<< Apple Should Embrace The Rumor Mongerers  |  Follow The Yahoo! Changing Mail Story >>

Deals

Deals

by Mike Masnick

Wed, Jul 17th 2002 6:25pm




Symantec Buys SecurityFocus/BugTraq

from the who-can-you-trust? dept

Symantec today announced they have purchased SecurityFocus, along with its BugTraq mailing list for $75 million. BugTraq, of course, is the main list to find out about where major security holes are. There are now a ton of people wondering just how quickly Symantec will screw up SecurityFocus. While the folks at SecurityFocus insist that Symantec has assured them they'll be able to continue without changing anything, many aren't so sure. Symantec has a history of overhyping virus warnings, and if they see BugTraq as a way to do the same thing for security holes, that could be a problem. At the same time, Symantec, as a big corporation may have incentive to hold back certain security hole info to protect their corporate relationships. Of course, what will probably happen is that a new independent source for security holes will soon pop up, and BugTraq will lose a lot of its value.

1 Comments | Leave a Comment..

 
 

Reader Comments

(Flattened / Threaded)

    Jul 17th, 2002 @ 8:22pm

  • Bugtraq more screwed up than it already is?

    by LittleW0lf

    Bugtraq hasn't been the same for a very long time...ever since Aleph1 turned over the mailing list to the corporate weenies.

    Used to be that anyone with a bug didn't have to worry about whether or not they were "recognizable" enough to post. "Full disclosure" was a status quo, and Aleph1 pushed anything on the list worth posting onto the list. I remember asking him a few times whether something was worth posting, to which he would say that if it was a bug it was worth posting.

    Now it seems more and more of the bug reports which should be posted are being "lost". I've had a number of my bug reports (which were accepted elsewhere (i.e. Mitre CVE),) rejected or timed out. Seems like now-a-days, the only folks to be able to post are those from recognizable "hacker" groups or those companies which are in bed with SecurityFocus. Gweed was definately right, bugtraq has become nothing more than a place to show off your security company...Free PR for ISS and companies like that, who can post irresponsible bug reports for the sole purpose of sales, or Gobbles for the sole purpose of histerical and unfactual political rants.

    I've found that the other vulnerability mailing lists tend to be much more responsive, less political or sales oriented.

    (reply to this comment) (link to this comment)

Add Your Comment

Have a Techdirt Account? Sign in now.
Get Techdirt’s Daily Email
Plain Text HTML
Save me a cookie
  • Plain Text: A CRLF will be replaced by break <br> tag, all other allowable HTML is intact
  • HTML: No formatting of any kind is done without explicitly being written in
  • Allowed HTML Tags: <b> <i> <p> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Close
Have a Techdirt Account? Sign in now.
Get Techdirt’s Daily Email
Plain Text HTML Save me a cookie

<< Apple Should Embrace The Rumor Mongerers  |  Follow The Yahoo! Changing Mail Story >>

Search Techdirt
And now, a word from our Sponsors..
San Francisco Music Tech 2009
15% off discount for Techdirt Readers



Subscribe to Techdirt's Daily Email Newsletter

Techdirt's Daily Email Newsletter

Related Stories

Smashing Pumpkins Latest To Embrace Free Music... With A Reason To Buy (24)

Diebold Finally Dumps E-Voting Division... But Sells It To Equally Problematic ES&S (26)

GGF Shareholders Approve Pirate Bay Buy... But No One Knows Where The Money Is (8)

Big Media Companies Buying Local News Startups... Newspapers Bitch About Competition (5)

Pirate Bay Sale Looking Even Less Likely (12)

Close
E-mail It