From jericho at attrition.org  Sun Apr  3 23:12:21 2011
From: jericho at attrition.org (security curmudgeon)
Date: Sun, 3 Apr 2011 23:12:21 -0500 (CDT)
Subject: [attrition] TV, Tech and Books
Message-ID: <alpine.LNX.2.00.1104032311550.10191@forced.attrition.org>



A few of you likely remember I keep a list of IP and e-mail addresses as seen 
on TV and movies:

http://attrition.org/misc/ee/tv_tech

Kind of along those lines.. if anyone watches 'Fringe', episode 3x12 is 
interesting. When Nina Sharpe goes into a storage room full of William Bell's 
(played by Leonard Nimoy) stuff, she passes her hand in front of a stack of 
books:

- A Separate Reality, Further Conversations with Don Juan by Carlos Castaneda
- This Second Ring of Power by Carlos Castaneda
- Dr. Spock's Baby and Child Care by Benjamin Spock
- In the Wake of Chaos: Unpredictable Order in Dynamical Systems by Stephen H. Kellert
- G?del, Escher, Bach: An Eternal Golden Braid by Douglas R. Hofstadter
- [Blue book I cannot identify. May have 'Tao?' or 'Lao?e' and '?nav' in
    it. Very odd red font on blue book.]

If anyone has an HD version of the show, they can likely pick out the blue book 
and one other standing up next to it.

From lyger at attrition.org  Sat Apr 16 18:32:49 2011
From: lyger at attrition.org (lyger)
Date: Sat, 16 Apr 2011 18:32:49 -0500 (CDT)
Subject: [attrition] attrition post from tiamat.karma@gmail.com requires
	approval (fwd)
Message-ID: <alpine.LNX.2.00.1104161827570.574@forced.attrition.org>


Quick backstory: we received this email earlier today from someone who 
subscribed to the attrition mail list and then attempted to send this to 
the list.  Since the list is moderated, it sat in queue.  Below is my 
reply to the original email (top-posted for your general annoyance).

Moral of the story:  Don't be a dumbass. The End.


---------- Forwarded message ----------
From: lyger <lyger at attrition.org>
To: tiamat.karma at gmail.com
Date: Sat, 16 Apr 2011 18:19:44 -0500 (CDT)
Subject: attrition post from tiamat.karma at gmail.com requires approval (fwd)


We received the following to the Attrition mailing list, which is a public mail 
list with a few hundred subscribers and is only able to be posted to by 
attrition.org staff members.  Since the information you sent below was only 
viewed by a couple of attrition.org staff members, we would like to quote 
President Obama when we ask:

"You think we're stupid?"

This guy has done nothing to *us*, yet you want *us* to fuck with him. Better 
yet, you seem to imply that you want us to commit a crime on your behalf by 
"acquir(ing) funds using the information below". We don't know you, we don't 
know him, and we sure as hell don't want to get to know any FBI agents any 
better than we already do, which is vaguely at best. With this said, we urge 
you to find another method of dealing with whatever issues you have with this 
particluar individual before the urge to contact law enforcement officials and 
give them your email address comes over us.

In other words, get off the goddamned internet before you get yourself in a 
fucking shitheap of trouble.

Smooches, bitch.

Lyger

---------- Original message ----------

From: karma karma <tiamat.karma at gmail.com>
To: attrition at attrition.org
Date: Sat, 16 Apr 2011 12:50:15 +0000
Subject: Help exact vengeance on a wife beater/philanderer/compulsive liar

He beat his wife, was arrested, and got off on a technicality. All while
having 5 mistresses and claiming to be a former green beret (lie). If you
acquire funds using the information below, please donate them to a local
shelter for battered women. Please.

Name: Michael Robert (redacted)
DOB: (redacted
SSN: (redacted)
Address: (redacted)
Phone: xxxxx (redacted)
Mother's Maiden Name: xxxxx (redacted)
Known email addresses: xxxxxx at yahoo.com , xxxxxx at yahoo.com (he is an ham
radio enthusiast)
Drives a XXXX (redacted)

Bank accounts:
XX Credit Union Member #(redacted)  checking acct #(redacted)
XX Credit Union Member (redacted)

From jericho at attrition.org  Fri Apr 29 20:56:31 2011
From: jericho at attrition.org (security curmudgeon)
Date: Fri, 29 Apr 2011 20:56:31 -0500 (CDT)
Subject: [attrition] Legal goons threaten researcher for reporting security
	bug
Message-ID: <alpine.LNX.2.00.1104292055520.21990@forced.attrition.org>


This and other incidents like it are covered at:

http://attrition.org/errata/legal_threats/

---------- Forwarded message ----------
From: Richard Forno <rforno at infowarrior.org>

Legal goons threaten researcher for reporting security bug

When vuln disclosures are outlawed...

By Dan Goodin in San Francisco ? Get more from this author

Posted in Security, 29th April 2011 23:12 GMT

http://www.theregister.co.uk/2011/04/29/security_researcher_threatened/

A German software company has threatened legal action against a security 
researcher who privately reported a critical vulnerability in one of its 
programs, Dark Reading reports.

Legal goons from Magix AG sent a nasty gram to a researcher who goes by 
?Acidgen? after he reported the stack buffer overflow in the company's 
Music Maker 16. According to the report, Acidgen alerted Magix 
representatives to the bug in several emails that also included 
proof-of-concept code that forced the Windows calculator to open, 
indicating the flaw could be exploited to execute malicious code on a 
victim's computer.

Acidgen also provided suggestions for fixing the flaw, Dark Reading said. 
He also told the representatives he planned to disclose vulnerability 
details publicly once a patch was released.

[..]