| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 29 Nov 2008 18:16:45 +0000 From: andrew.wallace <andrew.wallace@...ketmail.com> To: full-disclosure@...ts.grok.org.uk Subject: Lazy bum approach to security On Wed, Nov 26, 2008 at 5:49 PM, Mike C <mike.cartall@...il.com> wrote: > I'm sure theres no reason to doubt that. The fact remains full-disclosure is > where it all happens. You're taking yourself into a false sense of security there. If you sit on a mailing list like full-disclosure and expect everything to be brought to you on a plate you are mistaken. You can't take the lazy bum approach to security and say, everything I need to know is on full-disclosure. From my experience the majority of stuff goes on in the underground communities, full-disclosure is only essentially an announcement list, the rest is going on in individual communities. What you need to do is get yourself dug into the underground communities, you need to get yourself informants and build relationships with members of communities, you _really_ can't sit on full-disclosure and expect every security community and hacker community to bring everything to you. I'm not talking about the n3td3v group here because luckily I forward the key stuff to full-disclosure for the lazy bums who can't be bothered to engaged in individual communities and their members. Let me say though, the real intelligence isn't on full-disclosure its elsewhere. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists