webappsec March 2011 archive
Main Archive Page > Month Archives  > webappsec archives
webappsec: Administrivia: slow moderation, running with scissors

Administrivia: slow moderation, running with scissors, managing your subscriptions

From: Andrew van der Stock <vanderaj_at_nospam>
Date: Tue Mar 29 2011 - 06:39:04 GMT
To: WebAppSec Mail List <webappsec@securityfocus.com>

Hi there,

** Moderation **

I'm off to Sydney for a few days, so list administration (such as it is :) will be slower than normal. I'll try to look at it once per day, but don't be surprised if that doesn't happen for a day or so.

All should be well again by the weekend.

** Running with scissors - or beware of my approval process **

I approve pretty much anything that's on topic for web application security. I'm here to keep posts on topic, nothing more nothing less. I don't censor naughty words nor do I block posts that have hostile links that will steal your identity, or buy all the Yugo's on eBay, or make you like Rebecca Black on Facebook, or all three.

If a post has links to a hostile web page or demo, well that's pretty much the point of this list. I expect readers to be professional and cautious of any untrustworthy links or links to the latest exploit vectors.

I think most of you are in the web app sec profession, and thus I expect you to wear the special safety googles and tin foil underwear, and obviously take decent backups when dealing with unexpected or potential pwnage. If you don't, well you will after the first time.

I'm not your last line of anti-virus / anti-malware defenses. Moreover, new research and techniques posted here is simply unlikely to trigger A/V defenses - AS IT'S NEW! - so you should always be careful when clicking links and checking out the latest and greatest hostile awfulness on the Interwebs.

Click links at your own risk. Do as I do - copy and paste URLs in a throw away VM. I must also warn you that I only do this about 5-10% of the time as I generally don't inspect links before approving posts unless a post piques my interest. My interests almost certainly do not coincide with yours. For instance, I like to watch old computers boot and see how other authors have their workspace set up. YMMV.

** Managing your subscriptions **

Just a gentle reminder not to send me or the list unsubscribe requests as I don't have the privileges to do that, nor will I approve such posts. To avoid disappointment, you can manage your subscriptions here:

http://www.securityfocus.com/archive

Type in your e-mail address and click subscribe or unsubscribe depending on what you want to join or leave. It'll show you the lists you're subscribed to currently, and from there you can manage your subscriptions. There's some new mail lists, so you might want to pick up a few more if you don't already have way too many e-mails per day.

thanks,
Andrew

This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------