Skip to content

Instantly share code, notes, and snippets.

@pwnsdx

pwnsdx/response.txt

Last active Jul 23, 2017
Embed
What would you like to do?
Response to the new shitty pastebin regarding me
Hello,
Here is the last discussion I had with him (he dared mentioned me on a 10 days old topic and then when I give arguments to the very same topic or replies to his attacks I "harass" him): https://github.com/drduh/OS-X-Security-and-Privacy-Guide/pull/128
So I’m going to do this really fast to prevent making another blog post from happening again and wasting even more time.
Jonathan recycled an old pastebin he made to do some propaganda against me (https://twitter.com/pwnsdx/status/770353299140771840) so I'm going to clarify this here, point by point:
Diff between both pastebin: https://i.imgur.com/TRqgn5g.png
1. Please give me proofs of these false claims
3. True. Sorry for making mistakes. The ironic part is that I disabled Gatekeeper to install your tool as I got weird bugs in early alphas then I forgot to reenable it. You also removed an interesting part, don't you?
5. False. I came to help. You can read my blog post again and again if you want.
5. These vulnerabilities are critical if I say they are, bypassing a firewall can be considered as critical? Yes.
5. Btw I mentioned the word critical before your LIMITATIONS section in the LF README which has been added after my blog post. I don't use this word anymore as you can see.
7. False, I never insulted your software, Patrick's softwares, Patrick or you (until you block me from everywhere for no reason but I think this is an acceptable reason). Nice text changement btw.
9. False. Never said it was a major exploit but this is something. Please quote when I say what you claim.
11. Extremely exaggerating (you said I was a troll first (see my blog post), I just answered you and reported another vuln)
13. False you didn’t credited me anywhere and it was a Low severity since the beginning: https://gist.github.com/pwnsdx/78b2a1e44c971b9e0127fd569395fc47#file-ff-sh-L41
15. I know how to code thanks, I’m not expert in C yes but this isn’t the only language in the world
15. Again, these vulnerabilities are critical in the scope of you app (at least before the LIMITATIONS section which once again, has been made after my blog post so after all of this)
17. False, it’s not misleading. A single cc isn’t pestering otherwise everyone is pestering you and hey, they RT’d so… ;)
19. From “doing the right things in trying to find random crazy shell stuff” we came to “amateur-hour shellscript nonsense”
19. False. I never said it was critical but medium and this is far from ridiculous (https://gist.github.com/pwnsdx/78b2a1e44c971b9e0127fd569395fc47#file-ff-sh-L26)
Needless to say, my blog post have real proofs including many that have been intentionally deleted while his shitty pastebin is just BS from almost A to Z without any proofs.
This is my last long message. It takes time to write good text so everyone understand that what Jonathan says is BS (English isn't my native language).
Many thanks for reading this,
Cheers!
@adouble42

This comment has been minimized.

Copy link

@adouble42 adouble42 commented Jul 23, 2017

150% support this message and i don't even know who this jonathan is yet
is mind numbing how people respond to disclosure though
good friend is having similar reactions to disclosing some vulns now, they practically shot the very kind messenger who brought them back to the first...
meh....i hail from bugtraq era...do not understand these damned kids on lawn

@adouble42

This comment has been minimized.

Copy link

@adouble42 adouble42 commented Jul 23, 2017

gather should read the pastebin, lost a lot of sleep but ported libntru to arm-none-eabi, involving designing and implementing TRNG and a baremetal system with touch, SD and such on cortex m7; am currently rewriting startup code; bonering up on the assembler, etc...will be up here when cleaner, right now, chasing stack pointer like dog and mailman. you being crypto, i can't fit a lot of this on git yet but if you're in to ntru the build i have, that part, is a-ok for STM32 arm-none-eabi. just had to police some indianness and bit twiddling functions, i love ntru...is going to be, hybrid analog voice encryption using dsp, think this http://www.google.com.pg/patents/US4232194 i haz the stream cipher and key exchange figured out, as in, running, and the baseband chipset (which is separate of course) figured...just need to nail the dsp, that will be losing much more sleep but actually, not so much...i think, getting the uart to play nice with the PLL i need for the SD card and balancing that DMA is the hard part, i just looked at some DSP DMA code for M7, that was confusing some weeks ago, is like inverse fft now, inverted back to understandable

@adouble42

This comment has been minimized.

Copy link

@adouble42 adouble42 commented Jul 23, 2017

not actually an old hardware des encryptor like in the patent of course but the hamming, fft, stream cipher in code with modern ciphers...they'd need someone with suspenders to come out and hear the analog joy, before they realised, is post quantum analog joy. plus i am analog nerd, and know many of this kind of nerd. is love

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment