| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: gwen at reptiles.org (Gwendolynn ferch Elydyr) Subject: Symantec Change Posting Criteria (was Re: Administrivia) I've CC'd this email to full-disclosure, so that those folks that aren't on pen-test are aware of the policy change to posting requirements on that list - and potentially to more of the securityfocus lists. It's interesting to note that the only list that appears to have an exemption from this type of policy or arbitrary action is bugtraq. On Mon, 7 Jul 2003, Alfred Huger wrote: > Recently someone posted a question regarding a product (CORE Impact) to > the list. These types of posts always make me leery because this industry, > being what it is, rarely has anything nice to say about anything. Being a > product vendor myself I am particularly aware of how ugly people can be. > Often, if not always, when these come out the competitors to the product > generate email addresses elsewhere and have their way. Or the vendor > itself does the same thing and pumps their product. When I first read this posting, I went and checked the headers, to see if it was a forgery. The style seemed rather unlike AH, and the content was (at best) distressing. To my chagrin, this actually appears to be valid email. > The list has 13,000 + people on it. Many of them decision makers so I need > to be fairly careful about this. So here are the ground rules moving > forward: > > 1. If you want to post about a product positive or negative you > cannot do so from a Huhsmail or other such account. > > 2. If you plan to post use your real name or do not post. > > 3. Be polite period. > > 4. Do not use this as a forum to take shots at your competitor or I > will see you and your company banned from every list we have here (except > Bugtraq). I have to ask. Why? Did the Symantec lawyers have a sudden bout of panic about potential defamation lawsuits? Are there so many posts to the list that contain problematic content? This isn't full-disclosure, the last time I checked. To the best of my knowledge, pen-test is a moderated list. Surely the moderator is capable of noting the difference between "Your product sukz0rs" and "The product proved unable to stand up to traffic above 100Mhz" - and of passing the appropriate posting through, whether it has "John Doe" or "thunderfallingdown" attached to it as a moniker. Beyond that, threats seem inappropriate. "...I will see you and your company banned from every list we have..." Has Symantec stooped to this level, or is this personal opinion. I lament the former list - and the free flow of useful information. cheers! ========================================================================== "A cat spends her life conflicted between a deep, passionate and profound desire for fish and an equally deep, passionate and profound desire to avoid getting wet. This is the defining metaphor of my life right now."
Powered by blists - more mailing lists