Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Organization for Internet Safety (OIS) form ally announced

From: ron.ogle () thomson net (Ogle Ron (Rennes))
Date: Tue, 1 Oct 2002 19:01:46 +0200
You do notice that MITRE is NOT a member.  Why?  MITRE is mostly a US
Government sponsored organization, and the US Government through Richard
Clark has basically endorsed vulnerability discovery and hacking to put
pressure on companies to produce better software.  Kind of ironic, but the
tactic seems to be working.

The point is that Steven speaks for himself not that of MITRE.  So if the
security community doesn't put any credence or trust (Microsoft?) into this
group, then it is good as dead on arrival.  It is clear that the US
Government will not back it.

The threat would be that Microsoft with its billions would lobby Congress to
enact some type of law.  So we have to be vigilant and poignant from a
grass-roots level and let the Congressmen know what is right.

Ron Ogle
Rennes, France


Date: Tue, 01 Oct 2002 14:22:19 +0300
From: Georgi Guninski <guninski () guninski com>
Reply-To: guninski () guninski com
To: "Steven M. Christey" <coley () linus mitre org>
CC: full-disclosure () lists netsys com
Subject: Re: [Full-disclosure] Organization for Internet 
Safety (OIS) formally
 announced

So this is a bunch of companies, now what?
I want to question the credibilty of this bunch.
Everyone can register an .org and claim to be the most 
important bunch on earth.

....


Georgi Guninski
http://www.guninski.com

Steven M. Christey wrote:

....

The founding members are: @stake, BindView, Caldera 

International (The

SCO Group), Foundstone, Guardent, ISS, Microsoft, NAI, Oracle, SGI,
and Symantec.

Note that my employer, MITRE, is not a member of OIS.  This often
causes confusion because I have been involved in writing documents
that OIS may use as part of their own policies.


...

The FAQ should be of high interest to anybody who does vulnerability
research.

- Steve
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: