Re: [Full-Disclosure] Feeding Stray Cats

From: Josh (
Date: 11/14/03

  • Next message: Josh: "Re: [Full-Disclosure] Feeding Stray Cats"
    To: full-disclosure <>
    Date: Thu, 13 Nov 2003 16:02:02 -0800

    I had given up on this thread as a loss, but I feel a bit of hope renewed.

    If you have posts to the announce list post to the open list, it will
    eliminate the issue of discussion. In this manner you allow those who
    don't have time to wade through all discussions to be able to weigh in
    on announcements at their leisure rather than slogging through 50+ posts
    a day.
    A similar model which worked well for this was the Attrition defacement
    list. had a government list which only sent out emails about
    .gov websites which many gov people had forwarded to their pagers, this
    would filter out the 300 other sites per day which were owned after the
    Unicode hole came out. The govt list posts were still sent to the full
    defacement list, it was just a nice method by which to filter it. If we
    could get someone to moderate announcements only (of which there are
    very few) or take announcements and cross post them to another announce
    only list, it would allow those who need the information in a timely
    fashion to get it, and be able to review and comment at a later date.

    Another option is to leave the announce list open, with the
    understanding that only announcements of a critical nature need be
    posted there, and that all other posts get posted to FD. I know I
    didn't need to read Paul's fight with morning wood, or the instruction
    of someone on how to return a firewall back to defaults (deny all). If
    people all replied to the posts with proper mail clients, I could just
    zip up the thread, but unfortunately there are some security
    professionals out there who don't know how to use their mail clients. If
    someone begins to abuse the announce list, deal with that topic at that
    point. Hopefully those who are subscribed would have enough common
    sense to not abuse the announce list.

    There IS a reason to change: You WILL drive away anyone with clue if we
    continue down the same track.

    My $.02

    Stephen Clowater wrote:

    > True, But the problem with the announce list is it does take away the
    > disccusion of issues, which is what this list is about. The issue is
    > it has been polluted with crap, and bitching about that crap (ie -
    > This email :) ) and has deaparted from the breif, proffessional,
    > meaningful discussions about security issues, to a form that resembles
    > an IRC channel.
    > The list really needs to be loosely moderated, at least for a while.
    > I'm not sure how practical it is to do that, Len could comment more
    > correctly on that point than myself, however, as for a open solution
    > (ie - not moderated), I really do not have any clue on how it could be
    > done.
    > If anyone has an open solution, I think it should be posted to the
    > list and cc'ed to Len. I think this is one off-topic disscusion that
    > we need to have if full disclosure is to reamain a valid forum for
    > discussing in a meaningful, restrained, and proffessional manner
    > (pardon my spelling :) )
    > Steve
    > _______________________________________________
    > Full-Disclosure - We believe in it.
    > Charter:

    Full-Disclosure - We believe in it.

  • Next message: Josh: "Re: [Full-Disclosure] Feeding Stray Cats"