lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.NEB.4.53.0306120030450.849@sabre.xexil.com>
From: aliver at xexil.com (aliver@...il.com)
Subject: Re: Please Vote Today

> I've created a poll to address this "Morning Wood" issue.

	I'm surprised. I expected more from you, Len. Did you really
create this list with the belief that a few immature or unsavory
individuals wouldn't attempt to grandstand and act the fool next to
legitimate researchers? If you didn't consider this possibility then you
are naive'. If you did consider it, then make no mistake, you are now
vacillating on the tenability of an unmoderated security list.

> Quite a few people have been contacting us in regards to his behaviour on
> the list and needless to say no small number of people have left the list
> because of recent activity.

	These are people who are too ignorant or impatient to use procmail
or their client's built in mail filtering (and heaven forbid they actually
just _skip_ the message). I say, good riddance to bad rubbish. Even in the
remote chance that they did actually have something to contribute, then
they would have eventually left anyway due to their prudish nature. This
list so far has been no-holds-barred, and there may well be a few smart
people who simply can't stand a pottymouth ... *shrug* not much to be done
about that.

> http://www.netsys.com/cgi-bin/poll?pn=7

	Did you even take into consideration that the results of your poll
will be totally inaccurate since all that's required to vote is a new IP?
I have around 300 hosts with separate IP's at my disposal (legitimately)
and if I had a mind, I could easily alter the results. So also, could any
number of other subscribers.

> We'll wait a week before taking any action.

	Hopefully, you'll realize what a silly idea this was and stick to
your guns. Either support unmoderated full-disclosure or shut the list
down, get out of the way, and let someone with more fortitude make a more
serious effort.

> Note: We can moderate individuals who are problematic but we are loath to
> actually remove someone from the list because there is always hope for
> improvement.

	Personally, I'd rather someone be unsubscribed rather than
directly censor messages. If someone (like a few of the hush.com idiots)
were trying to DoS the list, then you unsubscribe them. They are not
trying to express themselves or discuss security, but rather intentionally
attempting destroy the list with a blatant attack.
	Morning Wood is just an immature kid who, for some reason, wants
to participate in a discussion about 'security' and 'hacking' even though
he doesn't have anything of substance to say. I for one either laugh at or
delete the mail I get from him. If it really bothered me, I'd have
procmail filter it out as I do with more malicious posters.
	What puzzles me is that after all the list has been through, you
are only taking a real stand on this issue now? Is it due to the fact that
people are leaving the list? If so, that's pretty weak. The slew of "oh
yeah I'm leaving too, yeah." shouldn't phase you. I encourage you to keep
the list unmoderated even if it means you and I are the last goddamn
people to unsubscribe. Don't knuckle under just because a few lemmings
went and unsubscribed after a public display of their lack of mail
filtering skills.

> I am optimistic that if people can be made aware of their anti-social
> behaviour they often change for the better.  We're all human and we've all
> got our faults!

	Don't be so optimistic, in this case. Some people will continue to
make asses out of themselves and wrack the nerves of others who allow
themselves to be bothered. Moving forward, I think there is hope that you
will realize that moderating or unsubscribing folks from this list because
their posts are immature, inflammatory, or for any reason other than they
are DoS'ing would mean that this is nothing more than a lower quality
Bugtraq. Moderation is moderation, regardless of how strict or liberal the
moderator is, the posts are still subject to their discretion. The whole
reason I'm here is that the list is open to all without fear of
authoritarian moderation. I won't abide moderation here. I'm already
subscribed to Bugtraq. So please, don't get weak in the knees on me now.

aliver

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ