Nmap's Fyodor restarts the Full Disclosure mailing list
Posted on 26 March 2014.
The Full Disclosure mailing list is back on track, with Nmap's Gordon "Fyodor" Lyon picking up the mantle put down by John Cartwright.

"Upon hearing the bad news, I immediately wrote to John offering help. He said he was through with the list, but suggested: 'You don't need me. If you want to start a replacement, go for it,'" he explained how the transition happened.

And, after some soul searching, he did.

"Some have argued that we no longer need a Full Disclosure list, or even that mailing lists as a concept are obsolete. They say researchers should just Tweet out links to advisories that can be hosted on Pastebin or company sites. I disagree," he noted in the post announcing his "takeover". "Mailing lists create a much more permanent record and their decentralized nature makes them harder to censor or quietly alter in the future."

"I'm already quite familiar with handling legal threats and removal demands (usually by ignoring them) since I run Seclists.org, which has long been the most popular archive for Full Disclosure and many other great security lists. I already maintain mail servers and Mailman software because I run various other large lists including Nmap Dev and Nmap Announce," he explained.

Previous members of the mailing list are asked to subscribe again, and new are welcome, as the list starts afresh.

"The new list must be run by and for the security community in a vendor-neutral fashion. It will be lightly moderated like the old list, and a volunteer moderation team will be chosen from the active users. As before, this will be a public forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community." Fyodor clarified.

He also added that vendor legal intimidation and censorship attempts won't be tolerated.









Spotlight

How security analytics help identify and manage breaches

Posted on 30 July 2014.  |  Steve Dodson, CTO at Prelert, illustrates the importance of security analytics in today's complex security architectures, talks about the most significant challenges involved in getting usable information from massive data sets, and much more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Jul 31st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //