
Accessed: 2010-10-18. (Archived by WebCite® at http://www.webcitation.org/5tZuhmpYn)


-----Original Message-----
From: Andrew Auernheimer <gluttony () gmail com>
To: full-disclosure () lists grok org uk
Sent: Mon, Oct 18, 2010 8:58 am
Subject: [Full-disclosure] Fwd: ipv6 flaw (is bullshit)

---------- Forwarded message ----------

From: Andrew Auernheimer <gluttony () gmail com>

Date: Mon, 18 Oct 2010 04:51:59 -0400

Subject: Re: ipv6 flaw

To: edit () zdnet com au

Cc: Eugene Teo <eugene () redhat com>

Dear ZDnet,

This story: http://www.zdnet.com.au/4chan-finds-linux-kernel-flaw-for-attacks-339306657.htm

 is someone talking straight out of their ass. We have no such

exploit, If we did have such an exploit, there is absolutely no way we

would share it with external parties. Not 4chan, not anyone. Due to

the immense success and resiliency of the Linux platform, a 0-day

kernel remote is worth serious money ($100k+ if you know the right

buyers), and we would have given it to the highest bidder or put it on

Bugtraq for maximum industry publicity. We would not have given it

away for free to ineffectual idiots in their moms basements who aren't

accomplishing anything.

Beyond that, many of my closest friends make their living off of

intellectual property. I do not support defacement and DDoS as a

method of protest against anything, especially not a childish protest

against copyright. Authors have a right to charge however much they

please for their creative works. The people involved with these DDoS

attacks and web site defacements need to grow up and do something

useful with their lives.

This article is ridden with a number of verifiably false errors. I'm

sure a quick talk with Eugene from the Red Hat Linux corporation (he

is cc'd to this email) could get you in touch with Linus who could

confirm that no such communication with us ever existed. In addition,

while I am probably one of the most skilled web application and

browser exploit hackers in the world, I do not do kernel bugs. I have

never done kernel work, with the exception of some stuff I did years

ago related to Mac OS X kext. Every single bit of my previous public

research has been related to a web browser bug or a web application

bug. If someone in Goatse Security were to be involved with the

creation of a kernel-related exploit, it would not be me.

Lastly, my contact info is amazingly public. I was awake and checking

my email when your story was posted, and for the 11 or so hours

preceeding it. I have also talked with reporters at ZDnet previously,

including ZDnet Australia. So the next time you have the urge to print

libelous, sensational misinformation defaming both the integrity of my

information security working group and the security of Linux, please

give me an e-mail or phonecall first. The contact info is on the

Goatse Security website. I should be informed of this stuff by your

"journalists" (who are supposed to do things such as contact parties

involved in a suspect claim from a random anonymous idiot on the

Internet) and not someone from a major software vendor.



On Mon, Oct 18, 2010 at 2:35 AM, Eugene Teo <eugene () redhat com> wrote:

Hi Weev,

I read a ZDNet news report that you have discovered a Linux kernel 

vulnerability, and I am wondering if you will be willing to share the technical 

details of the flaw.


Thanks, Eugene


Eugene Teo / Red Hat Security Response Team


Full-Disclosure - We believe in it.

Charter: http://lists.grok.org.uk/full-disclosure-charter.html

Hosted and sponsored by Secunia - http://secunia.com/

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]