Full Disclosure

Re: How to receive SPAM mail

Sat, 07 Nov 2009 23:18:57 GMT

Posted by dramacrat on Nov 07

If you want to be spammed, join full-disclosure.

2009/11/7 Michael Holstein <michael.holstein () csuohio edu>

Re: How Prosecutors Wiretap Wall Street

Sat, 07 Nov 2009 23:09:24 GMT

Posted by mikelitoris on Nov 07

if a US citizen is involved, should not require a warrant.

This is all well and good, until the definition of terrorist is
changed and you become labeled a "terrorist" because your "reason"
is suddenly counterproductive to someone else's "opinion". You
must apply the warrant requirement consistently. Otherwise, when
interpretation of the word "terrorist" changes, it affects the
meaning of the law....

[SECURITY] [DSA 1930-1] New drupal6 packages fix several vulnerabilities

Sat, 07 Nov 2009 23:06:57 GMT

Posted by Steffen Joeris on Nov 07

------------------------------------------------------------------------
Debian Security Advisory DSA-1930-1 security () debian org
http://www.debian.org/security/ Steffen Joeris
November 07, 2009 http://www.debian.org/security/faq
------------------------------------------------------------------------

Package : drupal6
Vulnerability : several...

Linux 2.6.x fs/pipe.c local root exploit (CVE-2009-3547)

Sat, 07 Nov 2009 23:05:03 GMT

Posted by Edward D. Teach on Nov 07

For those who were not yet aware, there is at least 3 public exploits
since 11/05/2009 for CVE-2009-3547 targeting *all* linux kernels from
2.6.0 to 2.6.31 included. Since spender and fotis have already release
their own, there is not need for us to keep this on our hd.
ImpelDown.c is a poc trying to exploit null ptr dereference in fs/pipe.c
for *all* linux kernel from 2.6.0 to 2.6.31 and ImpelDown-2.6.31only.c
target only linux kernel version...

Re: How Prosecutors Wiretap Wall Street

Sat, 07 Nov 2009 19:51:48 GMT

Posted by Paul Schmehl on Nov 07

--On November 7, 2009 11:24:55 AM -0600 Valdis.Kletnieks () vt edu wrote:

No, actually I don't. I just did a lousy job of wording it.

That's only true if they can get the paperwork done and obtain the warrant
within 72 hours. Otherwise, at the 72 hour mark all monitoring must
cease. And guess who knows that? We don't exactly keep our operational
strictures secret, you know. And to think that terrorists aren't aware of
the rules within...

Re: How Prosecutors Wiretap Wall Street

Sat, 07 Nov 2009 19:32:18 GMT

Posted by Paul Schmehl on Nov 07

--On November 7, 2009 11:20:31 AM -0600 Rohit Patnaik
<quanticle () gmail com> wrote:

Why? If they were pursuing criminal charges against you, then, by all
means, they should have to comply with all the strictures that protect our
rights. But to gather intelligence about what terrorists are up to, even
if a US citizen is involved, should not require a warrant.

Intelligence works best in a world of secrecy. The more people that are...

Re: How Prosecutors Wiretap Wall Street

Sat, 07 Nov 2009 17:25:15 GMT

Posted by Valdis . Kletnieks on Nov 07

On Fri, 06 Nov 2009 23:42:45 CST, Paul Schmehl said:

Actually Paul, you have that bass-ackwards, and it's important.

They are allowed to start wiretapping immediately, and then have 72 hours
*after they already started listening* to find a FISA court judge and
do the paperwork. So yes, the terrorists don't wait for a warrant, and
the NSA doesn't need to wait either.

So let's see.. You're the NSA. You develop a person of interest. You start...

Re: How Prosecutors Wiretap Wall Street

Sat, 07 Nov 2009 17:20:50 GMT

Posted by Rohit Patnaik on Nov 07

The direction of the association doesn't matter. It doesn't matter if the
"terrorist" is contacting me, or if I'm contacting the terrorist. In either
case, the US government should get a warrant before they spy on me. Also,
this executive opinion doesn't just apply to the CIA and the NSA. It
applies to the entire executive branch, including law enforcement.

Secondly, we seem to have a general disagreement about the intent of the...

Re: How Prosecutors Wiretap Wall Street

Sat, 07 Nov 2009 05:43:08 GMT

Posted by Paul Schmehl on Nov 06

--On November 6, 2009 10:10:56 PM -0600 Rohit Patnaik
<quanticle () gmail com> wrote:

First of all, the NSA and CIA don't pursue criminal cases against US
persons. That's the job of law enforcement. The NSA is a military
agency. Their job is to protect the US against its enemies by providing
the military with intelligence that helps in planning and the conduct of
operations. The CIA is a civilian agency tasked with the job of...

Re: How Prosecutors Wiretap Wall Street

Sat, 07 Nov 2009 04:11:18 GMT

Posted by Rohit Patnaik on Nov 06

If it is so clear that a US citizen is involved in terrorism and is
communicating with terrorists beyond our borders, then why is it so hard for
the NSA, CIA, FBI or Homeland Security to get a warrant? After all, its not
like they can claim that there wasn't time to get a warrant - the
pre-existing law allowed them to put in expedited requests for warrants
after the actual wiretap started, in addition to allowing continued use of
wiretaps while...

Re: How Prosecutors Wiretap Wall Street

Sat, 07 Nov 2009 02:57:01 GMT

Posted by Paul Schmehl on Nov 06

--On November 6, 2009 6:07:17 PM -0600 Rohit Patnaik <quanticle () gmail com>
wrote:

Right. The New York Times prints an article claiming that a
"whistleblower" has revealed the content of a secret Executive Order. The
Washington Post then repeats that claim, without any substantiation other
than the supposed statement of an anonymous informant and unnamed
"administration officials" quoting "classified...

Re: How Prosecutors Wiretap Wall Street

Sat, 07 Nov 2009 01:13:07 GMT

Posted by Paul Schmehl on Nov 06

--On November 5, 2009 10:03:31 PM -0600 Chris <r0ck () operamail com> wrote:

Not being privy to the process, I couldn't even say if the approval
process is that high. I'm not inclined to believe it simply because some
reporter or secret source claimed it to be true. You, of course, live
with the absolute certainty that you know the truth and no other possible
explanation is plausible than the one you believe.

I think this subject...

Re: How Prosecutors Wiretap Wall Street

Sat, 07 Nov 2009 00:07:37 GMT

Posted by Rohit Patnaik on Nov 06

On Fri, Nov 6, 2009 at 1:25 PM, Paul Schmehl <pschmehl_lists () tx rr com>wrote:

You say that claims about the NSA conducting warrantless wiretaps against US
citizens are unsubstantiated. That is totally and blatantly false (
http://is.gd/4PcWV). The linked article clearly states, "Mr. Bush's
executive order allowing some warrantless eavesdropping on those inside the
United States - including American citizens, permanent legal...

Re: How to receive SPAM mail

Fri, 06 Nov 2009 21:47:24 GMT

Posted by Michael Holstein on Nov 06

I had to do a similar thing when doing a spam-appliance "vendor
shakedown" .. what I did was setup a subdomain

eg: test.mycompany.com

and then create email IDs within that subdomain that had valid mailboxes

eg: bob () test mycompany com, suzie () test mycompany com, etc.

and then I used Google to search for "free offers" and "work from home",
etc. and entered those IDs on about 100 different sites. There's tons...

Re: How Prosecutors Wiretap Wall Street

Fri, 06 Nov 2009 19:36:00 GMT

Posted by Paul Schmehl on Nov 06

--On Friday, November 06, 2009 10:46:39 -0600 Valdis.Kletnieks () vt edu wrote:

The root claim is that the NSA was/is conducting illegal, warrantless
surveillance on American citizens. That claim has never been substantiated,
and that is precisely my point. If you know anything about internet routing
(and I know you do), then you understand that to capture the traffic of
terrorists you would have to be at a peering location where traffic...