[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] n3td3v denounces the actions of www.derangedsecurity.com
- To: yiri <yirimyah@xxxxxxxxx>, full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] n3td3v denounces the actions of www.derangedsecurity.com
- From: b.hines@xxxxxxxxxxx
- Date: Mon, 10 Sep 2007 14:58:18 +0000
Actually this fellow is shit dipped.
-------------- Original message --------------
From: yiri <yirimyah@xxxxxxxxx>
i can't believe that you posted that to full-disclosure.
dipshit.
On 9/10/07, worried security < worriedsecurity@xxxxxxxxxxxxxx> wrote:
this person has been sharing login information to the world wide web, opening
up world governments up to terrorist cyber intrusions. this guy has not been
sent to guantanamo bay yet why not? this reckless act of evil against western
values is not good for the world. we should stop these individuals from posting
government related informations which could harm the population of a country by
allowing sensitive data to be accessed by terrorist cyber intrusion. all
terrorists are linked up to the world wide web, making it likely the
informations were accessable to them and not just responsible security
professionals and law inforcement agencies. he said he was posting the
informations to let all affected governments learn of the vulnerability to
their government infrastructure as a collective of people as it would cause him
too much time and money to contact each government network individually.
however when there are more than government network employees learning of the
informa
tions,
then it becomes a risk to national security. the protection of the population
and the interests must become the governments first priorty. leaving this
individual to make funny remarks of the governments in question by parading
their network access informations in the public glare does more than alerting
the proper authority to the cause of getting security tightened.
derangedsecurity.com should be held accountable for their actions infront of
judge and jury. i as member of the public are fine with arguments and full
disclosure of e-commerce vulnerability informations being post to the world
wide web in the good nature of freedom of speech but the argument that exposing
the network access information of world governments leaving the network open to
terrorist cyber intrusion is unacceptable by any code of ethics that i can
agree with. i as member of the public say "not in my name" can you release
network access informations to the public for self satisfaction and delight that
you h
ave managed to breach the national security infrastructure of a government. i
say you should be ashamed, and if you had just claimed you were just being an
accessory and conspiracy to cause terrorist cyber intrustions then i wouldn't
be writing to complain, but its the fact you use full disclosure of a
responsible security professional as an excuse for your actions which makes me
believe you should be stripped of your job title and held accountable to the
governments you have left vulnerable to terrorist cyber intrusion. you are not
a security professional, you are lower than that, you are working against the
ethics of the basis of your career of security professional. responsible
security professionals don't risk the national security interests of multiple
world governments, leaving the population vulnerable in the process by making
the government network weaker by offering access to the mass public, where
ultimately cyber terrorists are lurking in wait to ambush the network
acces
s data to espionage on their operations. this information you post is what your
risking to the world, is a greater feeling of instability throughout the
affected countries and a general feeling of alarm and distress to the mass
public. your informations were reported to the mass public media on the
internet as well as chinese television stations, and other mediums of public
broadcasting, this is unacceptable in the level of your full disclosure ethic
has caused to the wider world. i believe your actions to be morally incorrect
and that your actions should be illegal while our brave men are fighting the
war on terror to protect your childrens future, this kind of anti government
disclosure shouldn't come under the ordinary full disclosure ethics. you post
on your website that you are angry your hosting company disapproved on your
disclosure to the mass public, you said why bother terminating my website when
informations are already been in the public domain? damage limtiation
is the
reason, and the fact the informations shouldn't have been there in the first
place, i thought maybe this would be an indication that your code of conduct
was actually immorally and maybe you would reconsider the legality of what you
put on your website, but you didn't, you kept the tempo high by relocating your
website to a new server which was under the control of your irresponsible self,
away from account terminations and away from becoming under the scrutiny of a
hosting companys terms of service agreement. you then try and point blame to
others, you blame the united states government for contacting your hosting
provider to get you shutdown and you blame the governments for leaving their
own population open to a national security breach. you in no way find yourself
accountable for any wrong doing in light of the informations posted, and you
find yourself innocent of any wrong doings. you abused and hi-jacked the full
disclosure code of ethics to risk the saftey of govern
ment e
mployees and the population of the affected nationals. weather any of the
governments request your arrest due to the incident is not upto me, but i feel
you should be in someway punished for your actions, since to this day you have
no remorse for what you have done and you don't seem to realise the potential
damage you could or may have caused. according to you, you said you hadn't
accessed every network that you exposed on your website, so you drove blindly,
and didn't even check what operational informations would be available to cyber
terrorists, if they decided to act on the network access information you
provided to the mass public. i ask the government to act swiftly to make this
style of full disclosure illegal if its not already illegal, we shouldn't have
this information spread all over the internet, this act of terrorism should be
flagged as such, instead of branding him a responsible security professional
following the full disclosure code of ethics, we should be d
enounc
ing this style of actions. full disclosure is fine for e-commerce and lower
level government network vulnerabilities, but to blatantly give the network
address and passwords of world governments without prior warning needs to be
exempt from the ordinary of what is normal ethics of full dislcosure
proceedure.
n3td3v
http://n3td3v.googlepages.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--- Begin Message ---
- To: full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] n3td3v denounces the actions of www.derangedsecurity.com
- From: yiri <yirimyah@xxxxxxxxx>
- Date: Mon, 10 Sep 2007 14:49:07 +0000
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--- End Message ---
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/