lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: full-disclosure at nicepeople.org (Josh)
Subject: Feeding Stray Cats

Paul,
How does one filter for stupidity?  We could use the Flesch-Kincaid 
algorithm (http://www.measurementexperts.org/term_pop.asp?ID=112), 
however that would make people who speak using words like 
"misunderestimated" float to the top.  

IDEAS:

The message I sent originally was laden with a bit of animosity as I 
have seen both public and private lists destroyed by similar patterns. 
 My intention was to encourage members to listen before speaking.

Here is the rubric that I would use if we could pull it off:
Post Rating 1-10
1 = OFF TOPIC
5 = Barely on Topic
10 = Spot on

We could develop a simple page to grade posts and posters, and if enough 
people contributed, we could then develop mean average scoring which 
would allow us to develop our own individual procmail filters.  This 
would allow each person to self moderate.  Slashdot is a similar 
example, however this would simply be an off list collection of data 
which could be used in whatever means each user would like.

 Better would be to increase the SNR (my apologies to those who noticed 
in my earlier post, I was busy being frustrated) by privately sending 
messages to posters who just don't get it to explain to them their 
errors, thus avoiding public humiliation/flame war.  I think that a bit 
of elitism/self policing would be in order.  While the charter is nice 
being as loose as it is,  it may be time to spell out in the charter 
certain tabu's. We could possibly develop a list ettiquette document 
which could be sent to those who are offenders to spell out the do's and 
do-not's of the list just a bit more clearly than the charter.  By 
creating a separate document, we can avoid screwing up the charter.

Another possibility is for new members to have a "waiting period" of a 
month or 3 where their posts will be moderated (this would solve the 
issue of pressing exploits).

All of those who are responding with the, "learn to use filters" or 
"deal with it" replys are going to contribute to the downfall of the 
list.  There are many lists which have gone this way.

My $.02

-Josh
full-disclosure@...epeople.org


Schmehl, Paul L wrote:

>>-----Original Message-----
>>From: full-disclosure-admin@...ts.netsys.com 
>>[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of 
>>Kenneth Ekdahl
>>Sent: Monday, November 10, 2003 4:38 AM
>>To: full-disclosure@...ts.netsys.com
>>Subject: Re: [Full-Disclosure] Feeding Stray Cats
>>
>>One way to solve this could be to split this list into two; 
>>one moderated and one un-moderated. All mail gets sent to the 
>>un-moderated list, to avoid the suspicions of censorship that 
>>makes this list different from bugtraq, and those mail that 
>>pass moderation, or is sent from someone who is known from 
>>previous posts to be serious, will also be sent to the moderated list.
>>
>>    
>>
>One of the wonderous things about computing is the distributed nature of
>it.  By spreading the work across many hands, the job is easy to do.
>Yet, what you are suggesting is that Len et. al. do all the work, while
>the people who get bugged by certain posts do none.
>
>A much better suggestion would be, "Learn how to use filters".  The
>people subscribed to this list are *assumed* to have at least a
>tangential interest in security.  Given that, one would *think* that
>they have at least enough capability to set up a simple mail filter
>(pick your poison, your choice of OS) that would eliminate the noise and
>still give them what they want.
>
>Paul Schmehl (pauls@...allas.edu)
>Adjunct Information Security Officer
>The University of Texas at Dallas
>AVIEN Founding Member
>http://www.utdallas.edu/~pauls/ 
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
>  
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20031110/c3c98a9e/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ