lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <3FB42603.4050709@nicepeople.org>
From: full-disclosure at nicepeople.org (Josh)
Subject: Feeding Stray Cats

A preface to this message:
I am not partial to ad-hominem attacks, nor feeding flame wars.  I feel 
however, that this is the only way to communicate with the individual I 
am replying to.
My apologies for the chaos I am about to create.  I am through with this 
thread after this post.
-Josh

Paul,
So far, every comment you have made has been inflamatory.  It was enough 
to chime in with the "You'll never succeed in affecting change" post 
once in this thread.  If you have something constructive to add, it 
might be worth hearing.  From what I have read about you and your 
organization(SEE BELOW),  you promote a structure much like what I am 
proposing.  The only difference is that yours is a member's only 
organization, definitely not friendly to full disclosure, yet you 
pitched a fit at morning_wood over his decision to withold source to a 
purported exploit.

Not to endorse morning_wood in any way, but:

" So there's the 1% l33ts like you, and then there's the 99% of the 
human populace that has other things to do besides squirrel around with 
code. I get it."
Then there is you, who would rather sit and whine than learn to code.

"I learned in high school (which was a long long time ago) that there 
are those that say they can do something, and then there are those who 
don't say anything but do a lot. You appear to fall into the first 
category based on your ramblings."
You don't say alot, just the same thing over and over again.

It is people like you who will drive this list into the ground.  The 
only reason you are here is to hear yourself talk and possibly to get 
some 0-day sploitz that you can impress your computer lab buddies with.

I once was in a position like yours:  During college, I managed all of 
the VHDL and drafting labs,  I had to sit in a lab all day and roll up 
e-size plots as they came off of the plotter, read logs, read email, and 
make sure workstations/servers were up.  I was called a computer 
security person because I created and handed out accounts on the 
engineering unix systems.  Back then, that job left me with enough time 
to sit and fight out flame wars on many lists.

Not everyone works in academia, nor does everyone have as much time as 
you do.  Many on this list have more experience than you 
do.(http://www.utdallas.edu/~pauls/plsresume.html)  Why don't you try 
listening instead of constantly being a nay sayer?

I have a distaste for bugtraq and believe this list could become a 
complete surrogate for it if it were handled correctly.  

I have read this list for a long time, and have chosen not to get 
involved, however I think it is about time to stand up for a resource I 
consider valuable.  In the past slogging through the discussion was 
bearable, however, times change.

We MUST adapt lest we lose ALL those with clue. (People post for credit, 
if there is no-one here worth posting to, it is unlikely that they will 
post)

-Josh



*********************************************************************************************
AVIEN Membership Requirements
AVIEN Membership is restricted to professionals, working in 
organizations, and meeting the following criteria:

They do not work for an organization that commercially sells or markets 
Anti-Virus software/hardware or related products
They manage or are responsible for a user population in excess of 1500 
(if you don't quite meet this requirement, please feel free to submit 
your application anyway - we'll take other factors into account, if 
warranted)
They agree to abide by the group rules as described here and below.
Specific AVIEN Terms and Conditions will also apply and members will 
understand that all violations will be dealt with by an elected 
Disciplinary Committee.
Membership is at an individual level, not corporate. Membership does not 
imply endorsement in any shape or form of the organizations employing 
members.

Mailing Lists - AVIEN members can subscribe to more than ten mailing 
lists, including:

- AVI-EWS Alert: provides alert notifications (very low traffic)
- AVI-EWS Advisory: provides updates on potential threats (low traffic)
- AVI-EWS Virus Discuss: a forum to discuss viruses and other malware 
(medium-high traffic)
- AVI-EWS Talk: talk about Anti-Virus topics in general (medium traffic)
- AVI-EWS Vuln-Discuss: talk about security vulnerabilities which may be 
connected to malware (medium-low traffic)
- Product certification: discussions on how to test and evaluate 
anti-malware products (low traffic)
- Free tools: discussion on free software tools which can be used to 
fight malware (low traffic)
- Cooperate: a list for discussing how we can work together to make it a 
safer computer world
- SMB Lure tool: discussion on the SMB lure software tool which is used 
to track worms (the author of this tool participates).

As well as a mailing list to discuss management of AV solutions and a 
number of AV product-specific lists.
**********************************************************************************************



Schmehl, Paul L wrote:

>>-----Original Message-----
>>From: full-disclosure-admin@...ts.netsys.com 
>>[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of 
>>Stephen Clowater
>>Sent: Thursday, November 13, 2003 8:58 AM
>>To: Jonathan A. Zdziarski
>>Cc: Kryptos; full-disclosure@...ts.netsys.com
>>Subject: Re: [Full-Disclosure] Feeding Stray Cats
>>
>>If anyone has an open solution, I think it should be posted 
>>to the list 
>>and cc'ed to Len. I think this is one off-topic disscusion 
>>that we need 
>>to have if full disclosure is to reamain a valid forum for 
>>discussing in 
>>a meaningful, restrained, and proffessional manner (pardon my 
>>spelling :) )
>>
>>    
>>
>I don't know how long you've been subscribed to this list.  I was one of
>the first.  And I can tell you that what you suggest has been stated and
>restated here ad nauseum ad infinitum.  This list *is* a valid forum and
>always will be precisely *because* it is not moderated.  Some people
>like that.  Others do not.  If they don't, they're free to leave.  The
>list isn't going anywhere.
>
>And since I'm already wasting bandwidth by replying, let me voice my
>biggest pet peeve to all readers.  If you decide you want to leave a
>list that you're on, just leave.  Don't post your parting gripe about
>why you can't take it any more and the list is going to hell in a hand
>basket.  No one cares.  Just move on with your life and spare us the
>histrionics.
>
>*That* one irritates me even more than the dolts who post "How do I
>unsubscribe" and the idiots who send their OoO messages to the lists.
>
>Paul Schmehl (pauls@...allas.edu)
>Adjunct Information Security Officer
>The University of Texas at Dallas
>AVIEN Founding Member
>http://www.utdallas.edu/~pauls/ 
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
>  
>



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ