Re: Raid/Dustin Cook: "I am possibly going to just flat out ****ing kill you."

[FromTheRafters]

"Gramsterdam" <sealteam6@osama-is-dead.net> wrote in message
news:gvgl67pu3qviqjbank14fdukhol4it94d1@Osama-is-dead.net...
[...]

> I read what they said, it's nothing like you are trying to make it out
> to be; an 'ASS-SPANK'.
>
> I think David Lipman and FTR will back *that* up. X-posted for Mr.
> Lipman.

I was only pointing out that you were wrong to assume that Dustin was
writing about sharing his disassembly and analysis with blackhats in an
unnamed forum. The forum he is talking about is working to fight malware
and this LoJack implementation has real-world malware implications if
it can be subverted and is security through obscurity if it can be defeated.

I know a thing or two about computers myself, and IMO Dustin is fully
capable of reading BIOS and expansion ROM and analyzing it for
security.

I'm wondering if it uses the UNDI that was part of the PXE specification
and that simply disabling your NIC through software is not enough to
defeat the 'calling home' feature. I hope he does decide to divulge at
least *some* of his analysis here (the spyware group) because it is on
topic and interesting to me.

He's a whitehat now, the anonymous character assassination posts
should be ignored.

[Dave U. Random]

In article <erln67ltjmf1ji736dbq3ck6mmhvs8scl7@Osama-is-dead.net>
Gramsterdam <sealteam6@osama-is-dead.net> wrote:
>
> FromTheRafters wrote:
>
> >I was only pointing out that you were wrong to assume that Dustin was
> >writing about sharing his disassembly and analysis with blackhats in an
> >unnamed forum.
>
> I know what you meant, and you're entitled to your opinion. I maintains
> he does not know as much as he's bragging about, and the type of person
> he is does not lend him to 'share'.
>
>
> >The forum he is talking about is working to fight malware
> >and this LoJack implementation has real-world malware implications if
> >it can be subverted and is security through obscurity if it can be defeated.
>
> What forum is that? He's being a dick like its a secret.

You might try here.

Out of the 236 comments, you might find more paths.

http://it.slashdot.org/story/09/07/3...ops?art_pos=11

or

http://************/3kh2qep
[Open in new window]

Or, give your recipients confidence with a preview TinyURL:

http://preview.************/3kh2qep
[Open in new window]

BIOS "Rootkit" Preloaded In 60% of New Laptops 236
Posted by kdawson on Friday July 31 2009, @11:45AM
from the hijacking-lojack dept.

Keldrin_1 writes "Researchers Alfredo Ortega and Anibal Sacco, from
Core Security Technologies, have discovered a vulnerability in the
'Computrace LoJack for Laptops' software. This is a BIOS-level
application that calls home for instructions in case the laptop is ever
lost or stolen. However, what the application considers 'home' is
subject to change. This allows the creation of malware capable of
'infecting the BIOS with persistent code that survive reboots and
reflashing attempts.' Computers from Dell, Lenovo, HP, Toshiba, Asus,
and others may be affected."

50 of 236 comments loaded

[Dustin]

Gramsterdam <sealteam6@osama-is-dead.net> wrote in
news:erln67ltjmf1ji736dbq3ck6mmhvs8scl7@Osama-is-dead.net:

> FromTheRafters wrote:
>
>>I was only pointing out that you were wrong to assume that Dustin
>>was writing about sharing his disassembly and analysis with
>>blackhats in an unnamed forum.
>
> I know what you meant, and you're entitled to your opinion. I
> maintains he does not know as much as he's bragging about, and the
> type of person he is does not lend him to 'share'.

LOL. Nice backpeddling, Morgan. Why ask for either opinion if you
aren't going to accept it? As I told you, I'm under constant peer
review because of my past activities. If I was trying to bull**** you
or anybody else, They'd fire on me so fast it'd make my own head spin.

You don't know the type of person I am, I can give you an example which
directly disproves your silly notion that I don't share. Another easier
example is BugHunter. I never required a single penny for use,
business/noncommercial all the same. BugHunter was used in both
environments, and I can prove those claims as well. The damn thing is
still used, although I discourage relying on it as the database hasn't
been updated in a very very long time. I leave it online for nostalgic
purposes.


http://thepiratebay.org/user/raidy/

Feel free to read the comments, and see that Green pir8 flag? Go ahead,
put your mouse over it, read the following. "Trusted". Unf. **** You,
then.

> What forum is that? He's being a dick like its a secret.

I'm not being a dick. I can't give you the forum url or discuss
anything specific concerning it. It's part of the rules I agreed too in
order to have an account and access. However, it does exist. Obviously,
or FTR wouldn't know what I was talking about. You have to be one of
the following to get access, AND a known member has to vouch for you,
Actually, several known members.

(a) Antivirus/antimalware researcher, professional, known and trusted
in the community
(b) A company which develops antimalware/antivirus tools, Again, known
and trusted.

You cannot get access without those conditions, as the material being
discussed often has live samples, either in binary and sometimes
outright source code. As the code is inherently dangerous, it would be
really irresponsible to openly share it with people who aren't capable
of safely studying it. Like, you.


--
I am a sinner
Hold my prayers upto the sun
I am a sinner
Heaven's closed for what I've done.