Re: [ISN] Symantec to buy three security firms

From: InfoSec News (isnat_private)
Date: Fri Jul 19 2002 - 08:57:27 PDT

  • Next message: InfoSec News: "[ISN] Online Security Incidents Jump in 2002"

    Forwarded from: Chris Wysopal <cwysopalat_private>
    
    There already is an independent list for disclosing vulnerabilities.  
    It is vulnwatchat_private  Vulnwatch was created a year ago by
    Steve Manzuik, Rain Forest Puppy, and me.  We saw the industry relying
    on a single point of failure for getting out timely vulnerability
    information.
    
    We are the current moderators but we are in the process of adding 2
    new moderators whose names you will recognize if you follow
    advisories.  We are still looking for a moderator from the far east or
    hawaii to reach our goal of 24 hour moderation coverage.  As it stands
    now RFP needs to stay up until 2am. :)
    
    Vulnwatch has over 4000 subscribers.  It is an all vulnerability list.  
    No discussion.  Vendor bulletins are only approved if they add new
    information.  The idea is fresh vulnerability information straight up.
    You can take a look at the archives to get a feel for the list:  
    http://archives.neohapsis.com/archives/vulnwatch/2002-q3/ Subscription
    info at www.vulnwatch.org.
    
    -Chris
    
    
    
    InfoSec News wrote:
    > http://www.nwfusion.com/news/2002/0717syman2.html
    > 
    > [Several ISN readers sent word of the $355 million Symantec buying
    > spree, and you start to wonder how much more $$$ Symantec has
    > sitting in the petty cash box for future acquisitions and whose
    > next? Other questions come to mind, since Symantec has a track
    > record of overhyping virus warnings, who isn't to say that the same
    > won't become the norm with security holes? also troubling me is that
    > Symantec being the large one-stop security group it is now, might
    > hold onto security vulerabilties of Symantec products. Lastly, if
    > some of these fears become reality, you have to wonder if there's
    > going to be a new independent mailing list for security
    > vulnerabilities. ;)  - WK]
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Fri Jul 19 2002 - 12:04:05 PDT