Full Disclosure mailing list archives
Re: Symantec Change Posting Criteria (was Re: Administrivia)
From: Etaoin Shrdlu <shrdlu () deaddrop org>
Date: Mon, 07 Jul 2003 21:19:15 -0700
Note that I've removed the CC list from hell. I am certainly not interested in Al Huger's response, having had mixed dealings with him in past. I also am not interested in having to fight the brain dead vacation and other bounce messages brought about by posting to a SF mail list (having been posting quite a bit to honeypots, I have fresh and painful experience of same). In fact: "How do you tell when your post has been accepted?" "You're immediately swamped with bounce messages from around the planet, including a bunch from SF about undeliverable messages." Ba-da-bump. Oh, wait, you aren't laughing. cepacolmax () hushmail com wrote:
By the way, my response post to pen-test (quoted below), merely defining the reasons for which I choose not to post from my corporate email, was also denied.
I read, and agreed with your very civilized response (which I've clipped, for the sake of brevity). This is (IMNSHO) a thin attempt at preventing commentary on a product that obviously needs commenting upon. I've posted on all the SF lists at one time or another, and if anyone truly believes that Etaoin Shrdlu is my given name, well... Not to mention the fact that Miss Elydyr deserves courtesy and respect, whether or not her given name is Gwendolynn. She's been posting with that name, consistently, for long enough, that it's recognized, and respected, and the idea that suddenly odd looking names are unacceptable is tripe.
Note that this post infringes neither on the original list charter, nor on the moderator's ammendments as stated.
No, of course it doesn't infringe, but then, you appear to still be searching for reason, and I tell you that it is a doomed search. And now to address that danged troublemaker, GfE, herself.
On Mon, 07 Jul 2003 12:51:42 -0700 Gwendolynn ferch Elydyr <gwen () reptiles org> wrote:I've CC'd this email to full-disclosure, so that those folks that aren't on pen-test are aware of the policy change to posting requirements on that list - and potentially to more of the securityfocus lists. It's interesting to note that the only list that appears to have an exemption from this type of policy or arbitrary action is bugtraq.
Well, considering the number of posts I've made over the past few days to Honeypots, this is either VERY sudden, or Al thinks my parents have a cruel sense of humor (they do, but that's a different issue). I would suggest that product postings are only seen on bugtraq when they involve cross-site scripting (god, I'm bored with that crap), and that most of the important stuff will go to Vuln-Watch anyway, so what's the point? Besides, if they started worrying about pseudonyms now, then RFP would be right out (although he claims to be gone, anyway). Do you suppose Aleph1 is not allowed? How about Mudge, or Hobbit? Come on, now.
On Mon, 7 Jul 2003, Alfred Huger wrote:
Crap, so I deleted most of it.
1. If you want to post about a product positive or negative you cannot do so from a Huhsmail or other such account. 2. If you plan to post use your real name or do not post. 3. Be polite period. 4. Do not use this as a forum to take shots at your competitor or I will see you and your company banned from every list we have here (except Bugtraq).
Boy, this is where I really start to get annoyed. If they're anonymous, how can he know who ought to be banned? Will he ban a certain well-known virus company, if they misbehave? Sounds like a potential law suit in the making. But wait, here comes my favorite line from GfE:
This isn't full-disclosure, the last time I checked. To the best of my knowledge, pen-test is a moderated list. Surely the moderator is capable of noting the difference between "Your product sukz0rs" and "The product proved unable to stand up to traffic above 100Mhz" - and of passing the appropriate posting through, whether it has "John Doe" or "thunderfallingdown" attached to it as a moniker.
Yah know? Doesn't this seem to just get right to it? Hey, Al, what's up with this, are you on the verge of losing your job? Have we all become targets? Oh, and I'm getting reealll tired of the following message: This is the Postfix program at host outgoing2.securityfocus.com. I'm sorry to have to inform you that the message returned below could not be delivered to one or more destinations. For further assistance, please send mail to <postmaster> If you do so, please include this problem report. You can delete your own text from the message returned below. The Postfix program <moby () xitac com>: mail for xitac.com loops back to myself I've received close to a hundred of those from outgoing2.securityfocus.com, and I'm sure it's not finished. Bleagh. -- It isn't that we're not paranoid. It's that we're not paranoid enough. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Symantec Change Posting Criteria (was Re: Administrivia) Gwendolynn ferch Elydyr (Jul 07)
- Re: Symantec Change Posting Criteria (was Re: Administrivia) Adam Shostack (Jul 07)
- <Possible follow-ups>
- Re: Symantec Change Posting Criteria (was Re: Administrivia) cepacolmax (Jul 07)
- Re: Symantec Change Posting Criteria (was Re: Administrivia) Etaoin Shrdlu (Jul 08)
- Re: Symantec Change Posting Criteria (was Re: Administrivia) Nick FitzGerald (Jul 08)
- Re: Symantec Change Posting Criteria (was Re: Administrivia) security snot (Jul 08)
- Re: Symantec Change Posting Criteria (was Re: Administrivia) Etaoin Shrdlu (Jul 08)
- Re: Symantec Change Posting Criteria (was Re: Administrivia) cepacolmax (Jul 07)