Here's an interesting little drama that's been playing out recently. Since Symantec has taken over Security Focus, apparently they have started censoring posts on the mailing lists. I had heard a lot of anecdotal evidence of this. On the Focus-IDS mailing list a number of people who slammed ManHunt got censored. One of the posts pointed out the BS in ManHunt's marketing fluff and it was deleted it within hours. Ah well. In the land of Symantec, the one-eyed IDS will be king. Anyway, looks like a movement is a afoot to get away from Security Focus and their lists, specfically BugTraq. See article at: http://www.eweek.com/article2/0,3959,974781,00.asp ----------- A Danish security company, angry over what it perceives as censorship on several popular mailing lists, is launching "a revolution to remove SecurityFocus and CERT from power." At present, the revolution consists of a new mailing list that will aggregate vulnerability advisories and other security-related reports from a variety of sources. Employees of Secunia Ltd. will take advisories from these sources, research and verify them and then submit them to the new list. The list, known as the Secunia Security Advisories List, is designed to compete with lists such as SecurityFocus' BugTraq and to complement more open lists, including VulnWatch and Full-Disclosure, Secunia executives say. Company executives are upset with the direction that BugTraq has taken since Symantec Corp. acquired SecurityFocus last year. "The problem with SecurityFocus is not that they moderate the lists, but the fact that they deliberately delay and partially censor the information," said Thomas Kristensen, chief technology officer of Secunia, based in Copenhagen, Denmark. "Since they were acquired by Symantec, they changed their policy regarding BugTraq. Before they used to post everything to everybody at the same time. Now they protect the interests of Symantec, delay information and inform their customers in advance. This is a problem as only companies who pay over $30,000 can get access to this information."
This archive was generated by hypermail 2b30 : Mon Mar 31 2003 - 18:14:44 PST