From: David J. Meltzer (djm@intrusec.com)
Date: Tue Jul 08 2003 - 15:16:24 EDT
I have in the past (years pre-securityfocus) been personally attacked
with lies about products I've been involved in by anonymous authors, and
I, like Al, have seen that anonymous cowards can make a real impact if
given the audience. That audience will always exist on full-disclosure
and other unmoderated lists, but I don't think there is any reason SF
needs to give them a forum.
Fact is, the posts that are most harmful don't come across as "y0ur
pr0dukt sukz", they are carefully written by intelligent folks who
insert their lies into coherent sentences. Even with an equally
intelligent statement refuting it by the vendor, there is no real way
for a 3rd party observer to know who is telling the truth.
I hope SF will go further in building more accountable and secure means
for folks in the security industry to be able to communicate with each
other over time, but drawing a line in the sand at this absurdity is a
good first step.
-Dave
-------------------
David J. Meltzer
djm@intrusec.com
CTO, Intrusec, Inc.
---------------------------------------------------------------------------
The Lightning Console aggregates IDS events, correlates them with
vulnerability info, reduces false positives with the click of a button, anddistributes this information to hundreds of users.
Visit Tenable Network Security at http://www.tenablesecurity.com to learn
more.
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:35 EDT