Nmap's Fyodor restarts the Full Disclosure mailing list
Posted on 26 March 2014.
The Full Disclosure mailing list is back on track, with Nmap's Gordon "Fyodor" Lyon picking up the mantle put down by John Cartwright.

"Upon hearing the bad news, I immediately wrote to John offering help. He said he was through with the list, but suggested: 'You don't need me. If you want to start a replacement, go for it,'" he explained how the transition happened.

And, after some soul searching, he did.

"Some have argued that we no longer need a Full Disclosure list, or even that mailing lists as a concept are obsolete. They say researchers should just Tweet out links to advisories that can be hosted on Pastebin or company sites. I disagree," he noted in the post announcing his "takeover". "Mailing lists create a much more permanent record and their decentralized nature makes them harder to censor or quietly alter in the future."

"I'm already quite familiar with handling legal threats and removal demands (usually by ignoring them) since I run Seclists.org, which has long been the most popular archive for Full Disclosure and many other great security lists. I already maintain mail servers and Mailman software because I run various other large lists including Nmap Dev and Nmap Announce," he explained.

Previous members of the mailing list are asked to subscribe again, and new are welcome, as the list starts afresh.

"The new list must be run by and for the security community in a vendor-neutral fashion. It will be lightly moderated like the old list, and a volunteer moderation team will be chosen from the active users. As before, this will be a public forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community." Fyodor clarified.

He also added that vendor legal intimidation and censorship attempts won't be tolerated.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 4th