[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] A funny (but real) story for XMAS

To: full-disclosure@lists.netsys.com
Subject: Re: [Full-Disclosure] A funny (but real) story for XMAS
From: madsaxon <madsaxon@direcway.com>
Date: Tue, 16 Dec 2003 09:18:36 -0600

At 09:38 AM 12/16/2003 -0500, Jeffrey.Stebelton@bisys.com wrote:

What
exactly is supposed to "suck" about the site, I wonder??


I don't know that anyone believes the site itself "sucks."
There are those who have an objection to the fact that
CERT is taxpayer-funded, yet charges a fee for its 'premium'
services; i.e., for earliest notification.  For those of us
who don't pay that fee, CERT advisories most often come along
far too late to do any good. Add to that numerous charges of
conflict of interest and less than sterling competence,
and you can see that CERT is perhaps not the resource they
would like you to believe.

Here's Jericho's rant outlining some of the issues:

http://www.attrition.org/security/rant/z/jericho.007.html

There are myriad others available with a little Googling.

The reason OSVDB isn't well populated yet is that each
vulnerability has to be evaluated and written up afresh
in order to avoid violating any existing DB's copyrights.
That takes time.  If you want to shorten that time, go
volunteer. :-)

m5x

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] A funny (but real) story for XMAS
  - From: "Kurt Seifried" <listuser@seifried.org>

Prev by Date: Re: [Full-Disclosure] A funny (but real) story for XMAS
Next by Date: Re: [Full-Disclosure] PayPal issues another blow to user security
Previous by thread: Re: [Full-Disclosure] A funny (but real) story for XMAS
Next by thread: Re: [Full-Disclosure] A funny (but real) story for XMAS
Index(es):
- Date
- Thread