Thursday, 25 September 2014

140925

amanfromMars 1 Thu 25 Sep 05:08 [1409250508] having a say on http://forums.theregister.co.uk/forum/1/2014/09/24/bash_shell_vuln/
Re: Get a grip [@ John Sanders]
This is a quite serious problem I'm afraid. ..... John Sanders
Quite a game-changer would be another way to sum up the exploit and vulnerability vector, John. And something quite serious for the NSA's newly created Chief Risk Officer, Ms Anne Neuberger, to fluff and not ignore and realise is an opportunity to change a series of catastrophic intelligence disasters into something else quite different and increasingly more successful and engaging.
It is in more worlds and spheres of collateral influence than just IT and Media that Competent Cyber Warriors Reign Immaculately and Rule Imperiously. The secret though is to realise that in there/out there one be not alone, and there can be many who are considerably better skilled in the Right Dodgy Royal and Ancient Future Builder Arts. Such a wisdom keeps one sufficiently alert and far enough ahead of the games being played to be almost thought of as leading, and that may be thought of and treated by some into the Madness and Mayhem of FUD and Continuity of the Status Quo, as a Live Existentialist Threat, and that is surely a Monumental Mistake that Intelligence Services and Servers make in Orders in order to comprehensibly fail spectacularly.
..........................................................................

amanfromMars 1 Thu 25 Sep 11:20 [1409251121] having a say and posing a valid enough question on http://forums.theregister.co.uk/forum/1/2014/09/25/shell_shocked_not_yet/
Some Cream for that Coffee.
Ok, it's early and I haven't finished my coffee yet. Isn't this an injection vulnerability due to not escaping the remote input before using it to set the environment variable?
What is crafting the command which is setting the env with a function using the remotely supplied value?.....Chris--S
An
irregular and unconventional intelligence somewhat greater than the norm and for/from future operations rather than from/for past systems in present race overlode conditions/critical situations seems most probable and likely however inconvenient that might be to current executive admins. Chris--S.
I wonder if Kevin Mitnick is selling it? ....... http://www.wired.com/2014/09/kevin-mitnick-selling-zero-day-exploits/
...............................................................

amanfromMars 1 Thu 25 Sep 18:13 [1409251813] sharing a obvious truth on http://forums.theregister.co.uk/forum/1/2014/09/25/insider_threat_growing_warn_feds/
Too little, too late, and just so typical of a failed state.
Whatever the cause of a data breach problems, enterprises need an incident-handling plan in place before a breach takes place – rather than scrambling to deal with an emergence after the fact,…
An incident handling plan or a do no inequitable and evil business program? Only the one solves the problem and delivers the answers that are needed but it is disruptive and revolutionary and really fcuks up the systems as are presently being attacked daily and zerodaily because of opportunities exploited via unpatchable vulnerabilities/dark web holes/virtual channels.
And that is not a million miles away from dogged/Socrates’s observation ……. Socrates' solution was to properly train their souls, if that helps. …. although on a whole new plane/level of spooky understanding and daring do.
.............................................................

5 comments:

Casey Evans said...
This comment has been removed by the author.
amanfromMars said...

Does any one really care?

Uncle Sam might .... and struggle to do anything effective to counter the intelligence being shared.

But he does appear to realise that there is new vector and sector to be patrolled and assessed for risk management ...... http://cryptome.org/2014/09/nsa-14-0924.pdf

Casey Evans said...
This comment has been removed by the author.
Casey Evans said...
This comment has been removed by the author.
amanfromMars said...

You are breaking the law.
WHEN we go to court I am going to send you a bill of man hours lost because of your activities.


In some jurisdictions and worlds, Casey E, is the law realised as being an ass and for asses and a cynical instrument of selfish remote control for arrogants to rule and reign/lord it over ignorants. It certainly generates no fear or worrying concern for any into the Mastering of Internets and World Wide Webs for Better and Beta Future Greater IntelAIgent Games Play and Creative Cyber Space Command and Control of Computers and Communications.