lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 15 Sep 2008 23:17:58 +0200
From: "Nicola Del Vacchio" <nicola@...vacchio.it>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: [RFC] Very Low Signal to Noise Ratio on FD

No way!
The list is effective because it is unmoderated, full stop.

btw the only filter I apply is to trash NetD4v (all messages containing that
lame word).
nicola

2008/9/15 Stack Smasher <stacksmasher@...il.com>

>
> I would never think of filtering FD, the colorful comments are what make
> this list classic! Filtering it out would be a tragedy and a crime against
> humanity.
>
>
>
>
>
>
>
> On Mon, Sep 15, 2008 at 3:45 PM, Od Orf <mr0d0rf@...glemail.com> wrote:
>
>> Dear All,
>>
>> I've been reading Full Disclosure for quite some time and, for the
>> most part, value the content I find here.  It helps me with my work
>> and helps me keep abreast of developments in the wonderful worlds of
>> network and application security.
>>
>> In this post, I seek to spark some discussion as to how this
>> unmoderated list might improve it's effectiveness with regard to
>> "self-policing" and how subscribers might employ methods to filter
>> extraneous content whilst retaining that which is truly valuable.
>>
>> On a personal level, I have tried in the past to filter out posts
>> which fail to meet certain criteria using both blacklists and
>> whitelists of content keywords.  I've found these to be ineffective in
>> so much as either filtering the signal or not filtering the noise to
>> varying degrees.  I've tried blacklisting email addresses where the
>> content is often of little value, but again this is not very effective
>> at filtering out noise (although it usually has very little negative
>> impact on the signal).
>> These methods have taken-up far too much time to implement and manage
>> for their levels of effectiveness and perhaps exceed the time spent
>> manually reviewing posts to determine their worth.
>>
>> Many of you would no doubt agree that the dissatisfaction with the
>> level of noise is oft expressed (which often generates further noise).
>>
>> One possible solution which would require consensus might to be apply
>> lessons learned by parents and other adults with responsibility for
>> children.
>> When dealing with a child displaying anti-social or otherwise
>> undesired behaviour, one should not engage the child at that same
>> level.  For example, one should not retort as this implies permission
>> and complicity.  Instead a clear indication should be given that the
>> behaviour of the child does not meet the required level of
>> desirability.  This should be done in a non-threatening, but
>> authoritative response and delivered in an articulate and consistent
>> manner.  The key is to set clear boundaries.
>> Failure to stay within clearly defined boundaries carries a penalty,
>> such as a child time-out (naughty-chair) where the child is removed to
>> an area where they are unable to participate but can observe the
>> continuation of normal activity.
>>
>> Obviously I am not comparing any FD users to children nor suggesting
>> they be treated as such, but I think that an approach similar to this
>> may have some merit for dealing with the phenomenon of noise
>> escalation which often occurs in response to a noisy event.
>>
>> If, for example, a message was posted to the list which was perceived
>> to be undesirable, disrespectful or otherwise noisy it might help a
>> great deal if firstly the poster were gently chided with respect to
>> their post and secondly the post elicited no other response and
>> certainly none which might be perceived as undesirable.  The latter I
>> think is most important because without such responses, there is a)
>> less noise generated and b) less fuel for those who repeatedly post
>> trivial and useless or inflammatory material.
>>
>> Finally, I should say that I am acutely aware that this post may
>> itself be construed as noise, but I hope humbly that it is received in
>> the spirit with which it is meant.
>>
>> I welcome your ideas and recommendations.
>>
>>
>> Sincerely,
>>
>>
>> Iain O'Dorf
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
>
>
> --
> "If you see me laughing, you better have backups"
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



-- 


======================================
Nicola Del Vacchio
nicola@...vacchio.it
======================================
CISSP
Microsoft Certified Professional MCSE:Security
CompTIA Security+ Certified Professional
======================================

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ