Re: Product review postings (was Administrivia)

From: Volker Kindermann (bugtraqat_private)
Date: Tue Jul 08 2003 - 13:04:14 PDT

Next message: clarke-cummingsat_private: "RE: Product review postings (was Administrivia)"

Previous message: Sabol, Paul: "RE: Unusual Web Server"
In reply to: David J. Meltzer: "RE: Product review postings (was Administrivia)"
Next in thread: Matt D. Harris: "Re: Product review postings (was Administrivia)"
Next in thread: Mark C. Langston: "Re: Product review postings (was Administrivia)"
Next in thread: Gwendolynn ferch Elydyr: "Re: Product review postings (was Administrivia)"
Reply: Matt D. Harris: "Re: Product review postings (was Administrivia)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> I have in the past (years pre-securityfocus) been personally attacked
> with lies about products I've been involved in by anonymous authors,
> and I, like Al, have seen that anonymous cowards can make a real
> impact if given the audience.  That audience will always exist on
> full-disclosure and other unmoderated lists, but I don't think there
> is any reason SF needs to give them a forum. 

I don't share your experience regarding lies about products. But I want
kind of "full disclosure" here on the list. If a product is bad for a
certain requirement you must have the opportunity to tell others that
ask. There are so much bad products out there that promise you the end
of all problems but if you use them, you find bugs and errors all the
time. These lists here shouldn't be a marketing forum, nor shouldn't
they be a place for flame wars. But they should be a place for
vendor-independent product reviews and opinions if asked by others.


> Fact is, the posts that are most harmful don't come across as "y0ur
> pr0dukt sukz", they are carefully written by intelligent folks who
> insert their lies into coherent sentences.  Even with an equally
> intelligent statement refuting it by the vendor, there is no real way
> for a 3rd party observer to know who is telling the truth.

In this case it should be easy for the vendor to provide a trial version
to show all interested clients the capabilities of the product.

David, don't get me wrong, but I've made the experience over the years
that mostly the vendors are telling lies about their products, not the
users.

 -volker

---------------------------------------------------------------------------
The Lightning Console aggregates IDS events, correlates them with 
vulnerability info, reduces false positives with the click of a button, anddistributes this information to hundreds of users.

Visit Tenable Network Security at http://www.tenablesecurity.com to learn 
more.
----------------------------------------------------------------------------

Next message: clarke-cummingsat_private: "RE: Product review postings (was Administrivia)"
Previous message: Sabol, Paul: "RE: Unusual Web Server"
In reply to: David J. Meltzer: "RE: Product review postings (was Administrivia)"
Next in thread: Matt D. Harris: "Re: Product review postings (was Administrivia)"
Next in thread: Mark C. Langston: "Re: Product review postings (was Administrivia)"
Next in thread: Gwendolynn ferch Elydyr: "Re: Product review postings (was Administrivia)"
Reply: Matt D. Harris: "Re: Product review postings (was Administrivia)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jul 08 2003 - 14:39:12 PDT