|
Date: Wed, 19 Mar 2014 23:29:11 +0400 From: gremlin@...mlin.ru To: oss-security@...ts.openwall.com Subject: Re: [OT] FD mailing list died. Time for new one On 19-Mar-2014 09:33:58 -0700, Dean Pierce wrote: > Hosting? That's what the cloud is for. Not for any sensitive data. And vulnerability descriptions are very sensitive... > I have no idea who runs > https://groups.google.com/group/FullDisclosure > but they seem modeled after original fd charter. Modelling a charter is easy... But I bet they'll fail on gathering all previous FD members. > I trust Google as a neutral third party more than I would trust > most security researchers. Bwa-ha-ha-ha-ha... Behind that party which you possibly may trust, there's a B.B., which is even worse than a Big Brother - as it's a Big Business. When a Big Business faces something, it asks itself two questions: 0. Could it cause any loss? 1. Could it bring any profit? Suppose someone posts a zero-day vulnerability on the list which affects the BB; do you really think it wouldn't be censored out? No doubt, it will - otherwise that will Cause a Loss, and that's inacceptable for BB. Also, several days before FD shutdown there was a long thread related to some vulnerabilities in Google services... Although John Cartwright didn't name anyone, I can't be sure these two events are unrelated. > They already host all the old newsgroup archives. It's also > free, easily consumable, and most importantly, babysat for > security issues in a way that even a team of skilled volunteers > would have a hard time pulling off. I'd prefer participating on the list hosted by some party which isn't directly affected by list postings - say, some ISP. -- Alexey V. Vissarionov aka Gremlin from Kremlin <gremlin ПРИ gremlin ТЧК ru> GPG: 8832FE9FA791F7968AC96E4E909DAC45EF3B1FA8 @ hkp://keys.gnupg.net
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.