RE: Immature blabla / cisco exploit

["Schmehl, Paul L" <pauls () utdallas edu>]

> -----Original Message-----
> From: Steve [mailto:steve () videogroup com] 
> Sent: Wednesday, July 23, 2003 8:48 AM
> To: Ron DuFresne
> Cc: full-disclosure () lists netsys com
> Subject: Re: [Full-disclosure] Immature blabla / cisco exploit
>
> We have subscribed to a list which contains a very high noise 
> ratio. We can 
> unsubscribe, but the reality is that we don't want to miss something 
> important so we stick to it. This means the responsibility 
> level has gone 
> up. For both us and you! Even though this is a volunteer run 
> list, you have 
> created something which more people depend on.
>
> Seing this kind of exchange on the behalf of the list owners 
> does not match 
> the higher moral ground you need to hold to keep our respect. As that 
> respect goes down the noise ratio will go up and to that 
> degree the list 
> will be in decline. 
Why would Len care if he has our respect?  The entire purpose of this
list is to remain unmoderated.  By definition that means that he
*cannot* care about the level of junk that is posted here, although some
have said that he has banned people who are simply being disruptive and
don't contribute at all.

Furthermore, we've been hearing the dire warings of list decline since
this list began.  The reality is that it's like the tide.  Sometimes it
comes in.  Sometimes it goes out.  But the list remains.  And so do
those of us who see its value.  And gues who the first people in the
world were to see the Cisco IOS expoit code.  (And guess why we all of a
sudden have a rush of new subscriptions.)

> Some people wants nothing more than for the list to fail, 
> others are very 
> fed up with childish like noise. Myself I've stated that you 
> can be full 
> disclosure of security issues and still moderate out these 
> very disrelated 
> posts as they clearly have nothing to do with security. It 
> requires time 
> and the ability to tell what is security related and not.
Now you're trying to redefine what "unmoderated" means.  I can't
emphasize this enough.  If you are going to subscribe to this list, you
are expected to be an adult who is fully capable of filtering the
traffic as you see fit.  The list will not do your work for you, nor
will Len et. al. make decisions on your behalf.

> Failing that you really need to make good on keeping the noise down.
"Make good on"?  When has Len every promised to keep the noise down?
Where did you get the idea that it's his responsibility?  It's yours and
mine.  Learn to use filters.  It doesn't take long to figure out who
contributes and who simply wastes bandwidth.  Filter them.

> If you cannot uphold a higher standard subscribers will move 
> towards a 
> free-for-all. And that will be that.
Again, we've heard these predictions over and over again.  As a charter
subscriber who signed up within minutes of the list announcement, I can
assure you that it will *not* happen, and this list will continue to
serve a function which is being served **nowhere else**.
 
> Please realize that a very high percentage would move to a 
> similar list in a 
> heart beat if they thought it was run tighter.
So move.  But please don't tell us that you're moving.  We don't care.
Start your own list, and moderate the hell out of it.  But learn to
accept the fact that this list is and will always be Unmoderated.  Those
of us who remain here accept that fact and deal with it intelligently.

Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/~pauls/ 
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html