From owner-freebsd-security Tue Aug 27 12:55:30 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D133237B406 for ; Tue, 27 Aug 2002 12:55:21 -0700 (PDT) Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.157.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id B7FAF43E72 for ; Tue, 27 Aug 2002 12:54:25 -0700 (PDT) (envelope-from mark@grimreaper.grondar.org) Received: from storm.FreeBSD.org.uk (uucp@localhost [127.0.0.1]) by storm.FreeBSD.org.uk (8.12.5/8.12.5) with ESMTP id g7RIo8MA098593; Tue, 27 Aug 2002 19:50:08 +0100 (BST) (envelope-from mark@grimreaper.grondar.org) Received: (from uucp@localhost) by storm.FreeBSD.org.uk (8.12.5/8.12.5/Submit) with UUCP id g7RIo86Y098592; Tue, 27 Aug 2002 19:50:08 +0100 (BST) Received: from grimreaper.grondar.org (localhost [127.0.0.1]) by grimreaper.grondar.org (8.12.5/8.12.5) with ESMTP id g7RInvl5022584; Tue, 27 Aug 2002 19:49:57 +0100 (BST) (envelope-from mark@grimreaper.grondar.org) Message-Id: <200208271849.g7RInvl5022584@grimreaper.grondar.org> To: Jens Rehsack Cc: freebsd-security@FreeBSD.ORG Subject: Re: Administrivia: Discussion - Making this list subscriber-only References: <3D6BBF89.F3A028@liwing.de> In-Reply-To: <3D6BBF89.F3A028@liwing.de> ; from Jens Rehsack "Tue, 27 Aug 2002 20:06:01 +0200." Date: Tue, 27 Aug 2002 19:49:57 +0100 From: Mark Murray Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > > How will that stop off-topic chatter? > > Never. But neither your way does. I'm subscribed and I answer to your > off-topic post. So we both are the off-topic chatters you want stop. > Sure? :-) I am conducting this discussion under the "Administrativia" flag, so while it may be off-topic, it is of indirect-but-important relevance to the list. This is a focussed discussion that will cease abruptly when a conclusion is reached (hopefully!). > > > This allows to post validated senders only but keeps freedom to all > > > people who wants post. > > > > _Less_ freedom is actually needed. It is precisely that freedom which > > has allowed the list to become a question-and-answer (or HOWTO) list > > that has dropped the signal value so badly. > > Pardon, but IMHO this list is read by "security experts". So if I have > a security related question, I ask here. I'm a good developer, I have > many knowledge 'bout secure programming and know to protect my box > enough for stupids. But one the one hand there're many people who have > much less knowledge to security than me and on the other hand a lot > of guru's to me. Most of the real FreeBSD security experts avoid this list (or treat it as a "scan-only" list). The reason for this is the treatment of the list as "newbie questions welcome". That is not the original purpose of the list. > What I want to say with that: What is a stupid question to me or not > security related ot sth. else may important to others with other kind > of thoughts. What a sort of guys we'll be if we judge 'bout the security > relate of a posting? Fair question (if I understand you correctly). Relevant: o Policy issues o Security bug details or fixes to security holes. o Experience of effective defences, including documentation of known problems. o Interesting security-related code. ... etc. Off-topic: o Any common sysadmin task. o "Which should I use FOO, or BAR?" o Any topic which is more relevant to another list. o Spam, or replies to spam. ... etc. > So I cannot follow your way to close this list. If you want have a private > list, why you don't found your own one? I don't want a private list. I want a high-signal freebsd-specific one. > > Depends on the "end". Here I mean a dramatic drop in newbie questions > > Who decides what's a newbie question an what's not? You? Me? Santa Claus? > And everyone started on a small ground... - that's the way. There are places for newbie questions. This is not it. The list sort-of evolved towards this, and as this happened, the guru-factor droppeed, and the question-factor rose. The list is now a low-signal duplicate of -questions/-newbies. > > and a consequent increase in the technical content/discussion > > ratio. I also hope to attract back the security gurus, and thus > > further improve the signal content. > > This will not work. Let me explain what I believe what such a list > is for: I think, some people found a list for security related > discussions to make it much easier to help each other. Over the > month and years to original guru's are getting better and better > while the quality of the list in in everyone's mouth. So some more > guys and girls are subscribing to participate one every hint and a > lot of stressed people are just asking sth. and discuss just a small > (personal preferred) problem, an idea, sth. else. -Questions is a "help-each-other" list. So is USENET. We don't need any more, and unfortunately over time some folks have gotten used to this status quo. This may seem harsh, but such folks have a little unlearning to deal with. Sorry! :-) > And some of the guru's get bored, but many new guru candidates > subscribed, helped, talked and - sometimes - chatted 'bout security (I > remember an obfuscation discusion not long ago). That fact that some time in the past, this may have worked for individuals is, erm, unfortunate. I can go to extremes ("Theft works for robbers" etc), but I think you may understand me if I say the means does not justify the ends. > So in my opinion this list is good just as is. If you are much more > expirienced and wiser so you have two choices. Go away to a wisdom / > guru list or stay (what we all prefer) and let us have part of your > wisdom. You are welcome to stay, you are welcome to read. Pleas understand that I don't want you to go naway; I want you to accept a higher signal ratio, and nI want you to not (unwittingly) contribute to the noise :-) > I do not want defend idiots, but - please - there is a difference > between newbie (what I could be in the eyes of many) and idiots / > torks. Lets not get extreme - we mostly agree. Lets see how this initiative pans out. M -- o Mark Murray \_ O.\_ Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message