Joe Barr, SecurityFocus 2001-06-07
'Fluffy Bunny' claims he didn't target the open source community for attack... It just worked out that way.
Colapse all |
Post comment
Can this guy be serious?
2001-06-08
Feh (1 replies)
Feh (1 replies)
Can this guy be serious?
2001-06-09
bofh (at) hell (dot) org [email concealed]
bofh (at) hell (dot) org [email concealed]
Theres no way in the world that this guy is a security consultant. A real security consultant wouldn't be that stupid and would understand how much effort and resources goes into securing a site after such a break in, especially at a place like Source Forge. I would bet that Fluffy Bunny is a friend...
[ more ] [ reply ]
[ more ] [ reply ]
Fluffy sucks
2001-06-08
Along with a terrible handle.... (2 replies)
Along with a terrible handle.... (2 replies)
Along with the worst freaking handle i've heard in awhile, "Fluffy Bunny"... this person is just terrible.
Top complaints:
1. Gives a really bad name to security consultants (or
those masquerading as security consultants)
A. True security pros would never pull this
...
[ more ] [ reply ]
Top complaints:
1. Gives a really bad name to security consultants (or
those masquerading as security consultants)
A. True security pros would never pull this
...
[ more ] [ reply ]
Fluffy sucks
2001-06-08
Flip
Flip
Yeah, I have to agree. I have my money on Fluffy being an ego driven 14 year old. And even assuming an anti-disclosure movement does exist, that only explains the Apache and Sourceforge cracks. It doesn't explain why he cracked Exodus in the first place, or why he defaced themes.org. I'm thinking he...
[ more ] [ reply ]
[ more ] [ reply ]
What a joke
2001-06-08
John
John
Such a community does exist. I have seen posts to various lists stating that they have and have seen over 50 private exploits going around in this community. Personally, I could care less about the exploit code, but I would like a fix and a small advisory at the minimum. The only people who support ...
[ more ] [ reply ]
[ more ] [ reply ]
Script Kiddies
2001-06-09
Anonymous
Anonymous
Well when admiting that he uses other peoples code, this actually states that he is just a young little script kiddie that downloads code and runs it to show off that he is 31337.
Kiddies like Fluffy are all over the place, especially on IRC channels organizing mass hacks and defacements...
I ...
[ more ] [ reply ]
Kiddies like Fluffy are all over the place, especially on IRC channels organizing mass hacks and defacements...
I ...
[ more ] [ reply ]
heh what a joke
2001-06-09
prodigy
prodigy
what kind of wanker defaces a site and then asks to meet on irc? And then leaves abruptly? Sounds like a PFY if you ask me. Oh? What kind of "grey hat" would deface a site? Only a loser looking for attention. We hung little craps like you up on the hooks in the gym bathroom little boy.
prod...
[ more ] [ reply ]
prod...
[ more ] [ reply ]
Anti-disclosure may be stupid but ...
2001-06-09
Dr.Zero
Dr.Zero
It actually has some ideas that might be worth building on. Wouldn't it be great if when a bug was discovered the authors of the program was the only ones contacted and the only thing sent out publicly would be a notice of the bugfix being available?
That way I do believe the stupid script-kiddies ...
[ more ] [ reply ]
That way I do believe the stupid script-kiddies ...
[ more ] [ reply ]
Stop asking why
2001-06-09
Srin Tuar
Srin Tuar
Why doesnt matter. Motivations for doing stupid things
are not worth overanalyzing, mainly because morality
is an ineffective security system.
The only thing that matters is how he did it: sniffing
from compromised intermediaries. There is nothing a host
can do to stop users from giving out t...
[ more ] [ reply ]
are not worth overanalyzing, mainly because morality
is an ineffective security system.
The only thing that matters is how he did it: sniffing
from compromised intermediaries. There is nothing a host
can do to stop users from giving out t...
[ more ] [ reply ]
Bunny is a lying script kiddie...
2001-06-09
Anonymous
Anonymous
I work for a large hosting provider, in the hosting technology division, and I'd be willing to bet that 99.999% of serious hosting providers use a switched network (like we do) that would make it pretty tough to get any valuable data from a packet sniffer. This guy sounds like a script kiddie who kn...
[ more ] [ reply ]
[ more ] [ reply ]
...
[ more ] [ reply ]