lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20020723061249.GD15279@darkuncle.net>
From: lists_full-disclosure at darkuncle.net (Scott Francis)
Subject: On sf sell out

On Mon, Jul 22, 2002 at 09:18:48PM +0000, looseduk@...tape.net said:
> Is this list going to be archived? Then anyone will be able to google the 
> archives, and make off with whatever knowledge that ends up collected being 
> here.

It's the Net. That's one of the major features. If you have something to say
that you don't want random strangers finding, why would you say it in a
public forum to begin with?

You can always use the X-No-Archive flag, which may or may not have the
effect you desire.

IMHO there's entirely too much angst over the ability of some *gasp*
non-list-subscriber reading one's valuable pearls of knowledge in a search
engine rather than a MUA. What's the difference, anyway? If you want your
words to stay private, encrypt them, or use a private list or network. Expect
that whatever you say in a public forum will be hanging around for some time
to come. That's the way of the Net.

> I think that we are all angry that things happened the way they did with 
> securityfocus, and that's understandable. However, knee-jerk reactions will 
> get us nowhere fast. Perhaps something in the charter forbidding the sale of 
> the list, or assurances that exploit info isn't prostituted, etc. etc. would 
> be cool, and sufficient.

They would be pointless. Consider what you're proposing a bit more and see if
you don't reach the same conclusion. Trying to control the degree of
disclosure
of information in a public forum on the Net is an exercise in futility.

(Besides, list archival is a good thing - many questions have been answered 
for me thanks to google searches of old mailing list archives, or Usenet
posts. I think we'd all like to decrease, rather than increase, the number of
FAQs appearing on lists we frequent. Archives make this possible, even if
people seem averse to reading them.)

> --Joey

-- 
-= Scott Francis || darkuncle (at) darkuncle (dot) net =-
  GPG key CB33CCA7 has been revoked; I am now 5537F527
        illum oportet crescere me autem minui
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20020722/d7c8861e/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ