Re: [Full-Disclosure] Feeding Stray Cats
From: Josh (full-disclosure_at_nicepeople.org)
To: full-disclosure <firstname.lastname@example.org> Date: Thu, 13 Nov 2003 16:02:02 -0800
I had given up on this thread as a loss, but I feel a bit of hope renewed.
If you have posts to the announce list post to the open list, it will
eliminate the issue of discussion. In this manner you allow those who
don't have time to wade through all discussions to be able to weigh in
on announcements at their leisure rather than slogging through 50+ posts
A similar model which worked well for this was the Attrition defacement
Attrition.org had a government list which only sent out emails about
.gov websites which many gov people had forwarded to their pagers, this
would filter out the 300 other sites per day which were owned after the
Unicode hole came out. The govt list posts were still sent to the full
defacement list, it was just a nice method by which to filter it. If we
could get someone to moderate announcements only (of which there are
very few) or take announcements and cross post them to another announce
only list, it would allow those who need the information in a timely
fashion to get it, and be able to review and comment at a later date.
Another option is to leave the announce list open, with the
understanding that only announcements of a critical nature need be
posted there, and that all other posts get posted to FD. I know I
didn't need to read Paul's fight with morning wood, or the instruction
of someone on how to return a firewall back to defaults (deny all). If
people all replied to the posts with proper mail clients, I could just
zip up the thread, but unfortunately there are some security
professionals out there who don't know how to use their mail clients. If
someone begins to abuse the announce list, deal with that topic at that
point. Hopefully those who are subscribed would have enough common
sense to not abuse the announce list.
There IS a reason to change: You WILL drive away anyone with clue if we
continue down the same track.
Stephen Clowater wrote:
> True, But the problem with the announce list is it does take away the
> disccusion of issues, which is what this list is about. The issue is
> it has been polluted with crap, and bitching about that crap (ie -
> This email :) ) and has deaparted from the breif, proffessional,
> meaningful discussions about security issues, to a form that resembles
> an IRC channel.
> The list really needs to be loosely moderated, at least for a while.
> I'm not sure how practical it is to do that, Len could comment more
> correctly on that point than myself, however, as for a open solution
> (ie - not moderated), I really do not have any clue on how it could be
> If anyone has an open solution, I think it should be posted to the
> list and cc'ed to Len. I think this is one off-topic disscusion that
> we need to have if full disclosure is to reamain a valid forum for
> discussing in a meaningful, restrained, and proffessional manner
> (pardon my spelling :) )
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
Full-Disclosure - We believe in it.