-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 n3td3v wrote: [...] > Furthermore, Secunia are the biggest "scene whore" professional > website in the industry.
Uhh, dude... the scene and the industry are essentially two different things. There's no such thing as a "professional scene whore" unless you're a) delusional or b) in Vegas. > Theres nothing on their site that wasn't available via other public sources. DUH. It's called *competition*. Should my neighborhood dollar store go out of business because, DUH, it's all available at Wal-Mart anyway? No. We call those monopolies. In the software industry, we call this monopoly Microsoft. Since you're so anti-corporate and all, you should already *know* that. That really takes an anti-corporate personality (or a lifetime in a cave) to call me "pro-Microsoft", now doesn't it? Especially amongst people here, I'm a pretty tough-to-please Microsoft critic. > With Secunia, its all about republish, republish, republish peoples shiz. You're slighting Secunia. At least Secunia does SOME original research. Further, the service that Secunia provides is one of centralization and organization. There are hundreds of points of delivery and discussion for original research, Secunia itself being one of them. Secunia, SecurityTracker, and a whole load of other similar services make an entire business out of mining those sources of information, *verifying* it (and believe me, I've seen flat-out wrong vuln reports before), and presenting it in a consistent, usable format. Is it a simple, almost trivial chore? Probably. Is it tedious and time consuming? You bet. If you'd ever administered a network with a few hundred or so machines with (if you're lucky) a handful of other people on your staff, you'd know. Each individual business or institution with assets to secure cannot feasibly afford the costs of doing independent intel gathering, even with something as basic as an alerting service. Otherwise, folk like Secunia wouldn't have a market. > And you want everyone to thank them for "secure" hosting? Don't kid a > kidder... Yeah... secure enough. And, oh by the way... it's free. Didn't your mommy teach you how to say "thank you" like a good little boy when strangers do nice things for you? Or do you just extort favors from people with your six-machine botnet from the latest Google Groups spam run? We're really shakin' now. > If they did something special with their website like Securityfocus > does, then I might be able to bare their illegal footer message spam "Illegal"? What planet/drug are you on? There's a small problem with your "legal theory" here. Secunia's sneaky footer insertion attack that renders e-mails to F-D oh-so-totally useless has a perfectly legal explanation, you see. THEY OWN THE SERVER. As in, you know, bought it, paid for it, and maintain it? I hope that's not too complicated for you. Next time you feel like criticizing Secunia (or anyone else), try finding a criticism that makes sense. > and their scene whore republication of advisories they claim are > Secunia exclusives. I'm not going to be one to defend Secunia here, but I don't think they claim that the raw information in MOST of their advisories is "exclusive". Granted, they sometimes make mistakes on crediting sources and supplementing information, but I haven't heard them make a claim that something public was "exclusive". Even in the case of their own research, they publicize it for the community and other normative sources rip it off in turn. The only semi-exclusive work they do (to my knowledge) is the data plotting (charting, graphing, etc.) that examines a few trends (number of advisories, risk levels of vulnerabilities, patches available, etc.) for specific products. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB5444D38 iD8DBQFERgI+fp4vUrVETTgRAwqTAJ45cA9Xb93BnK6JpTN8TwImjXJZBQCgkaGc jwrXILQi9IRBDd0M34hfY3c= =ZZ3q -----END PGP SIGNATURE-----
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
