On Mon, Feb 11, 2008 at 04:34:18AM -0800, Manuel Ravasio wrote: Hey there, > Ok, I did understand THAT. > What I'm still missing is the relationship (if any) between a couple of > hashes and a possible breach in OBSD...
Well, if the guy genuinely had an exploit and wanted to keep the mechanism secret, whilst being able to prove that he had it back when he made that post, posting the md5 checksum would be a good way of doing it. Then in the future he could release the same .tar file which contained the working exploit and had the same hash as in the email and people would know he had had a working exploit since back then. What is much more likely, however, is that the poster is an idiot who is trying to spread FUD by that mechanism. -- joe. I'm always fond of Larkin and Eliot, but other modern poets...lost on me.
