lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 15 Sep 2008 16:38:10 -0400
From: "Stack Smasher" <stacksmasher@...il.com>
To: "Od Orf" <mr0d0rf@...glemail.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: [RFC] Very Low Signal to Noise Ratio on FD

I would never think of filtering FD, the colorful comments are what make
this list classic! Filtering it out would be a tragedy and a crime against
humanity.






On Mon, Sep 15, 2008 at 3:45 PM, Od Orf <mr0d0rf@...glemail.com> wrote:

> Dear All,
>
> I've been reading Full Disclosure for quite some time and, for the
> most part, value the content I find here.  It helps me with my work
> and helps me keep abreast of developments in the wonderful worlds of
> network and application security.
>
> In this post, I seek to spark some discussion as to how this
> unmoderated list might improve it's effectiveness with regard to
> "self-policing" and how subscribers might employ methods to filter
> extraneous content whilst retaining that which is truly valuable.
>
> On a personal level, I have tried in the past to filter out posts
> which fail to meet certain criteria using both blacklists and
> whitelists of content keywords.  I've found these to be ineffective in
> so much as either filtering the signal or not filtering the noise to
> varying degrees.  I've tried blacklisting email addresses where the
> content is often of little value, but again this is not very effective
> at filtering out noise (although it usually has very little negative
> impact on the signal).
> These methods have taken-up far too much time to implement and manage
> for their levels of effectiveness and perhaps exceed the time spent
> manually reviewing posts to determine their worth.
>
> Many of you would no doubt agree that the dissatisfaction with the
> level of noise is oft expressed (which often generates further noise).
>
> One possible solution which would require consensus might to be apply
> lessons learned by parents and other adults with responsibility for
> children.
> When dealing with a child displaying anti-social or otherwise
> undesired behaviour, one should not engage the child at that same
> level.  For example, one should not retort as this implies permission
> and complicity.  Instead a clear indication should be given that the
> behaviour of the child does not meet the required level of
> desirability.  This should be done in a non-threatening, but
> authoritative response and delivered in an articulate and consistent
> manner.  The key is to set clear boundaries.
> Failure to stay within clearly defined boundaries carries a penalty,
> such as a child time-out (naughty-chair) where the child is removed to
> an area where they are unable to participate but can observe the
> continuation of normal activity.
>
> Obviously I am not comparing any FD users to children nor suggesting
> they be treated as such, but I think that an approach similar to this
> may have some merit for dealing with the phenomenon of noise
> escalation which often occurs in response to a noisy event.
>
> If, for example, a message was posted to the list which was perceived
> to be undesirable, disrespectful or otherwise noisy it might help a
> great deal if firstly the poster were gently chided with respect to
> their post and secondly the post elicited no other response and
> certainly none which might be perceived as undesirable.  The latter I
> think is most important because without such responses, there is a)
> less noise generated and b) less fuel for those who repeatedly post
> trivial and useless or inflammatory material.
>
> Finally, I should say that I am acutely aware that this post may
> itself be construed as noise, but I hope humbly that it is received in
> the spirit with which it is meant.
>
> I welcome your ideas and recommendations.
>
>
> Sincerely,
>
>
> Iain O'Dorf
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



-- 
"If you see me laughing, you better have backups"

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ