Rebooting the Full Disclosure List 15
An anonymous reader writes with good news for advocates of Full Disclosure of security vulnerabilities. A week ago, the venerable full-disclosure list was shut down; now, a successor has arisen run by fyodor. From the announcement email: "As an F-D subscriber and occasional poster myself, I was as shocked as you all last week when John Cartwright threw in the towel and shuttered the list. Now I don't blame him one bit. He performed a thankless job admirably for 12 years and deserves some time off. But I, for one, already miss Full Disclosure. So I decided to make a new list today which is a successor in name and spirit. Like the old one, it uses Mailman and is being archived by my Seclists.org site as well as numerous other archives around the world. This list is a fresh start, so the old userbase won't automatically transfer over. And I haven't added any of you either, because it is your choice. ... I hope you'll join us and resume posting your security info and advisories. If not now, then someday."
Re:I suggest the ultimate legal protection: (Score:5, Interesting)
TOR is one idea but I think this would be a perfect place for the EFF to step in. Hosting full disclosure on their site would likely limit the legal harassment and is inline with their mission.
Re:I suggest the ultimate legal protection: (Score:4, Interesting)
TOR is one thing, but I'd rather have the EFF step in, so there isn't any appearance of the list being shady. It might be legal to hide in a back alley and make sales transactions in cash, but it is a lot better for first impressions to have a storefront and the appearance of being a mainstream service.
This FD list is probably one of the most critical items to general computer security we have next to a vetted cipher suite.