| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: lists at onryou.com (Cael Abal) Subject: A funny (but real) story for XMAS -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 |> "Join www.osvdb.org to make a better non-corporated vulnerability |> database since CERT sucks ! " | | CERT sucks? Humm... In my UNIX & Security college course, we're being | told CERT is a great resource for security-related information. Can | anybody else make a comment on this? Agree? Disagree? Hi Chris, Depends on which side of the fence you're on. CERT has been criticized in the past for being frugal with vulnerability information. They don't publish exploits, for one, which means k1ddi3z prefer FD. :) I remember CERT taking some flack about their Vulnerability Catalog becoming available by subscription a few years ago. Here's an article: http://linuxtoday.com/security/2001042600220SCLF Oh, and here's a link to the fees: http://www.isalliance.org/nam/index2.htm It seems that this database is what the people at http://www.osvdb.org are up in arms over. Interesting idea, their database is a little barren at the moment though. Additionally, one of CERT's security analysts was arrested for pedophilia-related crimes a few months ago. Folks who don't like CERT gloated for weeks. http://www.pittsburghlive.com/x/tribune-review/news/s_160861.html Realistically, CERT is a valuable resource, regardless. C PS: I have no interest in getting into a flamewar over CERT, disclosure, or pedophilia. Thanks in advance. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (MingW32) iD8DBQE/3w97R2vQ2HfQHfsRAtuOAJ98J3iOL7EwwI4h2x1ECodzGwtshwCcCMX3 dIufrfrWfNbrdBix4/XYKDE= =E/La -----END PGP SIGNATURE-----
Powered by blists - more mailing lists