[prev in list] [next in list] [prev in thread] [next in thread]
List: best-of-security
Subject: BoS: BOS Changes [read]
From: Julian Assange <proff () suburbia ! net>
Date: 1996-05-05 8:26:30
[Download RAW message or body]
BOS was inactive for a few days while I disposed of majordumbo [ Sorry
Brent ;] in favour of SmartList, slightly rewritten, to add the
few majordomo features that were missed. Below follows the updated
subscription information.
[[[]]]
Best of all available security resources.
_/_/_/ _/_/ _/_/_/
_/ _/ _/ _/ _/
_/_/_/ _/ _/ _/_/
_/ _/ _/ _/ _/
_/_/_/ _/_/ _/_/_/
Best Of Security
"echo subscribe|mail best-of-security-request@suburbia.net"
or
"echo subscribe|mail best-of-security-request-d@suburbia.net"
(weekly digest)
REASONS FOR INCEPTION
---------------------
In order to compile the average security administrator, it was found
that the compiler had to parse a foreboding number of exceptionally
noisy and semantically devoid data sets. This typically resulted in
dramatically high load averages and a frightening increase in core
entropy.
Further, the number, names and locations of required datum seem to
change on an almost daily basis; requiring tedious version control
on the part of the mental maintainer.
OVERVIEW
---------
Best-of-Security is at presently moderated randomly based on a
cryptographically secure RNG. Bizarre? Sound strange given our
stated purpose of massive entropy reduction? Because best often
equates with "vital" and the moderator doesn't have an MDA habit it
is important that material sent to this list be delivered to its
subscribers' in as minimal period of time as is (in)humanly
possible. [ Actually, that isn't the only reason; following the
Prodigy liability verdict, content-active moderators were found to
have the legal burdens of regular publishers. BOS gets some dubious
people posting very interesting things from undisclosed sources.
-Mod ]
If you find information from *any* source (including other
mailinglists, newsgroups, conference notes, papers, etc) that fits
into one of the acceptable categories described at the end of this
document then you should *immediately* send it to
"best-of-security@suburbia.net". Do not try and predict whether or
not someone else will send the item in question to the list in the
immediate future. Unless your on a time-delayed mail vector such as
polled uucp or the item has already appeared on best-of-security,
mail the info to the list! Even if it is a widely deployed piece of
information such as a CERT advisory the proceeding argument still
applies. If the information hasn't appeared on this list yet, then
SEND IT. It is far better to run the risk of minor duplication in
exchange for having the information out where it is needed than act
conservatively about occasional doubling up on content.
We do, of course take original posts. In the famous last words of
Marylin Munroe, CORE Digest and Joachim Kroll: "meat, we want meat".
Consult the below lists for what we will and will not accept.
WILL WILL WILL WILL WONT WONT WONT WONT
DO DO DO DO DONT DONT DONT DONT
------------------- -------------------
8lgm, cert, ciac, dod and other Any flames.
non-vendor advisories. Any questions.
Vendor advisories of security Any rumors.
weaknesses in own or other products. Sigs with >2 lines of
Vendor new security-product line commercial information.
release or MAJOR upgrade. Minor upgrade information.
Fully disclosed security weaknesses. "there is a hole in X"
Exploitation details. Any advertising.
Exploitation code. Subscription, unsubscription or
Patch code. mailing list queries.
Patch announcements. Any requests.
Hard to obtain or otherwise occulted Vague or incomprehensible
source code or uuencoded executables. statements of dysfuctional
Conference announcements. persons.
Security tools. Opinionated rantings such as
Blond jokes. those on the ethics of full
NEW or hard to obtain security disclosure or computer hackers.
documents (ascii), or pointers to Quotes from the Uliad.
the location of such documents/papers. Old or otherwise well known
Announcements of new security archives information or pointers to
or mailinglists. that information.
Human language translations of the above. Messages under 700 bytes.
SUBSCRIBING
-----------
Send mail to:
best-of-security-request@suburbia.net
or
best-of-security-request-d@suburbia.net (digest)
with the subject or body of:
subscribe
UN-SUBSCRIBING
-------------
Send mail to:
best-of-security-request@suburbia.net
or
best-of-security-request-d@suburbia.net (digest)
with the subject or body:
unsubscribe
POSTING
-------
To send a message to the list, address it to:
best-of-security@suburbia.net
ARCHIVES
--------
Back issues of best-of-security digest are available from:
ftp://suburbia.net/pub/mailinglists/best-of-security
You can also instruct the mailing list processor to automatically scan and
retrive messages from the archive. It understands thethe following commands:
get filename ...
ls directory ...
egrep case_insensitive_regular_expression filename ...
maxfiles nnn
version
Aliases for 'get': send, sendme, getme, gimme, retrieve, mail
Aliases for 'ls': dir, directory, list, show
Aliases for 'egrep': search, grep, fgrep, find
Lines starting with a '#' are ignored.
Multiple commands per mail are allowed.
Setting maxfiles to zero will remove the limit (to protect you against
yourself no more than maxfiles files will be returned per request).
Egrep supports most common flags.
Examples:
ls latest (the latest directory containes the archived messages)
get latest/12
egrep some.word latest/*
TECHNICAL
---------
The list processor software is based on the excellent Procmail/Smartlist
by Stephen R. van den Berg <berg@pool.informatik.rwth-aachen.de> with
some minor extensions by Julian Assange <proff@suburbia.net>.
"I mean, after all; you have to consider we're only made out of dust. That's
admittedly not much to go on and we shouldn't forget that. But even
considering, I mean it's sort of a bad beginning, we're not doing too bad. So
I personally have faith that even in this lousy situation we're faced with we
can make it. You get me?" - Leo Burlero/PKD
+---------------------+--------------------+----------------------------------+
|Julian Assange RSO | PO Box 2031 BARKER | Secret Analytic Guy Union |
|proff@suburbia.net | VIC 3122 AUSTRALIA | finger for PGP key hash ID = |
|proff@gnu.ai.mit.edu | FAX +61-3-98199066 | 0619737CCC143F6DEA73E27378933690 |
+---------------------+--------------------+----------------------------------+
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic