|Main Archive Page > Month Archives > full-disclosure-uk archives|
Hi, my comment wasn't meant to flame you. I was basically trying to say that if you used your email for sensitive stuff, and it had been compromised, the intruder finding out your IP address is the least of your worries. I'm sorry if it was interpreted as a flame.
Anyway, I like the idea of a non-technical mailing list. I'd be sure to sign up :)
On Sun, Sep 21, 2008 at 7:02 PM, n3td3v <email@example.com> wrote:
> On Sun, Sep 21, 2008 at 12:34 PM, n3td3v <firstname.lastname@example.org> wrote:
> > On Sun, Sep 21, 2008 at 4:01 AM, <Valdis.Kletnieks@vt.edu> wrote:
> >> On Sat, 20 Sep 2008 21:47:55 BST, AaRoNg11 said:
> >>> If the job was that sensitive of a job, do you really think they'd be
> >>> gmail to send important information?
> >> Remember - n3td3v is in the British Isles, where clusterfuck IT is
> rampant in
> >> the government sector. You know, like "Let's lose the financial details
> >> *EVERY SINGLE FRIKKING FAMILY IN THE COUNTRY on an UNENCRYPTED DISK".
> >> Oh, why was the disk unencrypted? Because the policy on how to securely
> >> transfer the data was deemed so sensitive that it was only accessible to
> >> upper management - the people *doing* the work didn't have access to the
> >> policy of how to do it right.
> > Maybe we can take this over to email@example.com or
> > whatever name he gives the new mailing list when John Cartwright
> > finally gets the finger out.
> > We need a non-technical, unbiased, unmoderated version of
> > full-disclosure where people can post rants, raves, speeches, ideas,
> > views, opinons, news items, the dirty on employees, gossip, security
> > conferences, or other intelligence thats non-technical.
> > A place where people like n3td3v don't get made to feel bad for
> > posting their views on whats going on in the security community.
> > There seems to be a feeling that anyone who is non-technical is
> > unwelcome on full-disclosure and end up getting written about on
> > securityfocus by robert lemos and made to feel a bad person. :(
> > This is unfair, in the bigger scope of things, there just isn't
> > anywhere to go to post non-technical stuff thats unmoderated.
> > So instead of being nasty to n3td3v and writing about him on
> > securityfocus and declaring a hunt for n3td3v, let's just create a new
> > mailing list where people like me won't get made uncomfortable for
> > posting.
> > The bottom line is, there is no non-technical, unbiased, unmoderated
> > version of full-disclosure and there should be one.
> > We need a cyber political mailing list, where anything goes, right now
> > it just seems that people don't really want n3td3v around, but thats
> > not because n3td3v has done something wrong, its just because there is
> > no where else suitable to post about cyber politics thats
> > non-technical, unbiased, unmoderated.
> > I don't like posting to full-disclosure if I feel unwelcome, but I
> > don't want to be muzzled, I want John Cartwright to setup a new
> > mailing list for the non-technical issues.
> > This is my proposal im putting forward, so let's talk about it.
> I say 'cyber-politica' is a decent name for it we can have.
> Although im concerned the 'cyber' might go out of fashion over the
> years, so if you have cyber in the name it might get outdated.
> I think the new mailing list will be perfect for me and gadi types,
> then we won't be annoying the list anymore about what we think of
> everyone and cyber security.
> I think full-disclosure has had enough of opinionated people like me
> and gadi who chime in when we feel like it, it appears to upset the
> full-disclosure crowd, so a new mailing list would be brilliant for
> the non-technical crowd who still want to chime in when we're not
> happy about something.
> When people like me and gadi types post our opinionated views about
> people and cyber security, folks don't always reply and give their
> views, because they think the mailing list isn't supposed to be about
> the non-technical subject, so are reluctant to get involved incase it
> increases the 'noise'.
> What's needed is a non-technical mailing list where the non-technical
> elite can hang out.
> US-CERT.gov website already have technical and non-technical sections,
> so why can't full-disclosure be split in two?
> Its obvious me and gadi are not welcome on the current format
> full-disclosure, so we need a new mailing list for the non-technical
> I was very upset to be bashed by robert lemos and his friends via news
> articles and blogs, so now its time for a place we can go and not
> upset people anymore. It was never my intention to upset folks but
> thats what seems to have happened. They seem to think the
> full-disclosure list is being destroyed by the non-technical elite. So
> why not give the non-technical elite a mailing list of their own, so
> people won't get upset because we post an email that hasn't got a
> vulnerability or exploit in it.
> We should leave the full-disclosure list for technical users, and the
> non-technical users have their own mailing list to post on, then
> nobody can be accused of botching up the technical list.
> All the best,
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
-- Aaron Goulden
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/