* Len Rose wrote on Thu, Jan 30, 2003 at 09:22 -0500: [...] > With the recent evidence that CERT informed it's paying members about the > Sapphire SQL worm before the rest of the world should now indicate that > they too are not a useful resource for timely and open security information. [...] > and the security information it hopes to provide > may well become illegal (at least here in the US) > > To summarize my opinion, I feel that security information must simply be > made available to as many people as possible as quickly as possible, and > let corporations, systems staff, and security professionals handle the > problems. "The public has a right to know.."
So we need a non-US OpenCERT? When the US laws make it illegal to know about incidents, I think finally incidents will need to be reported for and from non-US only, hum. Aren't the current practices here looking like steps backward? Still confused... oki, Steffen -- Dieses Schreiben wurde maschinell erstellt, es tr�gt daher weder Unterschrift noch Siegel. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
