Recent "rumors"

From: gobblesat_private
Date: Mon Jun 17 2002 - 12:46:14 PDT

  • Next message: thc [@drug.org]: "tracesex.pl : TrACESroute 6.0 GOLD local format string exploit"

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    
    First, we'd like to thank The Blue Boar for discussing this matter with us and explaining the criteria to which we must abide to in order to have this message posted on his list.  We should probably make it clear that the posting of this message isn't indicative that GOBBLES Security posts will become regular to this list; we have been told that our general contributions are not up to par with the requirements for this list.
    
    Having said that, we would like to say a few things.
    
    First, GOBBLES Security does not share our private advisories with anyone, and we do not share any of the materials derived from our private research with anyone (exploits, tools, etc).  When we do share material, we share it with the community at large, and not just isolated groups.  Any allegation that other groups (including 7350) have developed tools/exploits based off our "private" materials is completly ludicrous.
    
    We don't believe that this is a forum to discuss warez.  At some point in the future, those advisories may be made public, but at this time we're really not even sure how the vulnerability titles (Apache, sshd, pf) even made it public.  Our preauthentication hole in OpenSSH/SSH (discovered in October) was inadvertenly discovered by another researcher, from redhat.com, who found the same zlib decompression bug, and realized that some other things might also be exploitable.  The Apache hole we've been playing with has also been made public, since it has recently been uncovered by other researchers in their own bugsquashing efforts.  The pf technique isn't entirely ours anyways, it's built off a concept invented by route (mikeat_private) and if we were to publish it, it'd be intruding upon his intellectual properties.
    
    We've talked the matter over with skyper, who assures us that these codes listed do not exist, and that no members of 7350 have developed code based off of our private/unreleased advisories at this time.  His word is enough for us, and any efforts to slander him is extremely unacceptable.
    
    Futher, posting fake irc logs onto a mailing list is hardly acceptable behavior.  The person who started this thread is nothing more than a troll, and their post (in the collective opinion of GOBBLES Security Members) should never have appeared on this list.
    
    And finally, to the allegation from The Great Pr0ix, where she claims that "GOBBLES is a deliberate joke played out by some otherwise avid fans of non-disclosure", this simply is not true.  GOBBLES Security support full disclosure, not nondisclosure.
    
    This is an attempt from a warez-guru attempting to slander a respectible nonprofit security group.  Also, to add a little fuel to the fire, listening to someone like pr0ix who makes a living off reselling the private resaearch of individuals, probaly is not the best practice for information on the latest vulnerabilities.  He is not a member of 7350, nor is he a member of GOBBLES Security, and is not in a position to speak on the motivations of either group, nor is he in a position to state what does and does not exist.
    
    Please keep this forum professional.
    
    - -GOBBLES Security
    -----BEGIN PGP SIGNATURE-----
    Version: Hush 2.1
    Note: This signature can be verified at https://www.hushtools.com
    
    wlwEARECABwFAj0OPJMVHGdvYmJsZXNAaHVzaG1haWwuY29tAAoJEBzRp5chmbAPGlAA
    oJoqFgdTEj/9I8T+Yaa9OW96fCaZAKCWsYZFGc/xEefs7L58CpxQQEnL0w==
    =mxj0
    -----END PGP SIGNATURE-----
    



    This archive was generated by hypermail 2b30 : Mon Jun 17 2002 - 20:19:30 PDT