Full Disclosure mailing list archives
Re: Symantec Change Posting Criteria (was Re: Administrivia)
From: <cepacolmax () hushmail com>
Date: Mon, 7 Jul 2003 19:00:19 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 By the way, my response post to pen-test (quoted below), merely defining the reasons for which I choose not to post from my corporate email, was also denied. Note that this post infringes neither on the original list charter, nor on the moderator's ammendments as stated. </quote> Al - I understand all of your points below. I personally avoid using my business email on lists such as this for a couple of reasons. It's a fact that spam robots troll web archives for valid email addresses. This is not a knock against the list administrators - no one expects you to control who reads the web archives. There is also the question of backlash - If I were to post something like "I can't get service pack 4 to install" from an email () mycomany com, it's a sure bet that I've just made my entire company a target for pre- sp4 attacks. This is an unacceptable risk. Perhaps the second point reveals my paranoia, but I work in security - - - paranoia is what keeps the network clean! </quote> Cheers, Max On Mon, 07 Jul 2003 12:51:42 -0700 Gwendolynn ferch Elydyr <gwen () reptiles org> wrote:
I've CC'd this email to full-disclosure, so that those folks that aren't on pen-test are aware of the policy change to posting requirements on that list - and potentially to more of the securityfocus lists. It's interesting to note that the only list that appears to have an exemption from this type of policy or arbitrary action is bugtraq. On Mon, 7 Jul 2003, Alfred Huger wrote:Recently someone posted a question regarding a product (CORE Impact)tothe list. These types of posts always make me leery because thisindustry,being what it is, rarely has anything nice to say about anything.Being aproduct vendor myself I am particularly aware of how ugly peoplecan be.Often, if not always, when these come out the competitors to theproductgenerate email addresses elsewhere and have their way. Or thevendoritself does the same thing and pumps their product.When I first read this posting, I went and checked the headers, to see if it was a forgery. The style seemed rather unlike AH, and the content was (at best) distressing. To my chagrin, this actually appears to be valid email.The list has 13,000 + people on it. Many of them decision makersso I needto be fairly careful about this. So here are the ground rulesmovingforward: 1. If you want to post about a product positive or negative you cannot do so from a Huhsmail or other such account. 2. If you plan to post use your real name or do not post. 3. Be polite period. 4. Do not use this as a forum to take shots at your competitoror Iwill see you and your company banned from every list we have here(exceptBugtraq).I have to ask. Why? Did the Symantec lawyers have a sudden bout of panic about potential defamation lawsuits? Are there so many posts to the list that contain problematic content? This isn't full-disclosure, the last time I checked. To the best of my knowledge, pen-test is a moderated list. Surely the moderator is capable of noting the difference between "Your product sukz0rs" and "The product proved unable to stand up to traffic above 100Mhz" - and of passing the appropriate posting through, whether it has "John Doe" or "thunderfallingdown" attached to it as a moniker. Beyond that, threats seem inappropriate. "...I will see you and your company banned from every list we have..." Has Symantec stooped to this level, or is this personal opinion. I lament the former list - and the free flow of useful information. cheers! ========================================================================== "A cat spends her life conflicted between a deep, passionate and profound desire for fish and an equally deep, passionate and profound desire to avoid getting wet. This is the defining metaphor of my life right now." _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
-----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.3 wkYEARECAAYFAj8KJeMACgkQ6muvpb42jIB6egCfcguAjCYWQudGQLYNX6kG0AIni38A njBRdluvaXkXj5kDOKWuzoP/fwZ5 =2Nxq -----END PGP SIGNATURE----- Concerned about your privacy? Follow this link to get FREE encrypted email: https://www.hushmail.com/?l=2 Free, ultra-private instant messaging with Hush Messenger https://www.hushmail.com/services.php?subloc=messenger&l=434 Promote security and make money with the Hushmail Affiliate Program: https://www.hushmail.com/about.php?subloc=affiliate&l=427 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Symantec Change Posting Criteria (was Re: Administrivia) Gwendolynn ferch Elydyr (Jul 07)
- Re: Symantec Change Posting Criteria (was Re: Administrivia) Adam Shostack (Jul 07)
- <Possible follow-ups>
- Re: Symantec Change Posting Criteria (was Re: Administrivia) cepacolmax (Jul 07)
- Re: Symantec Change Posting Criteria (was Re: Administrivia) Etaoin Shrdlu (Jul 08)
- Re: Symantec Change Posting Criteria (was Re: Administrivia) Nick FitzGerald (Jul 08)
- Re: Symantec Change Posting Criteria (was Re: Administrivia) security snot (Jul 08)
- Re: Symantec Change Posting Criteria (was Re: Administrivia) Etaoin Shrdlu (Jul 08)
- Re: Symantec Change Posting Criteria (was Re: Administrivia) cepacolmax (Jul 07)