[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: Re: [Full-disclosure] Evidence of fake security research from
From: "Thor (Hammer of God)" <Thor () hammerofgod ! com>
Date: 2010-01-31 23:48:46
Message-ID: optid.4647afe476.A876923A2C9CD44BA76505F58ECF089DAC28D6 () gandalf ! optimum ! bm
[Download RAW message or body]
What journalists, bloggers, and security magazines? I've not seen anything=
about these people anywhere.
t
From: full-disclosure-bounces@lists.grok.org.uk [mailto:full-disclosure-bou=
nces@lists.grok.org.uk] On Behalf Of Fabio Pietrosanti
Sent: Sunday, January 31, 2010 3:41 PM
To: full-disclosure
Subject: [Full-disclosure] Evidence of fake security research from SecurSta=
r GmbH
Ok, now we have the evidence: The research was a fake security research arr=
anged for a marketing campaign.
They was able cheat most journalists, bloggers and security magazines.
I don't remember in all my life a so irresponsible and dirty marketing tric=
k in the security world, abusing of hackers reputations.
Read below, they leaked the IP of the anonymous author of http://infosecuri=
tyguard.com and it's confirmed that it come from SecurStar GmbH office:
Evidence that infosecurityguard.com/notrax is SecurStar GmbH - A fake indep=
endent research on voice crypto<http://infosecurity.ch/20100201/evidence-th=
at-infosecurityguard-comnotrax-is-securstar-gmbh-a-fake-independent-researc=
h-on-voice-crypto/> (by me)
Dishonest security: The SecurStart GmbH case<http://infosecurity.ch/2010020=
1/dishonest-security-the-securstart-gmbh-case/> (by me)
Debunking Infosecurityguard identity<http://www.lastknight.com/2010/01/31/d=
ebunking-infosecurityguard-com-identity/> from Matteo Flora .
It's hilarious and unbelievable that a security company had done something =
like this.
Fabio Pietrosanti (naif)
On 30/gen/10, at 15:51, Fabio Pietrosanti (naif) wrote:
Hi all,
i don't know how many of you have read about the analysis done on http://in=
fosecurityguard.com .
I have made a detailed analysis of their initiative and the result is that:
- it's most probably a camouflage marketing initiative and not a independen=
t security research
- they consider a security context where local device has been compromised =
(no software can be secured in that case)
- they do not consider cryptographic security arguments
Below my analysis on this (read it carefully):
http://infosecurity.ch
Maybe it's interesting, maybe not, but for sure some facts are very relevan=
t!
Fabio Pietrosanti (naif)
[Attachment #3 (text/html)]
<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" \
xmlns:w="urn:schemas-microsoft-com:office:word" \
xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" \
xmlns="http://www.w3.org/TR/REC-html40">
<head>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 12 (filtered medium)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=EN-US link=blue vlink=purple style='word-wrap: break-word;
-webkit-nbsp-mode: space;-webkit-line-break: after-white-space'>
<div class=Section1>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>What journalists, bloggers, and security magazines? I’ve not
seen anything about these people anywhere.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>t<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<div style='border:none;border-left:solid blue 1.5pt;padding:0in 0in 0in 4.0pt'>
<div>
<div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'>
<p class=MsoNormal><b><span \
style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span \
style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> \
full-disclosure-bounces@lists.grok.org.uk [mailto:full-disclosure-bounces@lists.grok.org.uk] \
<b>On Behalf Of </b>Fabio Pietrosanti<br>
<b>Sent:</b> Sunday, January 31, 2010 3:41 PM<br>
<b>To:</b> full-disclosure<br>
<b>Subject:</b> [Full-disclosure] Evidence of fake security research from
SecurStar GmbH<o:p></o:p></span></p>
</div>
</div>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>Ok, now we have the evidence: The research was a fake
security research arranged for a marketing campaign.<o:p></o:p></p>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<div>
<p class=MsoNormal>They was able cheat most journalists, bloggers and security
magazines.<o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<div>
<p class=MsoNormal>I don't remember in all my life a so irresponsible and dirty
marketing trick in the security world, abusing of hackers reputations.<o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<div>
<div>
<p class=MsoNormal>Read below, they leaked the IP of the anonymous author of <a
href="http://infosecurityguard.com">http://infosecurityguard.com</a> and it's
confirmed that it come from SecurStar GmbH office:<o:p></o:p></p>
</div>
<div>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<div>
<div>
<p class=MsoNormal><a
href="http://infosecurity.ch/20100201/evidence-that-infosecurityguard-comnotrax-is-securstar-gmbh-a-fake-independent-research-on-voice-crypto/">Evidence
that infosecurityguard.com/notrax is SecurStar GmbH – A fake independent
research on voice crypto</a> (by me)<o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><a
href="http://infosecurity.ch/20100201/dishonest-security-the-securstart-gmbh-case/">Dishonest
security: The SecurStart GmbH case</a> (by me)<o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><a
href="http://www.lastknight.com/2010/01/31/debunking-infosecurityguard-com-identity/">Debunking
Infosecurityguard identity</a> from Matteo Flora .<o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<div>
<p class=MsoNormal>It's hilarious and unbelievable that a security company had
done something like this.<o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<div>
<p class=MsoNormal>Fabio Pietrosanti (naif)<o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<p class=MsoNormal>On 30/gen/10, at 15:51, Fabio Pietrosanti (naif) wrote:<o:p></o:p></p>
</div>
<p class=MsoNormal><br>
<br>
<o:p></o:p></p>
<div>
<p class=MsoNormal>Hi all,<br>
<br>
i don't know how many of you have read about the analysis done on <a
href="http://infosecurityguard.com">http://infosecurityguard.com</a> .<br>
<br>
I have made a detailed analysis of their initiative and the result is that:<br>
<br>
- it's most probably a camouflage marketing initiative and not a independent
security research<br>
- they consider a security context where local device has been compromised (no
software can be secured in that case)<br>
- they do not consider cryptographic security arguments<br>
<br>
Below my analysis on this (read it carefully):<br>
<br>
<a href="http://infosecurity.ch">http://infosecurity.ch</a><br>
<br>
Maybe it's interesting, maybe not, but for sure some facts are very relevant!<br>
<br>
Fabio Pietrosanti (naif)<o:p></o:p></p>
</div>
</div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
</div>
</body>
</html>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--===============1748749219==--
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic