lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Sun, 21 Sep 2008 19:02:55 +0100
From: n3td3v <xploitable@...il.com>
To: "John Cartwright" <johnc@...k.org.uk>, full-disclosure@...ts.grok.org.uk
Subject: The new 'cyber politica' mailing list thats
	planned for the non-technical elite

On Sun, Sep 21, 2008 at 12:34 PM, n3td3v <xploitable@...il.com> wrote:
> On Sun, Sep 21, 2008 at 4:01 AM,  <Valdis.Kletnieks@...edu> wrote:
>> On Sat, 20 Sep 2008 21:47:55 BST, AaRoNg11 said:
>>
>>> If the job was that sensitive of a job, do you really think they'd be using
>>> gmail to send important information?
>>
>> Remember - n3td3v is in the British Isles, where clusterfuck IT is rampant in
>> the government sector.  You know, like "Let's lose the financial details of
>> *EVERY SINGLE FRIKKING FAMILY IN THE COUNTRY on an UNENCRYPTED DISK".
>>
>> Oh, why was the disk unencrypted? Because the policy on how to securely
>> transfer the data was deemed so sensitive that it was only accessible to
>> upper management - the people *doing* the work didn't have access to the
>> policy of how to do it right.
>>
>
> Maybe we can take this over to cyber-politics@...ts.grok.org.uk or
> whatever name he gives the new mailing list when John Cartwright
> finally gets the finger out.
>
> We need a non-technical, unbiased, unmoderated version of
> full-disclosure where people can post rants, raves, speeches, ideas,
> views, opinons, news items, the dirty on employees, gossip, security
> conferences, or other intelligence thats non-technical.
>
> A place where people like n3td3v don't get made to feel bad for
> posting their views on whats going on in the security community.
>
> There seems to be a feeling that anyone who is non-technical is
> unwelcome on full-disclosure and end up getting written about on
> securityfocus by robert lemos and made to feel a bad person. :(
>
> This is unfair, in the bigger scope of things, there just isn't
> anywhere to go to post non-technical stuff thats unmoderated.
>
> So instead of being nasty to n3td3v and writing about him on
> securityfocus and declaring a hunt for n3td3v, let's just create a new
> mailing list where people like me won't get made uncomfortable for
> posting.
>
> The bottom line is, there is no non-technical, unbiased, unmoderated
> version of full-disclosure and there should be one.
>
> We need a cyber political mailing list, where anything goes, right now
> it just seems that people don't really want n3td3v around, but thats
> not because n3td3v has done something wrong, its just because there is
> no where else suitable to post about cyber politics thats
> non-technical, unbiased, unmoderated.
>
> I don't like posting to full-disclosure if I feel unwelcome, but I
> don't want to be muzzled, I want John Cartwright to setup a new
> mailing list for the non-technical issues.
>
> This is my proposal im putting forward, so let's talk about it.
>

I say 'cyber-politica' is a decent name for it we can have.

Although im concerned the 'cyber' might go out of fashion over the
years, so if you have cyber in the name it might get outdated.

I think the new mailing list will be perfect for me and gadi types,
then we won't be annoying the list anymore about what we think of
everyone and cyber security.

I think full-disclosure has had enough of opinionated people like me
and gadi who chime in when we feel like it, it appears to upset the
full-disclosure crowd, so a new mailing list would be brilliant for
the non-technical crowd who still want to chime in when we're not
happy about something.

When people like me and gadi types post our opinionated views about
people and cyber security, folks don't always reply and give their
views, because they think the mailing list isn't supposed to be about
the non-technical subject, so are reluctant to get involved incase it
increases the 'noise'.

What's needed is a non-technical mailing list where the non-technical
elite can hang out.

US-CERT.gov website already have technical and non-technical sections,
so why can't full-disclosure be split in two?

Its obvious me and gadi are not welcome on the current format
full-disclosure, so we need a new mailing list for the non-technical
elite.

I was very upset to be bashed by robert lemos and his friends via news
articles and blogs, so now its time for a place we can go and not
upset people anymore. It was never my intention to upset folks but
thats what seems to have happened. They seem to think the
full-disclosure list is being destroyed by the non-technical elite. So
why not give the non-technical elite a mailing list of their own, so
people won't get upset because we post an email that hasn't got a
vulnerability or exploit in it.

We should leave the full-disclosure list for technical users, and the
non-technical users have their own mailing list to post on, then
nobody can be accused of botching up the technical list.

All the best,

n3td3v

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ