[Full-Disclosure] announce: new mailing list - application security research - from vulnerabilities to code injection.

From: Gadi Evron (ge_at_linuxbox.org)
Date: 02/04/04

  • Next message: Bharat: "[Full-Disclosure] Win2k3 Enterprise patch" 
    To: full-disclosure@lists.netsys.com
Date: Wed, 04 Feb 2004 03:02:34 +0200

    For the past month or two we have been seeing more and more off-topic
    message on the TH-Research (Trojan Horses Research) mailing list.

    We decided to start a new mailing list to take off the "pressure".

    The new mailing list is called appsec-research, and it will deal with
    issues such as vulnerability research through packers and win32 binaries
    to code injection.

    Same rules, same issues: we are here to help people (and the rest of the
    world when we can) while staying on the _good_ "side of the fence".. but
    we do not allow anyone on the list before a background check.

    I personally believe in the concept of full disclosure, but I realize
    now that when it comes to security it's no longer practical for the very
    simple reason that we are out-numbered 100,000 to one.

    I am not trying to start a debate about that, it is simply how I
    personally see things and how we are going to run our new list.

    So, the new list will be all about how to protect and break software,
    whether it's a vulnerability or a packer.. I considered calling the list
    IDA-geeks, but oh well.

    If you want to join send me an email message to ge@warp.mx.dk.

    I decided to send this email message here after discussing it with the
    FD moderator and getting his permission. I truly hope is that this
    doesn't end up starting yet another anti-Microsoft thread.

         Gadi Evron.

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: Bharat: "[Full-Disclosure] Win2k3 Enterprise patch"