On 04/12/2011 09:04 AM, phil wrote: > Just keep that simple, the post hit the non acceptable content. > > "Gratuitous advertisement, product placement, or self-promotion is > forbidden." > > > > My opinion, but if the product could be free, like it was, then I don't > mind seeing those kind of post, but for anything commercial FD is not > there for that. > I agree, but think that intuition should be inscribed in more precise language. That whole sentence starts out with "Gratuitous", which to me seems to be unclear to both native and non-native speakers alike. IMHO It's just too easy to justify to yourself that what you are doing is does not violate wording of the charter, and therefore I think the charter should be more explicit. When would it be OK(non-gratuitous) to mention a tool? When it comes with a new vulnerability class? When it was used to find a particular flaw? When it shows a novel way of finding flaws of a particular class? When the tool is Open Source, such that the tool is an embodiment of knowledge being shared? This whole issue with INSECT Pro show a lack of consensus on what advertisement means, and what kicked it off was a disagreement about what the definition of a "free" product is. I'm coming around to the idea that the rules should be based on knowledge transfer. My intuition is that only projects with OSI approves licenses should be allowed(as Tim argued), unless you are releasing a tool of any sort along with a new class of vulnerability. Also, announcements of more then 1 per six months should be forbidden for any project. This would serve as a sort of default deny rule to keep the most annoying types of announcements at bay. Any other thoughts? The other posibility is the current wording sufficient as a simple "Don't be a dick" kind of rule, and more specific rules would be lost on those who have no problem with being a dick. I would argue that more guidance in the charter on this issue might be worthwile for the majority of people who do not in fact want to break Wheaton's law. > > -phil > -- | Steven Pinkham, Security Consultant | | http://www.mavensecurity.com | | GPG public key ID CD31CAFB |
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/