1995-10-19 - Re: 50 attacks… [NOISE]

Header Data

From: fc@all.net (Dr. Frederick B. Cohen)
To: cypherpunks@toad.com
Message Hash: f37e84241b9dcec973b67aa675d9490dea2518a2a7582be84cbd423a0baa3419
Message ID: <9510190043.AA11578@all.net>
Reply To: N/A
UTC Datetime: 1995-10-19 00:46:25 UTC
Raw Date: Wed, 18 Oct 95 17:46:25 PDT

Raw message

From: fc@all.net (Dr. Frederick B. Cohen)
Date: Wed, 18 Oct 95 17:46:25 PDT
To: cypherpunks@toad.com
Subject: Re: 50 attacks... [NOISE]
Message-ID: <9510190043.AA11578@all.net>
MIME-Version: 1.0
Content-Type: text


Boy, you people just don't appreciate anything that has a little bit of
humor mixed with a little bit of reality. 

1 - I can't believe that you failed to see any humor in the fifty ways
to leave your Netscape posting.  I would have thought some of you would
have noticed that a substantial number of these methods would work with
current W3 browsers! Do I really have to set up a URL to prove it to
you? If I do, what good will it do me?

2 - I can't believe that you all think that aplets (a.k.a.  downloadable
programs at the push of a button) will make you safe.  The "we will only
run trusted applets and they will all be secure" attitude is 180 degrees
off base from my view.

3 - I would have figured at least one of you would have looked up the
chosen plaintext attack and told me why Netscape keys can't be gotten
at this way.  I think there's an off change I could win a grand!

4 - If you just keep quiet, I may be able to get $50K out of Netscape
for a few minutes of typing.  If they can make a billion on hype, why
can't I make $50K?

5 - How much do you want to bet that within 12 months of my posting, at
least 10 of the 50 listed items will have happened in one form or
another? I got the same flaming 8 months ago when I mentioned that I
thought syslog could be gotten at because of the way it was designed.
I got piles of flames telling me to show code or stop smearing syslog.
Three months later, a syslog attack appeared, and three months later,
another one showed up.

6 - I think that it is the responsibility of the people who claim
"security" to tell us what they mean by it and to demonstrate why we
should believe them.  You may disagree, but I didn't see any flames when
I asked what they meant by secure only a few days ago.  I also didn't
see any answers.

7 - I got one assertion that the reason my earlier message was perceived
as malicious was because I started with the word WRONG!!!  It's probably
correct that that's why I got flamed for it, so from now on, I want you
all to design your mail filters to replace WRONG!!! in my postings with
I respectfully disagree.

8 - The first 50 flamers responding to this message get a free 1 Gigabyte
email message every day for the next week.  Anonymous remailers included.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




Thread