<div dir="ltr"><div><div><div><div><div><div>"they think if Metasploit for instance
was never born,<br>
there would have been less pwnage in the world."<br><br></div>list knows i never stop missing Christopher , so , without further ado i want to put an assertion here . they say "arguably" their point is logically valid . logic being we are a Hamiltonian closed system where the total kinetic energy of offense is just equal to the sum of our mosdef nodes . with a sober mind , one would even calculate how much a healthy mosdef node can actually do harm in an assumed n-degree space system with defined objects and specific values . to make the conversation understandable for people of different native mother languages , i am not going to ignore the philosophical platform where and when such engineering is happening , it sounds silly first but you get used to it . therefore we can simply save time and presume a smart one of these guys comes right after each update of each tool , and assigns precisely how much of potential damage ( in some metrics like Joule , Ton , Watt ) just added to the system . we are told by many people in many centuries written on many books that evil thoughts make harm or eventually result in harm therefore the thoughts themselves even if they dont get implemented into a mosdef - a potential harm - in Delta t , still , add to the total kinetic energy of offense and whether the thoughts or the resulting mosdefs are rotating or angular because they finally move , by that , i mean dave's business . <br>
<br></div>still ignoring the philosophic platform , which is "the" issue and still , ironically enough , we can argue our way out . How ? even within the constraint of the conversation in terms and agreements , their idea is Stupid ( offense intended ) . they got to make the system either absolute zero evil thought , or there must be good mosdefs AND evil mosdefs . or maybe they are Ok with Classic mechanics with a finger up Newton's butt ass the forth rule ?<br>
<br></div>i suggest no addition of advanced math and physics , any kind of societal dialog or even honor the conversation more than what it is , by adding variety of philosophic thoughts giving insane complex angels to the topic . that actually might be evil itself considering you are spending electrics based on offshore oil and nuclear reactors with hazard waste that ages more than us ;)<br>
<br></div>@ Dave : any PR is still PR . see how smooth i turned meterpreter into mosdef ? paypal me what you honestly think the work deserve and consider i am not legal to work in U.S or be dealt with from within U.S :><br>
</div>wasnt it more fun if you got yourself a spot to talk about the RSA's bullshit story with the Iranian Cyber Police , their "talk" , and finally entertaining restrictions on that organization as a whole due to its involvement in aggregating monster SYN floods to Citibank ? :D <br>
<br><br></div>M.<br><br></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Tue, Feb 12, 2013 at 9:48 PM, antisnatchor <span dir="ltr"><<a href="mailto:antisnatchor@gmail.com" target="_blank">antisnatchor@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">The problem IMHO is lots
of people out there still believe in security by obscurity.<br>
Translated for this specific case, they think if Metasploit for instance
was never born,<br>
there would have been less pwnage in the world.<br>
<br>
There are too many examples this statement is obviously wrong.<br>
<br>
Many times the only way to "wake up" sleeping vendors, lazy with
patching, is exactly<br>
creating a tool that automates attacks and pwnage.<br>
<br>
You can't imagine how many attacks in BeEF are not working anymore
(sigh) because<br>
vendors silently patched the bug after we wrote or ported an exploit to
BeEF.<br>
<br>
Cheers<br>
antisnatchor<br>
<blockquote style="border:0px none" type="cite">
<div style="margin-left:40px"><hr style="border:none 0;border-top:1px dotted #b5b5b5;min-height:1px;margin:0"><br></div>
<table style="padding-top:5px">
<tbody><tr><td style="padding-top:4px" valign="top"><img src="cid:part1.01080002.08080101@gmail.com" name="13cd00106363fb9c_compose-unknown-contact.jpg" height="25px" width="25px"></td><td style="padding-left:5px" valign="top">
<a href="mailto:dave@immunityinc.com" style="color:#2057ef!important;text-decoration:none!important" target="_blank">Dave Aitel</a><br><font color="#888888">February 12, 2013 5:50 PM</font></td></tr></tbody>
</table>
<div style="color:#888888;margin-left:35px"><div><div class="h5"><br>
So as you can see below, I'll be at RSA asking Andrew Jaquith why on
earth he thinks penetration testing tools are evil. To be honest, I
have no idea. Does that also imply penetration testing is evil, or
is he saying that penetration testing tools make people lazy and
therefor you get better penetration tests without them, in which
case I'll try to get him to write his future papers without a
keyboard or something.<br>
<br>
Speaking of penetration testing tools - Immunity is hiring CANVAS
developers here in Miami Beach. If you want to work on CANVAS and
you speak both assembly language and Python and have a passion for
building awesome tools that let people break into systems (some of
which we make public!), then send me an email.<br>
<br>
We're also hiring an experienced Django web developer. <br>
<br>
You do also have to be legal to work here in Miami or Washington DC
for these positions. <br>
<br>
-dave<br>
<br>
<br>
<a href="https://ae.rsaconference.com/US13/connect/sessionDetail.ww?SESSION_ID=3297&tclass=popup#.URp4m2gUwM0.twitter" target="_blank">https://ae.rsaconference.com/US13/connect/sessionDetail.ww?SESSION_ID=3297&tclass=popup#.URp4m2gUwM0.twitter</a><br>
<br>
<div style="font-family:Arial,Verdana,sans-serif;margin-bottom:5px;color:rgb(153,153,153);font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:left;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px">
MASH-T16
- Debate: Internet GUN CONTROL - Are Pentesting Tools Good or
Evil?</div>
<fieldset style="font-family:Arial,Verdana,sans-serif;padding:0px;border:none;border-top-left-radius:5px;border-top-right-radius:5px;border-bottom-right-radius:5px;border-bottom-left-radius:5px;margin:0px;clear:both;color:rgb(153,153,153);font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:left;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><br style="font-family:Arial,Verdana,sans-serif">
Moderator(s): <br style="font-family:Arial,Verdana,sans-serif">
<a style="font-family:Arial,Verdana,sans-serif;text-decoration:initial;color:rgb(85,119,187)" href="https://ae.rsaconference.com/US13/connect/speakerDetail.ww?PERSON_ID=430145EACD4EBC80B7251A1E5A519F1E&tclass=popup" target="_blank">Pete
Lindstrom - Principal, Spire Security </a><br style="font-family:Arial,Verdana,sans-serif">
<br style="font-family:Arial,Verdana,sans-serif">
Panelist(s): <br style="font-family:Arial,Verdana,sans-serif">
<a style="font-family:Arial,Verdana,sans-serif;text-decoration:initial;color:rgb(85,119,187)" href="https://ae.rsaconference.com/US13/connect/speakerDetail.ww?PERSON_ID=66B255D131FD603BCBE896DDEB1F0617&tclass=popup" target="_blank">Dave
Aitel - Chief Executive Officer, Immunity, Inc. </a><br style="font-family:Arial,Verdana,sans-serif">
<a style="font-family:Arial,Verdana,sans-serif;text-decoration:initial;color:rgb(85,119,187)" href="https://ae.rsaconference.com/US13/connect/speakerDetail.ww?PERSON_ID=7A07665968A7B2320DCA9BF860462864&tclass=popup" target="_blank">Andrew
Jaquith - Chief Technology Officer, Perimeter
E-Security </a><br style="font-family:Arial,Verdana,sans-serif">
</fieldset>
<fieldset style="font-family:Arial,Verdana,sans-serif;padding:0px;border:none;border-top-left-radius:5px;border-top-right-radius:5px;border-bottom-right-radius:5px;border-bottom-left-radius:5px;margin:0px;clear:both;color:rgb(153,153,153);font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:left;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px">
<p style="font-family:Arial,Verdana,sans-serif">From SATAN in
the 90's to Metasploit today, penetration testing tools have
been common in the arsenal of information security
professionals. These tools allow any user to assess the
vulnerable state of their IT platforms. Some say that they are
useful while others assert they are detrimental for the overall
health of the Internet. Come hear the debate and weigh in with
your own opinions.</p>
</fieldset>
<br>
<div>-- <br>INFILTRATE - the world's best offensive information
security conference.<br>April 2013 in Miami Beach<br><a href="http://www.infiltratecon.com" target="_blank">www.infiltratecon.com</a><br></div>
</div></div><div>_______________________________________________<br>Dailydave
mailing list<br><a href="mailto:Dailydave@lists.immunityinc.com" target="_blank">Dailydave@lists.immunityinc.com</a><br><a href="https://lists.immunityinc.com/mailman/listinfo/dailydave" target="_blank">https://lists.immunityinc.com/mailman/listinfo/dailydave</a><br>
</div></div>
</blockquote>
</div><br>_______________________________________________<br>
Dailydave mailing list<br>
<a href="mailto:Dailydave@lists.immunityinc.com">Dailydave@lists.immunityinc.com</a><br>
<a href="https://lists.immunityinc.com/mailman/listinfo/dailydave" target="_blank">https://lists.immunityinc.com/mailman/listinfo/dailydave</a><br>
<br></blockquote></div><br></div>