|
Home > Archive > Anonymous Servers > November 2007 > TOR anonymisation network phished
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
TOR anonymisation network phished
|
|
|
| Report of 21.11.2007 13:17
TOR anonymisation network phished, part 2
By publishing his TOR hack, Swedish researcher Dan Egerstadt recently
provided users with a timely reminder that The Onion Router (TOR)
anonymisation network should be enjoyed with caution. By setting up
five exit-nodes, Egerstad sniffed out large amounts of e-mail access
data from embassies and government agencies and published some of this
data on the internet. Since a user cannot know who operates the
individual exit-node through which his traffic passes, TOR users are
advised to always make use of additional encryption.
Advertisement
Members of the Teamfurry community got curious and took a look at the
advertised configurations of a few randomly selected TOR exit-nodes.
They stumbled on some extremely interesting results. There are, for
example, exit-nodes which only forward unencrypted versions of certain
protocols. One such node only accepts unencrypted IMAP and POP
connections (TCP ports 143 and 110) and only forwards messenger
connections from AIM, Yahoo IM and MSN Messenger if they are received
on ports on which traffic is handled as plain text. The same procedure
is applied to Telnet and VNC connections, used for remote access to
systems. Further, there are systems which are only interested in
specific destinations and, for example, exclusively forward HTTP
packets bound for MySpace and Google. HTTPS traffic to these
destinations is, however, blocked.
These peculiar configurations invite speculation as to why they are
set up in this way. The Teamfurry blog declines to go so far as to
impute nefarious motives to these nodes. Nevertheless, the report does
raise the question of whether users should route personal data via
such nodes. It is certainly generally believed that Chinese, Russian
and American government agencies operate TOR exit-nodes. Large
companies and illegal hacker groups are also thought to operate exit-
nodes. Looking through the list of TOR exit-nodes, it is striking that
the number of exit-nodes in China and the US has increased
disproportionately over the last year.
Employing channel encryption may also be of little help. The Teamfurry
blog reports the existence of an exit-node in Germany which apparently
attempts to hitch itself into an SSL connection using a man-in-the-
middle attack. A certificate forwarded via an SSL connection running
through this node is returned as a fake, self-signed certificate. This
generally produces an error message, but users will often ignore this.
This 'phishing node' has since disappeared from the network.
Into exactly whose hands any stolen data has fallen is not known.
However, Dan Egerstad last week found out what happens if you publish
such data on the internet, when he received a visit from Swedish law
enforcement agencies. Following a complaint, they turned his apartment
upside down and interrogated him for several hours. The source of the
complaint is not known, but it is thought it may have come from a
foreign government agency whose e-mail details had been published by
Egerstad.
Ref:
http://www.heise-security.co.uk/news/99333
Further ref:
http://www.teamfurry.com/wordpress/...tacks/#more-178
| |
| Cyberiade.it Anonymous Remailer 2007-11-22, 1:12 pm |
| Ilian wrote:
> Report of 21.11.2007 13:17
>
> TOR anonymisation network phished, part 2
>
> By publishing his TOR hack, Swedish researcher Dan Egerstadt
This isn't a "Tor hack" by any stretch of the imagination, or "phishing"
by any credible definition of the term. It's simple sniffing of
unencrypted information. Nothing more, nothing less.
If people would actually read what Dan Egerstad himself said about his
work rather than relying on third party sensationalism and FUD they'd be far
better informed, and considerably more capable of actually dealing with
potential holes in their anonymous setups.
> Employing channel encryption may also be of little help. The Teamfurry
Rubbish. SSL/TLS is designed to defeat, and has proved over the years to
be ultimately resistant to, MITM attacks.
> blog reports the existence of an exit-node in Germany which apparently
> attempts to hitch itself into an SSL connection using a man-in-the-
> middle attack. A certificate forwarded via an SSL connection running
> through this node is returned as a fake, self-signed certificate. This
> generally produces an error message, but users will often ignore this.
This is a problem with Tor exactly... how?
The same users would be duped by evil WiFi hot spots, nefarious local
network administrators, their own teenage rAd hAx0r children, or the same
alleged government BadGuys(tm) referred to in snipped portions of this
article running compromised switches on network backbones.
> This 'phishing node' has since disappeared from the network.
Outstanding! That fact alone proves just how easily evil nodes can be
spotted and eliminated. 
By the by, it's not the first to be outed by a long shot. nor will it
likely be the last.
http://www.mail-archive.com/or-talk...t/msg01957.html
https://www.blackhat.com/presentati...sa-07-perry.pdf
> Into exactly whose hands any stolen data has fallen is not known.
> However, Dan Egerstad last week found out what happens if you publish
Indeed. Uberhacker Egerstad did a very stupid thing IMO. 
| |
|
|
| Thomas J. Boschloo 2007-11-24, 7:11 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
Cyberiade.it Anonymous Remailer wrote:
> Ilian wrote:
[snip]
>
> Rubbish. SSL/TLS is designed to defeat, and has proved over the years to
> be ultimately resistant to, MITM attacks.
Rubbish. PGP has a web of trust, SSL has root certificates, but none of
them protect against man-in-the-middle attacks.
Live in your fairytale world if you want to, but don't drag innocent
APA-S newbies into it.
Nothing 'ultimately' protects against MITM. Except key signing parties
maybe.
Thomas
- --
A society with suicide bombers
is a polite society
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQB5AwUBR0ib5wEP2l8iXKAJAQHIVgMfWv7gpIFt
CYvhENif1a21P359FgFKMyuQ
KKFvROXlrYUvmlCGxXo2IuQomRK9ybyRe11fiLev
z78uGaJvQAUzL9lExQhwLy2z
xFwFiLCgA58GEZEeNfhwHxwYiqfqmgJDvaQl6w==
=bpvn
-----END PGP SIGNATURE-----
| |
| Cyberiade.it Anonymous Remailer 2007-11-25, 1:15 am |
| Thomas J. Boschloo wrote:
> Cyberiade.it Anonymous Remailer wrote:
> [snip]
>
> Rubbish. PGP has a web of trust, SSL has root certificates, but none of
> them protect against man-in-the-middle attacks.
*laugh*
You should consider going back to chasing "girlfriends" around virtual
WoW realities loon.
SSL is in fact a protocol that implements strong encryption in such a
way that it's resistant to interlopers. In essence it's nothing more
than a tool to resist those types of attacks, but in your twisted
vision it doesn't protect users from them at all.
There's actually three general mechanisms implemented against MITM
attacks, and one of them has nothing do do with CA's, or "trust", or
anything like that. Now see if you can't for once figure out the
obvious on your own before your pathetic attempts to avenge your
demolished credibility lead you into yet another horribly embarrassing
episode.
Good luck.
| |
| Thomas J. Boschloo 2007-11-25, 7:14 am |
| -----BEGIN PGP SIGNED MESSAGE-----
Cyberiade.it Anonymous Remailer wrote:
[snip]
> *laugh*
>
> You should consider going back to chasing "girlfriends" around virtual
> WoW realities loon.
>
> SSL is in fact a protocol that implements strong encryption in such a
> way that it's resistant to interlopers. In essence it's nothing more
> than a tool to resist those types of attacks, but in your twisted
> vision it doesn't protect users from them at all.
>
> There's actually three general mechanisms implemented against MITM
> attacks, and one of them has nothing do do with CA's, or "trust", or
> anything like that. Now see if you can't for once figure out the
> obvious on your own before your pathetic attempts to avenge your
> demolished credibility lead you into yet another horribly embarrassing
> episode.
Then explain this message about MITM with SSL on TOR to me:
http://www.f-secure.com/weblog/archives/00001321.html
Ultimately resistant my XXX..
But ::sigh:: you are probably talking about protection against MITM once
the connection has been set up. Wake up call! Even IDEA protects against
MITM attacks once the session key has been exchanged!
Thomas
- --
A society with suicide bombers
is a polite society
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQB5AwUBR0lh5gEP2l8iXKAJAQFqfwMgkcfajeQB
x2FJfN9asd5oJJydUYQGoZfy
bklJKz4Wij5nyMpbDQMmxF4INh0YwHIcLUbwptdC
b6/94ZlUAsNnD0Vl8CEdOne1
vQxSX8Qakwhni35Hjic9HW8/ZjiqTQ3dgAVABg==
=rg2V
-----END PGP SIGNATURE-----
| |
| Anonymous Sender 2007-11-25, 1:14 pm |
| Thomas J. Boschloo wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
>
> Cyberiade.it Anonymous Remailer wrote: [snip]
>
> Then explain this message about MITM with SSL on TOR to me:
> http://www.f-secure.com/weblog/archives/00001321.html
Do you read your own cites? If SSL didn't protect against MITM attacks,
then how was this one discovered? Why isn't this node still in
operation?
The answer, of course, is that someone used SSL's built-in resistance to
MITM attacks to expose the crook(s). There's only one way SSL doesn't
work in 99% of real life scenarios, and that's if users click 'OK'
buttons willy-nilly. That's true whether Tor is involved or not.
>
> Ultimately resistant my XXX..
Of course it is Thomas. Ultimately, SSL works as advertised. You can't
blame users who don't read warning dialogs on a well thought out and time
tested method of securing connections. SSL offers numerous ways to detect
and prevent MITM attacks, and they work a treat as long as you don't
ignore or purposefully bypass them by shutting them off before the fact.
> But ::sigh:: you are probably talking about protection against MITM once
> the connection has been set up. Wake up call! Even IDEA protects against
> MITM attacks once the session key has been exchanged!
>
> Thomas
> - --
> A society with suicide bombers
> is a polite society
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.7 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iQB5AwUBR0lh5gEP2l8iXKAJAQFqfwMgkcfajeQB
x2FJfN9asd5oJJydUYQGoZfy
> bklJKz4Wij5nyMpbDQMmxF4INh0YwHIcLUbwptdC
b6/94ZlUAsNnD0Vl8CEdOne1
> vQxSX8Qakwhni35Hjic9HW8/ZjiqTQ3dgAVABg== =rg2V
> -----END PGP SIGNATURE-----
| |
| Thomas J. Boschloo 2007-11-25, 1:14 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
Anonymous Sender wrote:
> Thomas J. Boschloo wrote:
[snip]
>
> Do you read your own cites? If SSL didn't protect against MITM attacks,
> then how was this one discovered? Why isn't this node still in
> operation?
>
> The answer, of course, is that someone used SSL's built-in resistance to
> MITM attacks to expose the crook(s). There's only one way SSL doesn't
> work in 99% of real life scenarios, and that's if users click 'OK'
> buttons willy-nilly. That's true whether Tor is involved or not.
Your incompetence makes me smile.
If you host the site TOR is supposed to connect to, you don't need SSL
in the first place.
Just plug in a keyboard, mouse and disconnect your ethernet cable and
you will be more secure than you can wish for with the use of SSL.
> Of course it is Thomas. Ultimately, SSL works as advertised. You can't
> blame users who don't read warning dialogs on a well thought out and time
> tested method of securing connections. SSL offers numerous ways to detect
> and prevent MITM attacks, and they work a treat as long as you don't
> ignore or purposefully bypass them by shutting them off before the fact.
Read is not enough these days my dear Watson. Sometimes the letters lie
to you.
Thomas
- --
A society with suicide bombers
is a polite society
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQB5AwUBR0mM7wEP2l8iXKAJAQG/OAMcDfEgMssOfJ+o1gVfja96a6YVZ7AlNx23
DH9sZSPI8duvkRr56GyrisMGVqFzKiYfy97trRku
EinfgFZ/RHs1fK8pZNRluAiQ
JMclpatuYrsBY0DKE8yns6+kavdPiXmXXJqvTA==
=Tmiw
-----END PGP SIGNATURE-----
| |
| Cyberiade.it Anonymous Remailer 2007-11-25, 1:14 pm |
| Thomas J. Boschloo wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
>
> Anonymous Sender wrote:
> [snip]
>
> Your incompetence makes me smile.
>
> If you host the site TOR is supposed to connect to, you don't need SSL
> in the first place.
You probably don't even realize you just kicked your own XXX, do you
Thomas?
<chuckle>
>
> Just plug in a keyboard, mouse and disconnect your ethernet cable and
> you will be more secure than you can wish for with the use of SSL.
>
>
> Read is not enough these days my dear Watson. Sometimes the letters lie
> to you.
>
> Thomas
> - --
> A society with suicide bombers
> is a polite society
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.7 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iQB5AwUBR0mM7wEP2l8iXKAJAQG/OAMcDfEgMssOfJ+o1gVfja96a6YVZ7AlNx23
> DH9sZSPI8duvkRr56GyrisMGVqFzKiYfy97trRku
EinfgFZ/RHs1fK8pZNRluAiQ
> JMclpatuYrsBY0DKE8yns6+kavdPiXmXXJqvTA==
=Tmiw
> -----END PGP SIGNATURE-----
| |
| Cyberiade.it Anonymous Remailer 2007-11-26, 1:15 am |
| In article <47498ce4$0$3362$e4fe514c@dreader11.news.xs4all.nl>, Thomas
J. Boschloo <nospam@hccnet.nl> wrote:
>
> If you host the site TOR is supposed to connect to, you don't need SSL
> in the first place.
>
> Just plug in a keyboard, mouse and disconnect your ethernet cable and
> you will be more secure than you can wish for with the use of SSL.
That make absolutely no sense.
| |
| J(ohn|ane) Doe 2007-11-26, 7:17 am |
| Thomas J. Boschloo wrote:
> Cyberiade.it Anonymous Remailer wrote:
> [snip]
>
> Then explain this message about MITM with SSL on TOR to me:
> http://www.f-secure.com/weblog/archives/00001321.html
How about YOU explain, in detail, how this sort of thing is discovered
if SSL isn't resistant to MITM attacks. And before you go off on
another one of your psychotic rants read the page again. Especially the
part about the attack being CONFIRMED by visiting a third site.
>
> Ultimately resistant my XXX..
Considering what you claim to shove up said XXX, I doubt it's resistant
to much of anything at this point.
>
> But ::sigh:: you are probably talking about protection against MITM once
> the connection has been set up. Wake up call! Even IDEA protects against
> MITM attacks once the session key has been exchanged!
Keep guessing loon. You're not even close.
| |
| Anonymous Sender 2007-11-26, 7:17 am |
| Cyberiade.it Anonymous Remailer wrote:
> In article <47498ce4$0$3362$e4fe514c@dreader11.news.xs4all.nl>, Thomas
> J. Boschloo <nospam@hccnet.nl> wrote:
>
>
>
> That make absolutely no sense.
Does most of what Boschloon posts ever make any sense?
| |
| J(ohn|ane) Doe 2007-11-26, 7:17 am |
| Thomas J. Boschloo wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
>
> Anonymous Sender wrote:
> [snip]
>
> Your incompetence makes me smile.
Pretty much meaningless considering shoving your fist up your own XXX
makes you see God.
>
> If you host the site TOR is supposed to connect to, you don't need SSL
> in the first place.
>
> Just plug in a keyboard, mouse and disconnect your ethernet cable and
> you will be more secure than you can wish for with the use of SSL.
>
>
> Read is not enough these days my dear Watson. Sometimes the letters lie
> to you.
Maybe to a fruitloop like you, but not to sane people.
>
> Thomas
> - --
> A society with suicide bombers
> is a polite society
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.7 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iQB5AwUBR0mM7wEP2l8iXKAJAQG/OAMcDfEgMssOfJ+o1gVfja96a6YVZ7AlNx23
> DH9sZSPI8duvkRr56GyrisMGVqFzKiYfy97trRku
EinfgFZ/RHs1fK8pZNRluAiQ
> JMclpatuYrsBY0DKE8yns6+kavdPiXmXXJqvTA==
=Tmiw
> -----END PGP SIGNATURE-----
| |
| Cyberiade.it Anonymous Remailer 2007-11-26, 7:17 am |
| Thomas J. Boschloo wrote:
> But ::sigh:: you are probably talking about protection against MITM once
> the connection has been set up. Wake up call! Even IDEA protects against
> MITM attacks once the session key has been exchanged!
Um, actually not. That's one of the vulnerabilities found in IDEA that's
prompted the move to more secure algorithms. A certain percentage of IDEA
session keys (as implemented in PGP/etc) are always going to be weak.
Please don't let niggling little things like accuracy and facts keep you
from your incessant bickering, though.
| |
| Thomas J. Boschloo 2007-11-26, 1:12 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
Cyberiade.it Anonymous Remailer wrote:
> Thomas J. Boschloo wrote:
>
>
> Um, actually not. That's one of the vulnerabilities found in IDEA that's
> prompted the move to more secure algorithms. A certain percentage of IDEA
> session keys (as implemented in PGP/etc) are always going to be weak.
>
> Please don't let niggling little things like accuracy and facts keep you
> from your incessant bickering, though.
Never let the fact that you study at kuleuven and are as old as my
little sister keep you from pointing out inaccuracies to postings in
this group.
As your uncle Ben used to say: With great power comes great responsibility.
Thomas
- --
A society with suicide bombers
is a polite society
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQB5AwUBR0roYwEP2l8iXKAJAQHWdgMglE7KDNMd
7Qrzk/EE0HNuZ2i3lSJzUkux
S75A41kcMnojGkteYRHaeHI6JUHV5VgqUKncN52P
yMqILfdmX8fCviEv6+ySct2x
NKJp+6W+GNpPv+Hqla30v+CHOmpTTzFgHGzM/A==
=KpVS
-----END PGP SIGNATURE-----
| |
| Thomas J. Boschloo 2007-11-26, 1:12 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
Cyberiade.it Anonymous Remailer wrote:
> In article <47498ce4$0$3362$e4fe514c@dreader11.news.xs4all.nl>, Thomas
> J. Boschloo <nospam@hccnet.nl> wrote:
>
>
>
> That make absolutely no sense.
Researcher creates own SSL certificate
Researcher connects to this computer through TOR
Researcher gets another SSL certificate.
Is it really that hard to follow?
The researcher doesn't even need a Certificate Authority, even though
the attacker on the TOR network might file for one:
http://www.microsoft.com/technet/se...n/MS01-017.mspx
Read and acquire your sense,
Thomas
- --
A society with suicide bombers
is a polite society
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQB5AwUBR0rq2gEP2l8iXKAJAQHZdgMggWzU4m/iuWxB/r+jcr45ijNriM0FwlLJ
c1nO7pHkKJhzq+iEvxqIu2PtEMisWb8KSu0aZ9bV
sSx2bImzvgPdtmnzl+WAWwaP
/jGzDqtKgb6svnddsEaBa3RoPAlOFmH3Emdarg==
=lz2U
-----END PGP SIGNATURE-----
| |
| BadGuy 2007-11-26, 1:12 pm |
|
Cyberiade.it Anonymous Remailer <anonymous@remailer.cyberiade.it> wrote:
>alleged government BadGuys(tm)
Damn, I've been accused of a lot of things, but it's always been *by*
the government, and not being associated with one.
<>BFG
BadGuy
| |
| J(ohn|ane) Doe 2007-11-26, 7:12 pm |
| Thomas J. Boschloo wrote:
> Researcher creates own SSL certificate Researcher connects to this
> computer through TOR Researcher gets another SSL certificate.
So.... how does "researcher" know their SSL certificate has changed?
And why does researcher confirm findings at third party site, according
to your own cite?
> Is it really that hard to follow?
Not at all. That's why it's moderately amusing watching you fail to do
so. :-p
>
> The researcher doesn't even need a Certificate Authority, even though
> the attacker on the TOR network might file for one:
You do realize you just kicked your own XXX again. Sort of blew your "CA/
Trust" blubbering right out of the water. :-)
> http://www.microsoft.com/technet/se...n/MS01-017.mspx
>
> Read and acquire your sense,
Outstanding advice. ;-)
| |
| Thomas J. Boschloo 2007-11-26, 7:12 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
J(ohn|ane) Doe wrote:
> Thomas J. Boschloo wrote:
>
>
> So.... how does "researcher" know their SSL certificate has changed?
Because he created it and firefox plus vidalia produces another certificate?
Just because you failed to decrypt remailer traffic doesn't mean you are
the group expert on SSL encryption.
pwned
Thomas
- --
A society with suicide bombers
is a polite society
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQB5AwUBR0tFdQEP2l8iXKAJAQGYywMbBQ9ukCRq
D1GRrbiIb+k7aSiFm+1TVIyY
kEjjJqd7e3J7vWG4RjMm0eK+pkQknHtP9lUBC4LJ
tf5oMI0rWalsgDZxUEYES71Z
0tmPBqCAdWyftd1dWD9ocHRwX2oN1Hijwq5N8Q==
=Tq53
-----END PGP SIGNATURE-----
| |
| J(ohn|ane) Doe 2007-11-26, 7:12 pm |
| Thomas J. Boschloo wrote:
> J(ohn|ane) Doe wrote:
>
> Because he created it and firefox plus vidalia produces another
> certificate?
Oh come on loony, you can do better than that. How do we know the
certificates are different?
And why did you snip the part about verifying the results through a third
site for a second time, coward? Just to painful to deal with? Are you
that scared to face the truth Thomas?
> Just because you failed to decrypt remailer traffic doesn't mean you are
> the group expert on SSL encryption.
Already diving head long into your childish Frog/Eel accusations are you?
Feeling the heat of yet another embarrassment already?. We're already
getting your pathetic last ditch effort, and we haven't even begun to see
you get really trounced this time around. <snicker>
| |
| Thomas J. Boschloo 2007-11-26, 7:12 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
J(ohn|ane) Doe wrote:
> Thomas J. Boschloo wrote:
>
>
> Oh come on loony, you can do better than that. How do we know the
> certificates are different?
You look at them with a hex-viewer? Were you born stupid or did your dad
whack you on the head one time to many?
Thomas
- --
A society with suicide bombers
is a polite society
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQB5AwUBR0tUCgEP2l8iXKAJAQEz8AMfWDuq75nj
adj0TTQ5TP5C90BvUGsvFZlq
J3LdD088o7oLAPapoDwlUT0NVV+t1VsTcHrroMSR
UFZN2GeouxzwpI7Ea8y/E9H/
9C/lH6jOnpaPAMIZpP3RiAVnbDFNhM9oiml7jw==
=9eoL
-----END PGP SIGNATURE-----
| |
| J(ohn|ane) Doe 2007-11-27, 1:17 am |
| Thomas J. Boschloo wrote:
> J(ohn|ane) Doe wrote:
>
> You look at them with a hex-viewer?
Nope! In addition to your blatant dishonesty and cowardice, you obviously
don't even know what an SSL certificate actually is and how they're used.
No real surprises there I suppose.
This is the third time you've tucked tail and run from the fact that in
your own cite the "researchers" confirmed their findings via third party
sites. Do you believe that if you snip that part enough times it will
never have happened, and the rest of your imbecilic gibberish will
somehow become credible?
Not happening this day. Sorry.
> Were you born stupid or did your dad
> whack you on the head one time to many?
Poor projecting loon. I'm not the one kept under close supervision,
unable to even care for themselves. That my diaper wearing friend, would
be you.
| |
| Thomas J. Boschloo 2007-11-27, 7:14 am |
| J(ohn|ane) Doe wrote:
> Thomas J. Boschloo wrote:
[snip]
>
> Nope! In addition to your blatant dishonesty and cowardice, you obviously
> don't even know what an SSL certificate actually is and how they're used.
> No real surprises there I suppose.
Since you probably believe SSL certificates are meant to be stuffed up
your XXX, it is no surprise to me that you say things like this.
> This is the third time you've tucked tail and run from the fact that in
> your own cite the "researchers" confirmed their findings via third party
> sites. Do you believe that if you snip that part enough times it will
> never have happened, and the rest of your imbecilic gibberish will
> somehow become credible?
The value of a research is generally represented by the number of times
it is quoted by others. That is why you see the cites on the bottom of
every academic paper.
F-Secure's main site is a good place to have your security related paper
posted on. Even if it is not presented like a real academic paper.
> Not happening this day. Sorry.
>
>
> Poor projecting loon. I'm not the one kept under close supervision,
> unable to even care for themselves. That my diaper wearing friend, would
> be you.
Actually, I had one of my psychologists test my IQ and it turned out to
be quite high. Not a real big surprise because I had no trouble
finishing the first year of university in a single year.
I am many things, but I am not stupid. Not by any scientific measurement
that would count anyways. On the Eel scale and I probably the most
stupid thing in the universe.
Thomas
--
A society with suicide bombers
is a polite society
|
|
|
|
|