Administrivia: Adverts

[Andrew van der Stock <vanderaj () greebo net>]

Hi there,

I do not speak for Security Focus or Symantec, so this is not an  
official Security Focus position - it's mine in the absence of a  
proper response from SF.

This list is moderated (by me), but I am not Security Focus. Please  
understand my role. I get about 100-150 posts per day to the  
webappsec list, of which 95-99.99% are spam. I quickly inspect each  
post, and as long as it seems mostly okay and on topic, I let it  
through, even the somewhat dodgy ones. I don't check URLs. I don't  
check the facts of the post. I don't summarize or change the text -  
it's 100% you folks.

I moderate not to censor (although I prefer polite discourse), but  
moderate to eliminate spam and to keep posts (mostly) on topic. That  
way you don't get the latest generous offers from our 419 mugu or  
offtopic chat about the hot muggy summer we are having here in  
Melbourne. I aim for a fairly focussed web application security  
discussion, even if it becomes heated from time to time.

SF did not tell me the ads were coming - it just happened. However in  
their favor, they have provided a worthy free resource to the  
security community for many years. Similar mail services, such as  
SourceForge's mail lists (which OWASP uses) have had ads for many  
years without complaint. I don't think it's realistic to expect that  
popular free services can remain free forever.

I disagree with the method of their imposition (it just happened),  
and I disagree with the lack of differentiation between our posts and  
the ads, but I believe they are here to stay. In that vein, when I  
received Amit's original e-mail last week, I wrote to my contact at  
Security Focus with the request that they make the ads distinct from  
our posts. I have yet to hear back, and obviously, they have not  
changed the ad header either. This is somewhat disappointing.

However, until I hear back from them, I will not be approving any "me  
too" posts to the list to avoid noise pollution.

thanks,
Andrew

On 10/01/2006, at 10:43 PM, Peter Conrad wrote:

> Am Dienstag, 10. Januar 2006 11:38 schrieb Ory Segal:
> > If you disagree with SecurityFocus' advertising methods, you should
> > direct your opinion directly to them.
>
> since the list is moderated I'm pretty sure my posting has
> reached them. The subject affects all subscribers, therefore posting
> to the list was the right thing to do. In fact, I only responded to
> a thread started by someone else.

-------------------------------------------------------------------------------
Watchfire's AppScan is the industry's first and leading web application 
security testing suite, and the only solution to provide comprehensive 
remediation tasks at every level of the application. See for yourself. 
Download AppScan 6.0 today.

https://www.watchfire.com/securearea/appscansix.aspx?id=701300000003Ssh
-------------------------------------------------------------------------------