<<< Date Index >>>     <<< Thread Index >>>

RE: What is the point here?



Before this thread erupts into a flame war, it might be worth re-reading
the BugTraq charter.
<http://www.securityfocus.com/popups/forums/bugtraq/intro.shtml> 
<http://tinyurl.com/32zlc>

A quick excerpt:
"BugTraq is a full disclosure moderated mailing list for the *detailed*
discussion and announcement of computer security vulnerabilities: what
they are, how to exploit them, and how to fix them."

From: Alun Jones [mailto:alun@xxxxxxxxx] 
<snip>
> I really don't know why _you_ signed up for Bugtraq.  Me, I 
> signed up because someone posted an exploit for my software 
> here some time ago, and didn't bother to tell me about it 
> first.  I'd like to think that isn't Bugtraq's purpose.
> 
> I'd like to think that Bugtraq positions itself as something 
> more than a semi-sneaky, behind-the-back-of-the-vendors rant 
> group, or an assembly point for root-kit starters.  
> Moderators, please stop accepting posts where the poster has 
> stated specifically that they have not yet notified the 
> vendor, or where the only new thing that is contributed is a 
> more insidious version of an existing exploit.  And posters, 
> please consider carefully before you post whether what you 
> post is going to contribute to an increase in security or a 
> decrease in security.  If you cannot claim that your post 
> will help to improve security, then do us a favour and take 
> it somewhere else.
<snip>