[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <000501c3dedd$47de5e40$c6aea644@smokin>
Date: Mon, 19 Jan 2004 17:40:13 -0500
From: "Andrew Hintz ( Drew )" <drew@...rt.org>
To: bugtraq@...urityfocus.org
Cc: "'Alun Jones'" <alun@...is.com>
Subject: RE: What is the point here?
Before this thread erupts into a flame war, it might be worth re-reading
the BugTraq charter.
<http://www.securityfocus.com/popups/forums/bugtraq/intro.shtml>
<http://tinyurl.com/32zlc>
A quick excerpt:
"BugTraq is a full disclosure moderated mailing list for the *detailed*
discussion and announcement of computer security vulnerabilities: what
they are, how to exploit them, and how to fix them."
From: Alun Jones [mailto:alun@...is.com]
<snip>
> I really don't know why _you_ signed up for Bugtraq. Me, I
> signed up because someone posted an exploit for my software
> here some time ago, and didn't bother to tell me about it
> first. I'd like to think that isn't Bugtraq's purpose.
>
> I'd like to think that Bugtraq positions itself as something
> more than a semi-sneaky, behind-the-back-of-the-vendors rant
> group, or an assembly point for root-kit starters.
> Moderators, please stop accepting posts where the poster has
> stated specifically that they have not yet notified the
> vendor, or where the only new thing that is contributed is a
> more insidious version of an existing exploit. And posters,
> please consider carefully before you post whether what you
> post is going to contribute to an increase in security or a
> decrease in security. If you cannot claim that your post
> will help to improve security, then do us a favour and take
> it somewhere else.
<snip>
Powered by blists - more mailing lists