lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <see8639a.049@mail.cnbcbank.com>
From: David.Sentelle at cnbcbank.com (David Sentelle)
Subject: Morning Wood Poll

I've already cast my vote, but I think a simple yes/no is not sufficient for the real solution.

The real solution is to have a fully open full-disclosure mailing list, only for full-disclosure.  People not disclosing vulnerabilities or bugs would be warned then banned on repeat offenses.  

To resolve the issue of ongoing correspondence regarding disclosures made on the full-disclosure list, there would be a full-disclosure-DISCUSSION list.  That would be the 'noise' list, that would contain 99% of what is currently in full-disclosure.

This post should go to the discussion list.  Many of Morning Wood's posts would hopefully go to the discussion list, with the disclosures he's made going to the full-disclosure list.

Would the addition of a discussion list, and the policy change for the full-disclosure list, really cramp anyone's freedom of speech or the value of the full-disclosure list?



This e-mail and any files transmitted with it are confidential and 
intended solely for the use of the individual or entity to which they
are addressed.  If you have received this e-mail in error, you are 
prohibited from using, divulging any of its contents, or forwarding 
this email.  Please notify admin@...cbank.com and delete it from 
your system.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ