[nycbug-talk] openssh 0 day?

George Rosamond george at ceetonetechnology.com
Thu Jul 9 12:15:18 EDT 2009


Alex Pilosov wrote:
> On Thu, 9 Jul 2009, George Rosamond wrote:
> 
>> Bill Totman wrote:
>>>        gr> But sshd v 4.3?
>>>                                                                        
>>>         _
>>>     arhhahaar 3zpl0it iz unr334l.  my namez carton und ir u|\|aphr4i|>
>>>     on p0r|
>>>     22 bc n0 1 can hakxz0r my big-endian LP64 zystemsz!!!1!11!!  ze
>>> ph33r
>>>     iz 1n ze m4i1.  wif 4 ph33rzt4|\/|Pz 0n 1t.
>>>
>>>
>>> Would it have been faster to first learn and then write that in
>>> Esperanto?
>>>
>>> I'm just saying.
>>>
>> Well. . . back to the main point about the apparent exploit.
>>
>> FUD.  Nothing.
>>
>> http://isc.sans.org/diary.html?storyid=6760&rss
>>
>> Damien Miller's reply breaks down the 'exploit'
>>
>> http://lwn.net/Articles/340483/
>>
>> I would expect the security site to do a bit more research in posting
>> such stuff. . . especially when it's a 0day exploit with a widely used
>> daemon.
>>
>> That blog has a lot of credibility, and I wonder how much hassle was
>> caused by it.
> whose blog? isc.sans.org? It's a joke, really. crossing media with 
> security people who have almost no clue...

I was stating that the blog has wide credibility . . I wasn't stating 
who by, who should, is it valid, etc.

Alex P could think it's a joke which is certainly valid, but many people 
out there do follow it.  That's reality.

</alex-the-troll-feeding>

g



More information about the talk mailing list