lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: nick at virus-l.demon.co.uk (Nick FitzGerald)
Subject: Administrivia: Vacation Messages - Update

KF <dotslash@...soft.com> wrote:

> >So warning idiots of their grave lack of security clue is off-topic 
> >for a "full disclosure" computer security mailing list?
> >  
> I certainly don't think that was the point... I believe it was the fact 
> that it has happened quite often and that it is unneccessary to cc the 
> entire list every time this happens. There is a big difference between 
> warning someone of "lack of security clue" and notifying the entire 
> list. The last few auto responders I have seen simply turned into a 
> shark like feeding frenzy on the individual that turned the auto 
> responder on... there has been no benefit to the list in the discussions 
> that occur. I believe they are only trying to decrease the amount of 
> noise on the list.

The feeding-frenzy and noise issues are, like it or not, generally 
part of the "joy" of unmoderated lists.

As for your suggestion that nothing useful or of value has come from 
these discussions, I beg to differ.  Recently there was a very 
informative debate about the actual legal value of those (all too 
common) automatically attached standard disclaimers.  Not directly 
security related in the sense that it disclosed a code vulnerability 
some significant percantage of list members should know about, but 
still security-relevant, at least in the big picture sense.  Such 
tidbits are very unlikely to be available in more heavily moderated 
fora unless the moderators are especially insightful, which few 
currently seem to be...


-- 
Nick FitzGerald
Computer Virus Consulting Ltd.
Ph/FAX: +64 3 3529854

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ