| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: full-disclosure at nicepeople.org (Josh) Subject: Feeding Stray Cats I had given up on this thread as a loss, but I feel a bit of hope renewed. If you have posts to the announce list post to the open list, it will eliminate the issue of discussion. In this manner you allow those who don't have time to wade through all discussions to be able to weigh in on announcements at their leisure rather than slogging through 50+ posts a day. A similar model which worked well for this was the Attrition defacement list. Attrition.org had a government list which only sent out emails about .gov websites which many gov people had forwarded to their pagers, this would filter out the 300 other sites per day which were owned after the Unicode hole came out. The govt list posts were still sent to the full defacement list, it was just a nice method by which to filter it. If we could get someone to moderate announcements only (of which there are very few) or take announcements and cross post them to another announce only list, it would allow those who need the information in a timely fashion to get it, and be able to review and comment at a later date. Another option is to leave the announce list open, with the understanding that only announcements of a critical nature need be posted there, and that all other posts get posted to FD. I know I didn't need to read Paul's fight with morning wood, or the instruction of someone on how to return a firewall back to defaults (deny all). If people all replied to the posts with proper mail clients, I could just zip up the thread, but unfortunately there are some security professionals out there who don't know how to use their mail clients. If someone begins to abuse the announce list, deal with that topic at that point. Hopefully those who are subscribed would have enough common sense to not abuse the announce list. There IS a reason to change: You WILL drive away anyone with clue if we continue down the same track. My $.02 -Josh Stephen Clowater wrote: > True, But the problem with the announce list is it does take away the > disccusion of issues, which is what this list is about. The issue is > it has been polluted with crap, and bitching about that crap (ie - > This email :) ) and has deaparted from the breif, proffessional, > meaningful discussions about security issues, to a form that resembles > an IRC channel. > > The list really needs to be loosely moderated, at least for a while. > I'm not sure how practical it is to do that, Len could comment more > correctly on that point than myself, however, as for a open solution > (ie - not moderated), I really do not have any clue on how it could be > done. > > If anyone has an open solution, I think it should be posted to the > list and cc'ed to Len. I think this is one off-topic disscusion that > we need to have if full disclosure is to reamain a valid forum for > discussing in a meaningful, restrained, and proffessional manner > (pardon my spelling :) ) > > Steve > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20031113/f7497f8e/attachment.html
Powered by blists - more mailing lists