lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <010220051356.19809.41D7FD8300068D6E00004D6121612436460A900E0B0C0B@att.net> From: dcdave at att.net (dcdave@....net) Subject: list noise I will NOT respond to this; I will NOT respond to this; I will Not respond to this; dcdave -- CSO InfoSec Group 703-626-6516 -------------- Original message ---------------------- From: phased <phased@...l.ru> > > I also care about noise, and responding to stupid mails makes it worse. > Every time people send stupid mails like the rm file thing, and people reply to > the list, the author was successful in filling the list with crap for a day or > so. > > If no one replies, then they dont get attention and the people who know their > advisories(anyone with common sense) are blatantly crap will not be affected by > their nuisance. > > You always get a load of emails to the list from people who want to tell > everyone they know that an advisory for example was crap, yes we know > thank you, but we are not handing out gold stars today!!! > No need to tell us all every time!!! > > phased > > -----Original Message----- > From: Barrie Dempster <barrie@...oot-robot.net> > To: full-disclosure@...ts.netsys.com > Date: Thu, 30 Dec 2004 09:36:07 +0000 > Subject: RE: [Full-Disclosure] Multiple Backdoors found in eEye Products(IRISand > SecureIIS) > > > I'd have to agree with the eEye statement on this one. You sent out an > > advisory without disclosing the details, which offers no real benefit to > > anyone. Many people consider this responsible disclosure but that also > > requires you to notify the vendor (there were no @eeye.com's in your > > "to" list but there were a couple of press mailboxes). > > > > You didn't contact eEye, you didn't release details, you used an > > anonymous address and failed to mention or credit any of the other guys > > in your "testing team", This can only lead us to believe that the > > advisory is fake and only intended to generate bad press for eEye. I > > personally don't care about eEye's PR rating but I do care about the > > level of noise on these lists and I do care about backdoor-ed commercial > > products that are in common use. You may have an issue with eEye and see > > this as revenge. However, I doubt you also have an issue with the many > > admins who probably have spent their holiday season investigating these > > claims, when there are likely more pressing matters to address, such as > > a large stock of alcohol. > > > > Show us details, or be quiet. If you intended to embarrass eEye the plan > > backfired as any competent professional on this list (there are a few - > > I've heard stories about them) would see this as a shameful attempt and > > would be laughing at you, not eEye. > > > > Seasons greetings to eEye and all Full Disclosure subscribers - even you > > "Lance Gusto". > > > > With Regards.. > > Barrie Dempster (zeedo) - Fortiter et Strenue > > > > http://www.bsrf.org.uk > > > > [ gpg --recv-keys --keyserver www.keyserver.net 0x96025FD0 ] > > > > > > > > > > > > ATTACHMENT: application/pgp-signature ("signature.asc") > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.netsys.com/full-disclosure-charter.html > > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists