Re: Corporate Virus Threats

[n3td3v <xploitable () gmail com>]

On 6/30/06, Antczak, Ed <Ed.Antczak () fnf com> wrote:
> I second the motion.
> An opportunity to focus and filter the broad spectrum of security issues
> is welcome if possible.
>
> Edwin Antczak
> Windows Engineer

I see a major loophole here, as we don't know how much traffic on the
dedicated securityfocus lists are being moderated, and the potential
useful information being turned away.

Sure, script kid flames may be anti-social, but even they are useful
to a certain audience. (government, law inforcement)

I see a big blackspot right now where high profile moderation of
serious security topics are being moderated into the Securityfocus
profit margin model, than protecting the needs of consumer and
corporate interests.

Its time for an open source full disclosure alternative to the
Securityfocus list-set, in order to really know whats going on,
because you can bet even the stuff the Securityfocus moderators get to
see, is passed onto Symantecs intelligence engine, even if the
moderator doesn't let the thread go live on the securityfocus lists.

I.e. Symantec are getting so much more information than the average
joe, via the intelligence post to moderators, than the public gets to
see, and that frustrates me.

Symantec have a huge intelligence facility in England, its an old
nulcear bunker with huge steal doors, where they compile intelligence
data sent to the list moderators, and only a small percentage of that
goes live to the public.

We need more lists, so people can cross post and see whats really
getting sent to Securityfocus moderators and rejected in all security
specialized subjects, not just new bug disclosure.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/