[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RE: "Ian Murdock" Death


Thank you for the questions and the responses.

  * This is a real investigation.

  * The messages are flagged with "CONFIDENTIAL" because it
    has legal and federal/international court significance to all
    recipients of the information and generates additional protections
    of such for people that abuse/misuse the information.

  * Congressional and other reviews related to information
    security, information classification, and the like is
    currently occurring.  It is possible this sort of thing
    may be added to core Internet infrastructure in the future
    along with new core data features.  It is also possible
    Debian may be reviewing these standards on an engineering
    basis to resolve a significant number of complicated
    privacy and legal problems that are occurring and causing
    great harm and misery to many people.

  * The name "Ian Murdock" does not initially appear to be
    present in any of the Wayback Engine's Archives of this
    page:  https://www.debian.org/intro/organization

  * Please review for yourself:

  * I have personally been a user of Debian for approximately
    15 years and developed an application called "AutoNOC"
    for which the history can be reviewed here and am now
    working on some new things now for which Debian is a

  * I am also currently reviewing all LSB distributions trying to
    identify the build that is the most secure, high-integrity,
    and trust-worthy.

  * As a result of new technologies, information in this message
    may, in the future, "cease to exist", as a result of new
    privacy and other technologies being debated.  The message
    is also submitted in this manner to spark related debate
    as to this sort of technology.

Can anyone explain why "Ian Murdock" appears to have "died in national
news by way of committing suicide after an alcohol and women fueled
event that led to an altercation with police"?

And why isn't his name listed in any of the leadership archives
on Wayback?

Thank you for your assistance in providing clear, accurate answers.


Dnia 2016-07-15, pią o godzinie 16:18 -0700, Kyle Lussier pisze:
> Hello Debian / Savatore -
> I am investigating the death of Ian Murdock and also a debian user.
> * Debian's core MIT distribution may have been compromised by
> "Ian" internally to get into one of our servers.
> * Can you confirm that "Ian Murdock" was the "ian" in debian?
> * Can you confirm that he is actually dead/committed suicide?
> * If not, did he fake his death? Perhaps after compromising
> servers intentionally and committing many felonies?
> The coroner and related PD have not responded however several
> federal agencies are aware of the issue.
> This is a very serious matter.
> Thank you for your assistance! 
> Kyle
> -------- Original Message --------
> Subject: [SECURITY] [DSA 3620-1] pidgin security update
> From: Salvatore Bonaccorso <carnil@debian.org>
> Date: Fri, July 15, 2016 12:03 pm
> To: debian-security-announce@lists.debian.org
> Błąd podczas weryfikowania podpisu:
> Hash: SHA512
> gpg: nagłówek opakowania: 
> -\r\n
> gpg: niepoprawne oznaczenie linii
> minusami: 
> -------------------------------------------------------------------------\r\n
> gpg: nieoczekiwane opakowanie: 
> Debian Security Advisory DSA-3620-1
> security@debian.org\r\n
> gpg: niepoprawny nagłówek
> opakowania: 
> Content-Type: application/x-inlinepgp-signed; charset="utf-8"
> Content-Transfer-Encoding: quoted-printable
> Hash: SHA512
> -
> -------------------------------------------------------------------------
> Debian Security Advisory DSA-3620-1 security@debian.org
> https://www.debian.org/security/ Salvatore Bonaccorso
> July 15, 2016 https://www.debian.org/security/faq
> -
> -------------------------------------------------------------------------
> Package : pidgin
> CVE ID : CVE-2016-2365 CVE-2016-2366 CVE-2016-2367 CVE-2016-2368
> CVE-2016-2369 CVE-2016-2370 CVE-2016-2371 CVE-2016-2372
> CVE-2016-2373 CVE-2016-2374 CVE-2016-2375 CVE-2016-2376
> CVE-2016-2377 CVE-2016-2378 CVE-2016-2380 CVE-2016-4323
> Yves Younan of Cisco Talos discovered several vulnerabilities in the
> MXit protocol support in pidgin, a multi-protocol instant messaging
> client. A remote attacker can take advantage of these flaws to cause a
> denial of service (application crash), overwrite files, information
> disclosure, or potentially to execute arbitrary code.
> For the stable distribution (jessie), these problems have been fixed
> in
> version 2.11.0-0+deb8u1.
> For the testing distribution (stretch), these problems have been fixed
> in version 2.11.0-1.
> For the unstable distribution (sid), these problems have been fixed in
> version 2.11.0-1.
> We recommend that you upgrade your pidgin packages.
> Further information about Debian Security Advisories, how to apply
> these updates to your system and frequently asked questions can be
> found at: https://www.debian.org/security/
> Mailing list: debian-security-announce@lists.debian.org
> Version: GnuPG v1
> BsNBvRlp1XhhshzoBAWZSBTKFi4jqilOZUgjsHO76nHS7j0J4wzoWc36ZIp23O5p
> KX9+A87ZdS4C3hI1YGgTdCcMTKSnWIrS1YcOW/0qBx7jdXt5EhFPKJa/byhHsp23
> zguJ+glemJQ9uqpylc5om2udV4u9U5Nnc+Ga92zeR7Kefs20yRTLOef4Pd69LPwh
> +zM0/qkI+JMii0yMpMJsIpMsXzQvzvgd4E6r3+NrWOHOCoZ8XZD4UvsR3Bnw8nvg
> ed+hg2nj3uMWgXtv4Bdx+yUxsWdRFSjpiD1EXWmvzREgmDdrlnCGZB3yQbepA0Yi
> lHsHEAwq3GZalLAeW8lwIQVaSLSREO6ZxcY7OxG2vdYzbkoQKCK7K4rR4T3yxB83
> tAvYWRxCTMaeRxqUgLEAq0iMqQhvrmNDDEt5VVsE1bSn9gig6MkSGepFdzx4Yipq
> +a8XUgJt8tLbpuTD9Pg9Ig8Mee0SaHSxr8bP6fFlfJu0Wt59MKn3wNzcqPhb+3Ie
> FtLyo6XBC4hnsoVlRT569fwkuYaI/kptT95tKiqyYI+RFnSW0WP4dycmo2pHOuIP
> mckCbAM7s+vuCGe1YQHJiOCeTrIDKAkKPbudjBL/g2zbcY+KayMXTvZbbW+ma8c0
> wMiDOiIYUd4xMSvjBeF0
> =3DQNWs

Reply to: