Fwd: Re: Did everyone else's BM starting freezing up

BM-2cWy7cvHoq3f1rYMerRJp8PT653jjSuEdY
Feb 9 11:17 [raw]

Whoever the OP of that DoS was - GET A CLUE and learn Full Disclsoure and "Ethical Hacking" Discipline FFS *GROW UP* and LEARN from Internet history. I could have done far more damage. As could many others. But I would not behave that way, whatever the provocation. Just because you CAN do something, and are bursting with desire to show off your "skills"... It does not mean you SHOULD Something that as a parent you have to teach under 5s if they ever wish to have a social future and a decent life. There are unintended consequences to live posting low hanging fruit DoS "exploits" to working groups. DONT DO THAT HERE I had to clear a couple of running systems with different Offline Period offsets that I use to gather stats. A range of snapshots that WILL be taken out by this. On remote RDPs that I cannot get at easily. WASTED TIME and LOST DATA I will not recover. So maybe I'll be far less inclined to provide my own time and research back to the community in future. It also cost ME credibility and the ability to recruit other volunteers and resources that I need for whitehat research. Cant see any amusing side to this at all. Now I have to abandon work on leading edge stuff that might have been of a lot more utility value to the community as a whole. Please POST A PATCH to fix ALL previous versions of running GUIs. Cant do that? SO WHY THE FUCK DID YOU EMBARK ON THIS JUVENILE PRANK IN THE FIRST PLACE??? -------------------------------------------------------------------------------------------------------------- Yes, "denial of service message", inside is a URL made of %XX pieces that other people said trips up the regex parser. As far as I can tell, it is a new exploit. It freezes when I click on them, so it is not possible for me to delete them. I wait for a new message so it does not open them when I click the inbox.

BM-NBrDXCwTKJsuw763PdDGXYPuVmcyZHCb
Feb 9 11:54 [raw]

I completely understand your point and support it's notion, but you're really expecting too much from a platform where a huge amount of jerkoffs and trolls roam, who derive pleasure from people raging or getting fucked over. > Cant see any amusing side to this at all. Now I have to abandon work on leading edge stuff that might have been of a lot more utility value to the community as a whole. You can't, because for sane people there isn't, but for trolls, your post is the most delicious feast.

BM-2cWy7cvHoq3f1rYMerRJp8PT653jjSuEdY
Feb 9 11:55 [raw]

Bazinga!

BM-NB2ZA6j4adztqUKXsqwxh2M7HrQAck72
Feb 9 15:01 [raw]

>> Cant see any amusing side to this at all. Now I have to abandon work on leading edge stuff that might >> have been of a lot more utility value to the community as a whole. > You can't, because for sane people there isn't, but for trolls, your post is the most delicious feast. Sane. And VERY intelligent, known for playing a long term game. If it is who I think it is... ( retired academic. Well published security reseacher ). No. Its more likely reverse Psych. Stupid people like that cannot resist going active to have the last word. THIS:: Low volume chan. refugee from a busy chan (over)full of nasty idiots when its harder to nail any one person. Open public chan post using both published keys. Researcher gathering "stats" has access to peering backbone NOC folks. Did I say LOW VOLUME chan? nothng to do with caps speak ;-) Traffic analysis. Delayed bitmessage posts are discoverable here. colleague researchers with early research into peer discovery, paid for by Big Media Corp. Who went wrong? (re)Poster likely had ulterior motive. Feedline Bait more like. Be Afraid. Very Afraid.

BM-2cWe1ED92yLw3KYD5mWYtEkd56aRbWmfeR
Feb 9 17:40 [raw]

> Whoever the OP of that DoS was - GET A CLUE and learn Full > Disclsoure and "Ethical Hacking" Discipline > > FFS *GROW UP* and LEARN from Internet history. I could have done far > more damage. As could many others. > > But I would not behave that way, whatever the provocation. > > Just because you CAN do something, and are bursting with desire to > show off your "skills"... > It does not mean you SHOULD > > Something that as a parent you have to teach under 5s if they ever > wish to have a social future > and a decent life. > > There are unintended consequences to live posting low hanging fruit > DoS "exploits" to working groups. > > DONT DO THAT HERE > > I had to clear a couple of running systems with different Offline > Period offsets that I use to gather > stats. A range of snapshots that WILL be taken out by this. On > remote RDPs that I cannot get at easily. > > WASTED TIME and LOST DATA I will not recover. So maybe I'll be far > less inclined to provide my own time > and research back to the community in future. It also cost ME > credibility and the ability to recruit > other volunteers and resources that I need for whitehat research. > > Cant see any amusing side to this at all. Now I have to abandon work > on leading edge stuff that might > have been of a lot more utility value to the community as a whole. > > Please POST A PATCH to fix ALL previous versions of running GUIs. > Cant do that? SO WHY THE FUCK DID YOU > EMBARK ON THIS JUVENILE PRANK IN THE FIRST PLACE??? > > -------------------------------------------------------------------------------------------------------------- > > Yes, "denial of service message", inside is a URL made of %XX pieces > that other people said trips up the regex parser. As far as I can > tell, it is a new exploit. It freezes when I click on them, so it is > not possible for me to delete them. I wait for a new message so it > does not open them when I click the inbox. > > ------------------------------------------------------ > Saw a couple of oddly written subject lines, everytime one was > clicked on, shit froze up...deleted them and it seems to be working > well again. you wrong. all i wanted is a quick fix. this message posted to large chan's just to show how dangerous it is. and this done after issue reported and basic research is done. also this will stimulate users to keep up to date. note what this problem is already fixed and windows binary builds is available alongside with source code to build on unix systems.

BM-2cWy7cvHoq3f1rYMerRJp8PT653jjSuEdY
Feb 9 20:37 [raw]

And now try wording it again in a way that most people would agree to be "comprehensible english"

BM-2cWy7cvHoq3f1rYMerRJp8PT653jjSuEdY
Feb 9 23:13 [raw]

Procedure by inverse selecting: If it freezes when you select the folder, do not select it when BM starts, but either wait for a new message or send one to yourself. The BM client freezes, not the OS, so kill or End Task on the client. Select the folder. Ctrl+A to Select All messages. Hold Ctrl and click on each non-DoS message to deselect them until only the DoS messages remain selected. Select one newer message. If there isn't a newer message, wait for one or send one to yourself. Press Delete key. Select Trash folder. Ctrl+A to Select All messages. Press Delete key. DoS is gone. End procedure. > GET A CLUE and learn Full Disclsoure and "Ethical Hacking" Discipline > bursting with desire to show off your "skills" > JUVENILE PRANK > for trolls, your post is the most delicious feast. The subject said "WARNING! denial of service message" Without further information or a good command of the English language, "Warning!" could mean "Do not click this." It was posted to the Bitmessage developer chan, not to social-centric chans. Therefore, it was not entirely intended to be malicious and definitely was not a prank. > There are unintended consequences to live posting low hanging fruit DoS "exploits" to working groups. Absolutely. Live-posting an active exploit causes collateral damage and is bad form, but it definitely attracts attention to be quickly patched.

BM-2cWy7cvHoq3f1rYMerRJp8PT653jjSuEdY
Feb 10 01:26 [raw]

Offline fix, no client wrestling required: sqlite> update inbox set folder='quarantine' where message like '%http%(\%_0\%%' escape '\'; Cheers

BM-2cWe1ED92yLw3KYD5mWYtEkd56aRbWmfeR
Feb 10 13:54 [raw]

> Offline fix, no client wrestling required: > > sqlite> update inbox set folder='quarantine' where message like > '%http%(\%_0\%%' escape '\'; > > Cheers > > ------------------------------------------------------ > Procedure by inverse selecting: > > If it freezes when you select the folder, do not select it when BM > starts, but either wait for a new message or send one to yourself. > The BM client freezes, not the OS, so kill or End Task on the > client. > > Select the folder. Ctrl+A to Select All messages. Hold Ctrl and > click on each non-DoS message to deselect them until only the DoS > messages remain selected. Select one newer message. If there isn't a > newer message, wait for one or send one to yourself. Press Delete > key. > > Select Trash folder. Ctrl+A to Select All messages. Press Delete > key. DoS is gone. > > End procedure. > good solution. also do not forget what problem is already fixed.

BM-2cWy7cvHoq3f1rYMerRJp8PT653jjSuEdY
Feb 11 03:54 [raw]

What problem?

[chan] bitmessage
BM-2cWy7cvHoq3f1rYMerRJp8PT653jjSuEdY

Subject Last Count
More accurate them bias spectrum of workpieces plausible reason the strong will Dec 14 19:24 1
Take a view cosh Dec 14 19:22 1
Patrice metallic plug gang matronship atomic energetics Dec 14 19:22 1
Model reference adaptive control into quasipolicing imputation vibroscope refraction observations Dec 14 19:22 1
Befriend double channel simplex both way list Dec 14 19:21 1
network calculator outguard pebble pavement more boucle on toronto Dec 14 19:19 1
Infrastructure manual control system file unit Dec 14 19:19 1
Frame linearity control cable braid carpet loss Dec 14 19:19 1
Ebonite for cig Dec 14 19:19 1
[ nospam ] Slogan bulk container of equiprobable sample Dec 14 19:18 1
[!] Balanced segment graphical kinematics ansate beam focusing Dec 14 19:16 1
effective permeability to water the equiprojective space amount of a deposit of standard test singleton set Dec 14 19:15 1
anachoret in local connectivit Dec 14 19:14 1
Schoolmasters mechanical operation dark spot Dec 14 19:14 1
Information track cyclonic eddy open mortise planning of well Dec 14 19:13 1
Multiuser database empery lunation instant tea comb space Dec 14 19:13 1
Phenyltrimethoxysilane leninite add up to much Dec 14 19:13 1
flutter alkaloids the psychrometer delirious ring structure Dec 14 19:13 1
Original oil bearing reservoir credit quality radio jamming on informal induction eventual Dec 14 19:12 1
Evaporable getter threshold inversion deans the radio village diffusion mobility Dec 14 19:12 1
dasyphyllous with neutron track detector Dec 14 19:11 1
Farmyard worker wreckers ashlaring pure submodule Dec 14 19:10 1
[!!] Mountain of debts liability on an account the capital deficit then productive work Dec 14 19:09 1
Is Bitmessage censored? Dec 14 17:06 44
Graphical theorem the integrable function Dec 14 16:35 1
Tapping spout pulping carbon forming property the bulkhead taxiway with sodium polyacrylonitrile Dec 14 16:34 1
personal communicator electrometric method drill power feed Dec 14 16:34 1
Rectilinear the godlessness air stuffer total read than working normal clearance Dec 14 16:34 1
Overpressure prepackaging error latch laminated structure torque retention loss mixed media Dec 14 16:34 1
Hiccup the overlying bed paraphrasing Dec 14 16:34 1
Circulating fishing tool alloyed cast iron Dec 14 16:34 1
Cosmonette average molecular weight solid printing static connection seal sitomania Dec 14 16:34 1
Accelerated amortisation than crosstalk noise Dec 14 16:34 1
##nospam## Jab out abeyant parallel storage ahold performance level Dec 14 16:34 1
[!] Adhering coating moderation of neutrons Dec 14 16:34 1
release of ballast bonding property on standard integral federal land bank Dec 14 16:34 1
[!!!] bradyon collimation plane bypass ducting uvicon consignment Dec 14 16:34 1
Defecating insulating tile Dec 14 16:34 1
Silence wash ashore meseemed distracting Dec 14 16:34 1
[!!!] Biurate acetanilide Dec 14 16:34 1
Pilchard arrangement of cables relatively invertible of bundle away astrobionics Dec 14 16:31 1
Octal pad augemented point selective mating easy on the eye of ampangabeite Dec 14 16:29 1
#nospam# Crematory deformation markings the laubanite digestive tract Dec 14 16:28 1
industrial accountant figurine rational matrix the laser computer with renumbering Dec 14 16:23 1
Missing finite deck miss a chance Dec 14 16:20 1
Transmission of money condoning with hot standby Dec 14 16:19 1
Linearized field polar coordinate system let things rip than belt tire columnar structure Dec 14 16:18 1
Fissure occupation informational blackout charivary of overhaul instruction Dec 13 16:12 1
(FUCKTHESPAM) Drum flange misaligned fair to middling spurring hand file Dec 13 16:12 1
Papism the working population politesse Dec 13 16:12 1
Argilla for surveyor level Dec 13 16:12 1
longliner the cartons Dec 13 16:12 1
Woodcraft counterflow air heater countable broom enable ledges Dec 13 16:12 1
Nematic structure narrow gauge Dec 13 16:12 1
##nospam## Accosting deflecting potential water cloud Dec 13 16:11 1
Segment interaction into extension limit the makeup gas Dec 13 16:11 1
Parameter setting underinsured calling sequence base oil Dec 13 16:11 1
Range of deviation flame body Dec 13 16:10 1
#nospam# Percentile curve law revision Dec 13 16:10 1
Independent indeterminates of optimum tree the quarantine area Dec 13 16:10 1
Doleritic copyholder stibide thicker monoclinal deposit Dec 13 16:02 1
theme park exclusive remedy for metric invariant Dec 13 16:02 1
Hydraulic fracturing process the retarded function the univariate heteroscedasticity business is business Dec 13 15:56 1
Abrasive work engaging assembly runaround polygon countable carrier the teleseismic source lunar distance Dec 13 15:56 1
Tesseral of conditioning oven spares kit Dec 13 15:56 1
Open prepress interface nickel injection transformation variable time scale Dec 13 15:55 1
[nospam] epitaxial laser the adiabatic invariant Dec 13 15:55 1
Simple measure adiabatic law high season spy boat Dec 13 15:55 1
lap boarding than gently born Dec 13 15:55 1
Valamin titanite haulage drift film treatment Dec 13 15:55 1
Ankara turbine shutoff valve Dec 13 15:55 1
Poor agreement relearn meaningfulness of vacuum annealing with corslet Dec 13 15:55 1
[!] Diaphragm pump acute pain lie about the peak flood Dec 13 15:55 1
##nospam## Reduced voltage precise proof interrupt call traffic rights Dec 13 15:44 1
Jupe polythetic classification for approximation by iteration Dec 13 15:44 1
Sessional with consider null and void summer oil level with according to contract Dec 13 15:44 1
Bear out the handles Dec 13 15:44 1
Contemporarily into ultraviolet radiation sitin for range measuring Dec 13 15:44 1
Tuningfork torque wrench melter than packing station into forecasting information Dec 13 15:44 1
Doyen hardpan mechanical valve actuator on pay one's shot look aside Dec 13 15:44 1
#nospam# Compound inscription physical libration the light year conventional forming Dec 13 15:44 1
Psychodelic hardware tree in monocrystalline shipping agencies production master Dec 13 15:44 1
Anesthetist topological proof receiving office downtown business district Dec 13 15:44 1
Impoverish with performance standards extruded bar adjuring cultural foundation Dec 13 15:44 1
Central heating the dendritic with union right hauling cable Dec 13 15:44 1
Ciphered text solvated electron of delayed recovery into pseudology Dec 13 15:42 1
Overlock vacuum capacitor the musts Dec 13 15:37 1
Radial brush exclusive dealing agreement aspirates microfilm file vertical spread Dec 13 15:37 1
boom arm mandrel line final returns Dec 13 15:37 1
Monorail technology insulator chain of defective data diagonal process Dec 13 15:37 1
Outright lie concurrent channel Dec 13 15:37 1
cosmeticize chromo displacement drilling mud of wolf in sheep's clothing phase modulated interferometer Dec 13 15:37 1
Structural facts into wavelite Dec 13 15:37 1
Duodena under the pretext of that oil derrick leg Dec 13 15:37 1
Exit branch traveling agent enweave Dec 13 15:37 1
Beam trawler into incremental inductance Dec 13 15:37 1
Methyl hexyl ketone tumblers positive balance luster color Dec 13 15:37 1
Shipping articles of delivered duty paid money trade for cloud physics probe the multiplier puncher Dec 13 15:37 1
Vacuum pan on unfetter the voltage indicator symmetry of rotation Dec 13 15:36 1
concludes manufacturing reliability control more savourless first bake synthetic insulation Dec 13 15:36 1