|
|
ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #294 [Re: ~uucp/.forward] (1 message, 1052 bytes)
SOURCE: http://securitydigest.org/exec/display?f=phage/archive/294.txt&t=text/plain
NOTICE: securitydigest.org recognises the rights of all third-party works.
START OF DOCUMENT
From: Gene Spafford <spaf>
To: phage
Date: Wed 17:19:51 23/11/1988 EST
Subject: Re: ~uucp/.forward
References:
[Thread Prev: 291]
[Thread Next: 272]
[Message Prev: 295]
[Message Next: 298]
From here the view is that this list isn't for posting anything about security flaws in programs unless a simple fix accompanies it. I really don't want this to turn into a security mailing list...we've got enough of those already. This list is going to wind down and go away before too long if that is what it becomes. The reason I'm keeping this list at all is to try to talk about some of the meta-issues: what steps do we take to prevent the next worm? What reactions are companies having to all this? Etc. From the mail I sent out last week: I see the following topics as being some of the things this list is appropriate for; other topics may also be suggested: * How do we prevent future attacks like this? * What is the best way to publicize seccurity problems and fixes? * How can we communicate next time there is a problem that fragments the Internet? * How has the media covered this event? What can we do to make future coverage better? * Can we coordinate some kind of security audit of network software? Should we? Or should this be left just to Berkeley and vendors? Although I am interested in the following topics, I think they are not appropriate for this list: * What punishment should the "wormer" get? * What is the $$ amount of damages involved and how do we tell? * What motivated RTM (allegedly) to do this? * Was it a wrong thing to do this? (I exclude this topic because I feel it is incredibly insulting to anyone who uses computers responsibly. The majority of us feel it was wrong, and this list is not a place to debate matters of degree.) --spaf
END OF DOCUMENT
ISSN 1742-948X 01 (Online) | 2005/03/01 | Copyright 2002-2008 securitydigest.org. All rights reserved. |