Full Disclosure mailing list archives

Re: Security contact @ Gigabyte

From: Fyodor <fyodor () nmap org>
Date: Mon, 14 Mar 2016 16:14:52 -0700

On Thu, Mar 10, 2016 at 2:15 AM, Mustafa Al-Bassam <mus () musalbas com> wrote:

You're asking this on the full disclosure mailing list. Disclose it here.


Yeah, the general FD list policy is to reject requests for vendor contacts
unless they also include full disclosure of the bug details:

https://secwiki.org/w/FD_Moderation#Requests_for_vendor_security_contacts

It's not that there is anything wrong with the more limited disclosure and
vendor pre-disclosure approaches, but those aren't full disclosure and so
probably belong on a different list. This post must have slipped by one of
the moderators, but we'll try not to do it again!

Cheers,
Fyodor

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Current thread:

Security contact @ Gigabyte Gustavo Sorondo (Mar 09)
- Re: Security contact @ Gigabyte Mustafa Al-Bassam (Mar 12)
  - Re: Security contact @ Gigabyte Andrew Deck (Mar 14)
  - Re: Security contact @ Gigabyte Fyodor (Mar 14)
    - Re: Security contact @ Gigabyte Gustavo Sorondo (Mar 14)
    - Re: Security contact @ Gigabyte Jeffrey Walton (Mar 14)
- Re: Security contact @ Gigabyte Jeffrey Walton (Mar 14)