Date: Fri, 25 Mar 2016 22:44:53 +0300 From: Solar Designer <solar@...nwall.com> To: oss-security@...ts.openwall.com Cc: James Morris <jmorris@...ei.org> Subject: Re: [ANNOUNCE] Linux Security Summit 2016 - CFP On Fri, Mar 25, 2016 at 09:55:41AM +1100, James Morris wrote: > ANNOUNCEMENT AND CALL FOR PARTICIPATION > > LINUX SECURITY SUMMIT 2016 Those who have been on oss-security for a while surely are wondering why this CFP was accepted, despite of our policy to reject any and all CFPs. No, this one didn't get through because of a moderation bypass, as was the case for some others (and usually the senders were removed from the moderation bypass as a result). I actually approved it, for the first time in several years of no approved CFPs, and now I have to explain why. And no, this doesn't mean CFPs are now OK to send in here. Please don't. Normally, the boilerplate rejection message for non-spam (not off-topic) CFPs sent to oss-security is as follows: --- http://oss-security.openwall.org/wiki/mailing-lists/oss-security says "Please don't post conference CFPs and (e-)magazine calls for articles." The list members have previously expressed that they do not want to see CFPs on the list. While this one is more relevant than most that we receive, it'd require a followup posting to explain why an exception was made, and it might result in yet another (anti-)CFP discussion on the list, as well as in an increase of CFPs sent to us. For now, we're just rejecting all CFPs as part of list policy. I guess this CFP will also be posted to Bugtraq, full-disclosure, and other places - and that's just sufficient. That said, postings with links to papers, slides, videos on Open Source security topics (and on specific vulnerabilities in Open Source software) - perhaps after the conference - may be approved. --- This time, I don't mind actually doing this "followup posting to explain why an exception was made" (as well as to discourage further CFPs sent in here). Linux Security Summit is relevant to both security and open source at once, unlike most other events which are focused on one or the other. Also new this year is Linux kernel self-protection appearing on and rising to the top of the desired topics list: > Topic areas include, but are not limited to: > > * Kernel self-protection I just went and checked last year's - the trend was already there, but it was "System hardening" rather than literally "Kernel self-protection" that time: http://kernsec.org/wiki/index.php/Linux_Security_Summit_2015#Call_for_Participation This is arriving 15-20 years late, but better late than never. I welcome this change of focus. For those interested in the topic, I recommend joining the kernel-hardening mailing list: http://www.openwall.com/lists/kernel-hardening/ The recent reincarnation of the project was announced here: http://www.openwall.com/lists/kernel-hardening/2015/11/05/1 and since then the list is quite active again (~200 messages per month). As to further oss-security postings on LSS or/and other open source security events, please send in here primarily the outcomes of such events - info on decisions made (new projects started, etc.), links to papers, slides, videos. Content that is actually useful to the majority of subscribers rather than to the few who would seriously consider attending a particular event (yet only learn of it from here). What I am seeing on most mailing lists that accept CFPs (and in oss-security moderation queue) is that conference organizers tend to send CFPs to lots of places, but then don't bother sharing the conference proceedings, slide decks, videos, etc. as widely... and next year there's another CFP. For most subscribers, who don't actually attend most of these events, this is just noise. So, once again, I'd like this skewed to generally useful content, please. For those who are active on oss-security, it's OK to mention a particular upcoming event (relevant only) in a brief P.S. below their signature (a few lines only) in some other on-topic message that you would be posting anyway (preferably in a short one, so the extra/bonus content is seen). As long as this trick is not abused, we will likely be approving such messages for their main content, as usual. Alexander
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ