full-disclosure-uk August 2008 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: Re: [Full-disclosure] Media backlash begins

Re: [Full-disclosure] Media backlash begins against HD Moore and I)ruid

From: n3td3v <xploitable_at_nospam>
Date: Tue Aug 05 2008 - 17:40:32 GMT
To: full-disclosure@lists.grok.org.uk


On Tue, Aug 5, 2008 at 6:08 PM, <Valdis.Kletnieks@vt.edu> wrote:
> On Tue, 05 Aug 2008 13:58:55 BST, n3td3v said:
>> Why did he phone up and get the AT&T servers patched AFTER the
>> incident and not BEFORE he released the exploit code to the world?
>> Because he is a lamer who didn't think out of the box and didn't think
>> about all eventualities BEFORE hand, therefore HD Moore on this
>> occasion was a fucking lamer.
>
> Or - maybe he's more clued than you think, and he did an actual risk analysis.
> Remember - security is *tradeoffs*.
>
> He figures out what the costs would be to move his nameservice to some other
> site (remembering to include in *all* the incidental costs, such as paying the
> registrar fee, the dollars/hour it costs for the person on his payroll doing
> the paperwork, the opportunity cost of what he could *otherw8se* have been
> doing if he wasn't busy moving the DNS around). He figures out what the costs
> are if the ATT servers do get poisoned (not *that* much, because he's not doing
> a hell of a lot of e-commerce), and how long it will take him to get ATT to fix
> it if it breaks.
>
> Then he adds in the *FREE* publicity of getting quoted in all the trade
> journals (and remember, there's very little publicity that's bad publicity).
> Consider if he *had* spent his time moving his DNS instead of writing
> Metasploit rules - *nothing* would have happened, he'd have gotten *zero*
> mentions. Instead, he gets *two* mentions - one for releasing the Metasploit
> stuff, and a second for getting caught when ATT gets pwned.
>
> Add it all up, and he's probably *ahead* if he *doesn't* move his DNS SOA to
> elsewhere.
>

Are you suggesting HD Moore had prior knowledge that the Austin Texas AT&T servers were vulnerable? Knowingly knew AT&T was vulnerable but purposely left it exposed to attack, so that he could get publicity for the tags "HD Moore", "Metasploit" and "Breaking Point" if the AT&T servers ever did get attacked? This sounds like something the intelligence services do, they know about an attack is possible but let it happen for political gains.

What is it you're accusing HD Moore of Valdis, allowing an attack to happen like the intelligence services do all the time?

This is a big allegation you've put forward Valdis, that AT&T and the authorities should look into..

>
> It's amazing how you've managed to make it to "jaded" without first figuring
> out how this industry actually works...
>

Yeah, i'm beginning to see how this industry works, false flag attacks, allowing attacks to happen for political gains, the corruption and the criminality.

All the best,

n3td3v



Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/