Nmap's Fyodor restarts the Full Disclosure mailing list
Posted on 26 March 2014.
The Full Disclosure mailing list is back on track, with Nmap's Gordon "Fyodor" Lyon picking up the mantle put down by John Cartwright.

"Upon hearing the bad news, I immediately wrote to John offering help. He said he was through with the list, but suggested: 'You don't need me. If you want to start a replacement, go for it,'" he explained how the transition happened.

And, after some soul searching, he did.

"Some have argued that we no longer need a Full Disclosure list, or even that mailing lists as a concept are obsolete. They say researchers should just Tweet out links to advisories that can be hosted on Pastebin or company sites. I disagree," he noted in the post announcing his "takeover". "Mailing lists create a much more permanent record and their decentralized nature makes them harder to censor or quietly alter in the future."

"I'm already quite familiar with handling legal threats and removal demands (usually by ignoring them) since I run Seclists.org, which has long been the most popular archive for Full Disclosure and many other great security lists. I already maintain mail servers and Mailman software because I run various other large lists including Nmap Dev and Nmap Announce," he explained.

Previous members of the mailing list are asked to subscribe again, and new are welcome, as the list starts afresh.

"The new list must be run by and for the security community in a vendor-neutral fashion. It will be lightly moderated like the old list, and a volunteer moderation team will be chosen from the active users. As before, this will be a public forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community." Fyodor clarified.

He also added that vendor legal intimidation and censorship attempts won't be tolerated.


eBook: Cybersecurity for Dummies

Posted on 16 December 2014.  |  APTs have changed the world of enterprise security and how networks and organizations are attacked. These threats, and the cybercriminals behind them, are experts at remaining hidden from traditional security while exhibiting an intelligence, resiliency, and patience that has never been seen before.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Dec 18th