Secunia Drops Public Listing of Vulnerabilities 19
New submitter CheckeredShirt writes: Vulnerability aggregator Secunia just announced on a forum post that they will no longer provide public access to advisories newer than 9 months. According to Secunia they, "frequently encounter organizations engaged in wrongful use of Secunia Advisories," and that VIM customers, "have full access to all advisories." While Secunia is under no obligation to provide their aggregated vulnerabilities they've been doing it for over 10 years. The information they provide is primarily from public sources.
So What? Another Will Eat Their Lunch (Score:5, Insightful)
Another bright individual or group will see the opportunity and absorb the users Secunia leaves behind, eventually rendering Secunia irrelevant.
If Secunia is determined to cripple itself, that's their call. The rest of the internet will not follow them over that cliff.
Strat
Re: (Score:1)
Someone else can take in the abusers and the freeloaders.
Re: (Score:3)
Yep. Secunia just created an opportunity to make a bit of cash at their expense.
You mean someone will collect the data from all over the internet, then sell the collection (and provide automated alarms by email or text message) - just like Secunia does? Or will they provide it for free, add supported - and after a few weeks will close shop, because others copied their data, and did the same? So, not quite exactly what Secunia does?
Slashdot drama (Score:4, Informative)
According to Secunia they, "frequently encounter organizations engaged in wrongful use of Secunia Advisories,"
According to Secunia: "The decision was made to avoid abuse of the advisories for commercial use, and because we frequently encounter organizations engaged in wrongful use of Secunia Advisories." - include that part also from the forum post and avoid much of the "Slashdot drama"...
Re: (Score:2)
So the editor essentially lied to us by leaving that part out?
Re: (Score:1, Funny)
So the editor essentially lied to us by leaving that part out?
Well, let's not make it so dramatic by using this "lie" word - as a Greek i think that they just used some of my famous ancestors' ways of making the narrative a bit more tragic by excluding some parts from the prologue... it makes theater more interesting, let's not complain so much and just enjoy this comedy my friend!
Ha! (Score:5, Funny)
and that VIM customers, "have full access to all advisories."
Ha! Take that, Emacs users! ;P
Re: (Score:3)
Completely off-topic, but in reference to your sig:
I prefer the phrasing, "Set a man a fire, and he'll be warm for the night. Set a man afire, and he'll be warm for the rest of his life." The wordplay is a little better that way.
Re: (Score:2)
and that VIM customers, "have full access to all advisories."
Ha! Take that, Emacs users! ;P
You joke about the confusion - but one VIM (the editor) update from RedHat actually wiped the data from the self-hosted version of VIM (from Secunia).
FBI (Score:1)
NSL
Re: (Score:2)
I stopped using Secunia as a primary source a long time ago due to some other issues I had with their actions (I don't clearly remember what it was, though). I've been using CVE-Details for a while now, in large part because they link to so many outside resources (including working exploit code in some cases) that it's just more useful overall. It doesn't catch everything (not every vuln gets a CVE number), but it gets enough and provides better summary data than most.
Pot. Kettle. Black. (Score:2)
Abuse for commercial reasons (Score:2)
Maybe this'll mean Secunia will stop sending me UCE, which is an abuse of email, for their commercial reasons?
Good riddance! (Score:1)