lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4b6ee9310606301018n66b8dfa1jc3b944e62e91e7f4@mail.gmail.com>
Date: Fri Jun 30 19:28:38 2006
From: xploitable at gmail.com (n3td3v)
Subject: Corporate Virus Threats

On 6/30/06, Antczak, Ed <Ed.Antczak@....com> wrote:
>
> I second the motion.
> An opportunity to focus and filter the broad spectrum of security issues
> is welcome if possible.
>
> Edwin Antczak
> Windows Engineer

I see a major loophole here, as we don't know how much traffic on the
dedicated securityfocus lists are being moderated, and the potential
useful information being turned away.

Sure, script kid flames may be anti-social, but even they are useful
to a certain audience. (government, law inforcement)

I see a big blackspot right now where high profile moderation of
serious security topics are being moderated into the Securityfocus
profit margin model, than protecting the needs of consumer and
corporate interests.

Its time for an open source full disclosure alternative to the
Securityfocus list-set, in order to really know whats going on,
because you can bet even the stuff the Securityfocus moderators get to
see, is passed onto Symantecs intelligence engine, even if the
moderator doesn't let the thread go live on the securityfocus lists.

I.e. Symantec are getting so much more information than the average
joe, via the intelligence post to moderators, than the public gets to
see, and that frustrates me.

Symantec have a huge intelligence facility in England, its an old
nulcear bunker with huge steal doors, where they compile intelligence
data sent to the list moderators, and only a small percentage of that
goes live to the public.

We need more lists, so people can cross post and see whats really
getting sent to Securityfocus moderators and rejected in all security
specialized subjects, not just new bug disclosure.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ