From: security curmudgeon (jericho-attrition.org)
To: Bill B (mrbilldfd@yahoo.com)
Cc: Heathens (staff-attrition.org)
Date: Thu, 11 Nov 2010 15:55:49 -0600 (CST)
Subject: Re: WTF?


On Thu, 11 Nov 2010, Bill B wrote:

: Why is this file being published? So we can all get spammed?

To show the world that ISC2 doesn't care much about security. It was
taken from their site, they made the information public.

: http://attrition.org/misc/ee/20050426-cissp.txt

From: security curmudgeon (jericho-attrition.org)
To: Bill B (mrbilldfd@yahoo.com)
Bcc: lyger (lyger-attrition.org)
Date: Thu, 11 Nov 2010 20:18:14 -0600 (CST)
Subject: Re: WTF?


On Thu, 11 Nov 2010, Bill B wrote:

: As far as I know, ICS2 is no longer publishing it. But you ARE.

As far as we know, they are. And we know because we checked in the last
month or two, and the entire list was still available. We can post an
updated copy if you like.

: Please remove it.

The entire thing? No thanks.

From: security curmudgeon (jericho-attrition.org)
To: Bill B (mrbilldfd@yahoo.com)
Date: Thu, 11 Nov 2010 21:00:42 -0600 (CST)
Subject: Re: WTF?

: I will pursue this with ICS2 if what you say is true. If they fix their
: problem, will you fix yours?

Feel free to do so, we tried in the past. They have "fixed" it three
distinct times that we are aware, each time circumvented by a trivial
variation in the requesting method.

: I fail to see what you are proving by replicating a bad practice. Why
: don't you try to fix it, instead of propagating it?

Why do you assume we haven't tried? Would it surprise you to hear that I
am on a first name basis with their counsel? =)

: WikiLeaks is doing the same type of thing...making a statement. In their
: case, however, people will die as a result of their righteousness. In my
: mind, that makes them murderers. At least you are not killing people.

You are honestly comparing us hosting a list of names and e-mail
addresses, to Wikileaks, who published tens of thousands of documents that
likely were taken from classified systems and released illegally?

Wow.. just wow..

: In the meantime, a bunch of folks that are trying to make computing more
: secure will keep dealing with spam - thanks to you.

We deal with the spam too. I'd bet you a shiny nickel I get more than you
do.

: Keep up the great work.

Thanks! Ten years and still going strong..

From: lyger (lyger-attrition.org)
To: security curmudgeon (jericho-attrition.org)
Date: Thu, 11 Nov 2010 21:13:57 -0600 (CST)
Subject: Re: WTF?

On Thu, 11 Nov 2010, security curmudgeon wrote:

:  : Keep up the great work.
:
:  Thanks! Ten years and still going strong..

Twelve.

Created On:07-Oct-1998 04:00:00 UTC
Last Updated On:25-Aug-2010 17:38:35 UTC

From: security curmudgeon (jericho-attrition.org)
To: lyger (lyger-attrition.org)
Date: Thu, 11 Nov 2010 21:15:10 -0600 (CST)
Subject: Re: WTF?

I CAN'T COUNT

HALUGGHGUHGUGH

On Thu, 11 Nov 2010, lyger wrote:

: On Thu, 11 Nov 2010, security curmudgeon wrote:
:
: :  : Keep up the great work.
: :
: :  Thanks! Ten years and still going strong..
:
: Twelve.
:
: Created On:07-Oct-1998 04:00:00 UTC
: Last Updated On:25-Aug-2010 17:38:35 UTC