From: Alfred Huger (ah@securityfocus.com)
Date: Tue Jul 08 2003 - 15:15:26 EDT
> >
> How does that address accountability?
>>You've stated that your concern is about the content of posts being
>>inappropriate or damaging, and thus wanting accountability. If you
>>are moderating postings, than I'd expect you to drop postings that
>>are clearly inappropriate or obviously damaging.
You would? You would expect me to censor obviously damaging material to
the vendor? I think I must have missed something in your earlier thread.
You think its OK for me to censor anything damaging to the vendor but not
OK for me to expect people to be held accountable for their musings I do
decide are OK? I am not going to re-iterate my previous concerns because I
am not sure I am articulating them well enough for you to understand.
Suffice it to say this exercise is not about protecting vendors from
negative opinions.
>>Beyond that, if a vendor is sufficiently concerned about a given
>>posting, I'd suggest that they respond (as regularly happens) to
>>he posting with calm, factual information.
Again, youre missing the point here. I am at a loss as to how to explain
the issues at hand here in a more clear concise way for you.
>I'm still curious about how you intend to determine what addresses
>are valid and accountable. Would a post from "Fook Yoo" be allowed? If
>it was fyoo@hotmail.com, Fook_Yoo@aw.com ?
Thats a tough one Ill give you that.
> Please point out to me one single instance of a *security* vendor suing
> anyone (individual or otherwise) for a bad review.
>>Let me point you to:
>>http://www.chillingeffects.org/johndoe/
Great but it does not answer my question, care to try? Both of the URLs
you provided speak to these issues in both generic and specific instances
but none citing this industry in regards to Product Reviews the issue in
question here. Also keep in mind this in legal terms is hardly an issue
specific to the USA. In fact this list and its moderators are not in the
USA. Symantec SF is also not a US based company.
> Please do not confuse this with Full Disclosure of vulnerabilities and
> criticism of products. The two issues are wholey separate and I am
> guessing you actually do understand the distinction. I have no problem
> with critical information being posted so long as the poster is
> accountable for his or her statements.
>>...and I'd ask again, "accountable"? Does that mean 'has an established
>>dentity online'
Thats a good start actually.
>, 'posts from a recognizable domain', 'has what looks
>like a real name', 'has provided drivers licence and credit card as a
>part of list subscription' ?
Yes and dont forget a blood sample. Youre expanding this into an argument
for privacy and anonymity in the greater sense whereas this is a
discussion around one item for a small community (this list). I suspect
you have strong feelings about the greater issues here and I applaud you
for it but this is simply not the right argument for you to bring them to
bear.
> > There's a difference between polite frank and open discussion, and
> > newspeak.
> I'm afraid you've got me there what is newspeak?
>>It's the language that the government expects all party members to speak
>>in Orwell's 1984. It's an interesting read - I recommend it.
Great, Ive gone from a list moderator to a servant of the faceless
Government Concern bent on spinning policy for the subjugated masses. I
have to wonder if thats a promotion. Perhaps you can start throwing
around terms like ZOG in your next message so we can really bring out the
conspiracy theories.
-al
---------------------------------------------------------------------------
The Lightning Console aggregates IDS events, correlates them with
vulnerability info, reduces false positives with the click of a button, anddistributes this information to hundreds of users.
Visit Tenable Network Security at http://www.tenablesecurity.com to learn
more.
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:35 EDT