Date: Tue, 27 Aug 2002 19:49:57 +0100 From: Mark Murray <mark@grondar.za> To: Jens Rehsack <rehsack@liwing.de> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Administrivia: Discussion - Making this list subscriber-only Message-ID: <200208271849.g7RInvl5022584@grimreaper.grondar.org> In-Reply-To: <3D6BBF89.F3A028@liwing.de> ; from Jens Rehsack <rehsack@liwing.de> "Tue, 27 Aug 2002 20:06:01 %2B0200." References: <3D6BBF89.F3A028@liwing.de>
next in thread | previous in thread | raw e-mail | index | archive | help
> > How will that stop off-topic chatter?
>
> Never. But neither your way does. I'm subscribed and I answer to your
> off-topic post. So we both are the off-topic chatters you want stop.
> Sure?
:-)
I am conducting this discussion under the "Administrativia" flag, so
while it may be off-topic, it is of indirect-but-important relevance
to the list.
This is a focussed discussion that will cease abruptly when a conclusion
is reached (hopefully!).
> > > This allows to post validated senders only but keeps freedom to all
> > > people who wants post.
> >
> > _Less_ freedom is actually needed. It is precisely that freedom which
> > has allowed the list to become a question-and-answer (or HOWTO) list
> > that has dropped the signal value so badly.
>
> Pardon, but IMHO this list is read by "security experts". So if I have
> a security related question, I ask here. I'm a good developer, I have
> many knowledge 'bout secure programming and know to protect my box
> enough for stupids. But one the one hand there're many people who have
> much less knowledge to security than me and on the other hand a lot
> of guru's to me.
Most of the real FreeBSD security experts avoid this list (or treat it
as a "scan-only" list). The reason for this is the treatment of the
list as "newbie questions welcome". That is not the original purpose
of the list.
> What I want to say with that: What is a stupid question to me or not
> security related ot sth. else may important to others with other kind
> of thoughts. What a sort of guys we'll be if we judge 'bout the security
> relate of a posting?
Fair question (if I understand you correctly).
Relevant:
o Policy issues
o Security bug details or fixes to security holes.
o Experience of effective defences, including documentation of known
problems.
o Interesting security-related code.
... etc.
Off-topic:
o Any common sysadmin task.
o "Which should I use FOO, or BAR?"
o Any topic which is more relevant to another list.
o Spam, or replies to spam.
... etc.
> So I cannot follow your way to close this list. If you want have a private
> list, why you don't found your own one?
I don't want a private list. I want a high-signal freebsd-specific one.
> > Depends on the "end". Here I mean a dramatic drop in newbie questions
>
> Who decides what's a newbie question an what's not? You? Me? Santa Claus?
> And everyone started on a small ground... - that's the way.
There are places for newbie questions. This is not it. The list
sort-of evolved towards this, and as this happened, the guru-factor
droppeed, and the question-factor rose. The list is now a low-signal
duplicate of -questions/-newbies.
> > and a consequent increase in the technical content/discussion
> > ratio. I also hope to attract back the security gurus, and thus
> > further improve the signal content.
>
> This will not work. Let me explain what I believe what such a list
> is for: I think, some people found a list for security related
> discussions to make it much easier to help each other. Over the
> month and years to original guru's are getting better and better
> while the quality of the list in in everyone's mouth. So some more
> guys and girls are subscribing to participate one every hint and a
> lot of stressed people are just asking sth. and discuss just a small
> (personal preferred) problem, an idea, sth. else.
-Questions is a "help-each-other" list. So is USENET. We don't need
any more, and unfortunately over time some folks have gotten used
to this status quo. This may seem harsh, but such folks have a
little unlearning to deal with. Sorry! :-)
> And some of the guru's get bored, but many new guru candidates
> subscribed, helped, talked and - sometimes - chatted 'bout security (I
> remember an obfuscation discusion not long ago).
That fact that some time in the past, this may have worked for individuals
is, erm, unfortunate. I can go to extremes ("Theft works for robbers" etc),
but I think you may understand me if I say the means does not justify
the ends.
> So in my opinion this list is good just as is. If you are much more
> expirienced and wiser so you have two choices. Go away to a wisdom /
> guru list or stay (what we all prefer) and let us have part of your
> wisdom.
You are welcome to stay, you are welcome to read. Pleas understand that
I don't want you to go naway; I want you to accept a higher signal ratio,
and nI want you to not (unwittingly) contribute to the noise :-)
> I do not want defend idiots, but - please - there is a difference
> between newbie (what I could be in the eyes of many) and idiots /
> torks.
Lets not get extreme - we mostly agree. Lets see how this initiative
pans out.
M
--
o Mark Murray
\_
O.\_ Warning: this .sig is umop ap!sdn
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200208271849.g7RInvl5022584>