[linux-help] Re: security list
[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
On Thu, Oct 02, 2003 at 02:22:52PM -0500, M. Osten wrote:
> I think you are right, I'm going to switch to Bugtraq as my main source
> of security info as I really don't want to know anyway. My vendors will
> keep me safe.
Now that is *not* what I am saying. Who are your evil vendors, anyway, and
why would you use products from people that do such things?
You haven't really made it clear which vendors you're talking about. Are
you talking about original authors (of things like sendmail and ssh),
integrators/distributors (Debian or RedHat), or someone else?
I'm not saying that Bugtraq is perfect or the only place a person should
watch. I'm just saying it's a good place for somebody that wants to keep
current on security without all the crap. It's the same reason that I read
LKML summaries rather than read all the posts there -- I don't have enough
time in the day to read through 1000 posts of spam, flame wars, and ego
trips just to get at the 10 insightful posts in the list.
It's also a good place to start for someone just beginning to be concerned
about security. There is a much higher probability of any randomly-chosen
post on Bugtraq being correct and informative than there is on
full-disclosure.
Yes, there are people for whom full-disclosure is a much better resource.
That doesn't mean that it's always better than Bugtraq.
-- John
-- This is the linux-help@xxxxxxxxx list. To unsubscribe,
visit http://www.complete.org/cgi-bin/listargate-aclug.cgi
|
|