Full Disclosure: Re: Administrivia: Vacation Messages - Update

[Nick FitzGerald <nick () virus-l demon co uk>]

KF <dotslash () snosoft com> wrote:

> > So warning idiots of their grave lack of security clue is off-topic 
> > for a "full disclosure" computer security mailing list?
> >  
> I certainly don't think that was the point... I believe it was the fact 
> that it has happened quite often and that it is unneccessary to cc the 
> entire list every time this happens. There is a big difference between 
> warning someone of "lack of security clue" and notifying the entire 
> list. The last few auto responders I have seen simply turned into a 
> shark like feeding frenzy on the individual that turned the auto 
> responder on... there has been no benefit to the list in the discussions 
> that occur. I believe they are only trying to decrease the amount of 
> noise on the list.
The feeding-frenzy and noise issues are, like it or not, generally 
part of the "joy" of unmoderated lists.

As for your suggestion that nothing useful or of value has come from 
these discussions, I beg to differ.  Recently there was a very 
informative debate about the actual legal value of those (all too 
common) automatically attached standard disclaimers.  Not directly 
security related in the sense that it disclosed a code vulnerability 
some significant percantage of list members should know about, but 
still security-relevant, at least in the big picture sense.  Such 
tidbits are very unlikely to be available in more heavily moderated 
fora unless the moderators are especially insightful, which few 
currently seem to be...


-- 
Nick FitzGerald
Computer Virus Consulting Ltd.
Ph/FAX: +64 3 3529854
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html