-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi All I encourage anyone who has a post rejected from bugtraq to forward any comments from the moderator(s) to this list. Also, it would be useful to include dates. Ie. I posted this advisory to bugtraq on (date) and it was finally approved by moderators on (date). Some people are already doing this; it emphasizes some of my points below. It's important that bugtraq subscribers understand a few key issues: * Most (MOST) posts to bugtraq get rejected * Many posts that eventually make it through to a secfocus list will have a comment such as 'moderator: please allow this because...' or 'this is the 3rd time I have tried to submit this...' * Security issues sent to bugtraq get 'sat on' by secfocus. Priority customers get priority notice. This is unacceptable. If I wish to alert the security industry to a new exploit, Bugtraq (traditionally) is the place to do so. However, if I send my info to bugtraq, secfocus will sit on this information, and make money from their priority customers for 'early warning'. * The bugtraq moderators are technically incapable of distinguishing real issues from fake or non-issues. * The bugtraq moderators have commercial interestes to look after. Do you think you will ever see Symantec-bashing posts? How long until symantec and microsoft cut some kind of non-disclosure deal? Obviously the bugtraq moderators cannot see any issues with obfuscated URL's that look like http://www.ebay.com%252f%40evil.site.goes.here. Maybe symantec should hire [EMAIL PROTECTED]? I'm sure he has the necessary expertise to fill this obvious knowledge-gap at secfocus. Regards, .F.D. >Hi! This is the ezmlm program. I'm managing the >[EMAIL PROTECTED] mailing list. > >I'm working for my owner, who can be reached >at [EMAIL PROTECTED] > >I'm sorry, your message (enclosed) was not accepted by the mode >rator. >If the moderator has made any comments, they are shown below. > >>>>>> -------------------- >>>>> >What does that accomplish? ><<<<< -------------------- <<<<< -----BEGIN PGP SIGNATURE----- Version: Hush 2.1 Note: This signature can be verified at https://www.hushtools.com wmMEARECACMFAj14DOscHGZvb2xkaXNjbG9zdXJlQGh1c2htYWlsLmNvbQAKCRAMkLNo e92H9dJmAJ4uvEG+UDnpH/H66Bxbg2sqC3KY5wCfSVnfnsaxG26Pt/EhsSXQem+YO0Q= =zwOh -----END PGP SIGNATURE----- Get your free encrypted email at https://www.hushmail.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
