Bugtraq
Bugtraq was an electronic mailing list dedicated to issues about computer security. On-topic issues are new discussions about vulnerabilities, vendor security-related announcements, methods of exploitation, and how to fix them. It was a high-volume mailing list, with as many as 776 posts in a month, and almost all new security vulnerabilities were discussed on the list in its early days. The forum provided a vehicle for anyone to disclose and discuss computer vulnerabilities, including security researchers and product vendors. While the service has not been officially terminated, and its archives are still publicly accessible, no new posts have been made since January 2021. History Bugtraq was created on November 5, 1993 by Scott Chasin in response to the perceived failings of the existing Internet security infrastructure of the time, particularly CERT. Bugtraq's policy was to publish vulnerabilities, regardless of vendor response, as part of the full disclosure movement of vul ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Elias Levy
Elias Levy (also known as Aleph One) is a computer scientist. He was the moderator of "Bugtraq", a full disclosure vulnerability mailing list, from May 14, 1996 until October 15, 2001. He was the CTO and co-founder of the computer security company SecurityFocus, which was acquired by Symantec on August 6, 2002. He is also known as the author of the article "Smashing The Stack For Fun and Profit", published in 1996 ''Phrack'' magazine issue 49, which was the first high-quality, public, step-by-step introduction to stack buffer overflow vulnerabilities and their exploitation. After the sale of SecurityFocus SecurityFocus was an online computer security news portal and purveyor of information security services. Home to the well-known Bugtraq mailing list, SecurityFocus columnists and writers included former Department of Justice cybercrime A c ... to Symantec in August 2002, Levy was accused by many of "selling out" and compromising the high principles of the Bugtraq lis ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Full Disclosure (mailing List)
Full disclosure is a "lightly moderated" security mailing list generally used for discussion about information security and disclosure of vulnerabilities. The list was created on July 9, 2002 by Len Rose and also administered by him, who later handed it off to John Cartwright. After Len Rose shut down netsys.com, the list was hosted and sponsored by Secunia. The Full Disclosure mailing list was originally created because many people felt that the Bugtraq mailing list had "changed for the worse". In March 2014 Cartwright shutdown the original Full-Disclosure mailing list because an "unnamed" security researcher made requests for large-scale deletion of information and threatened legal action. Cartwright wrote on the list's homepage, "I always assumed that the turning point would be a sweeping request for large-scale deletion of information that some vendor or other had taken exception to. I never imagined that request might come from a researcher within the 'community' itself." O ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
SecurityFocus
SecurityFocus was an online computer security news portal and purveyor of information security services. Home to the well-known Bugtraq mailing list, SecurityFocus columnists and writers included former Department of Justice cybercrime prosecutor Mark Rasch, and hacker-turned-journalist Kevin Poulsen Kevin Lee Poulsen (born November 30, 1965) is an American former black-hat hacker and a contributing editor at ''The Daily Beast''. Biography He was born in Pasadena, California, on November 30, 1965. Black-hat hacking On June 1, 1990, Poul .... External links * (no longer active) {{Compu-website-stub Internet properties disestablished in 2002 Computer security organizations Gen Digital acquisitions ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Electronic Mailing List
A mailing list is a collection of names and addresses used by an individual or an organization to send material to multiple recipients. The term is often extended to include the people subscribed to such a list, so the group of subscribers is referred to as "the mailing list", or simply "the list." Transmission may be paper-based or electronic. Each has its strength, although a 2022 article claimed that "direct mail still brings in the lion’s share of revenue for most organizations." Types At least two types of mailing lists can be defined: * an ''announcement list'' is closer to the original sense, where a "mailing list" of people was used as a recipient for newsletters, periodicals or advertising. Traditionally this was done through the postal system, but with the rise of email, the electronic mailing list became popular. This type of list is used primarily as a one-way conduit of information and may only be "posted to" by selected people. This may also be referred to by t ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Computer Security
Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from attack by malicious actors that may result in unauthorized information disclosure, theft of, or damage to hardware, software, or data, as well as from the disruption or misdirection of the services they provide. The field has become of significance due to the expanded reliance on computer systems, the Internet, and wireless network standards such as Bluetooth and Wi-Fi, and due to the growth of smart devices, including smartphones, televisions, and the various devices that constitute the Internet of things (IoT). Cybersecurity is one of the most significant challenges of the contemporary world, due to both the complexity of information systems and the societies they support. Security is of especially high importance for systems that govern large-scale systems with far-reaching physical effects, such as power distribution, ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Vulnerability (computing)
Vulnerabilities are flaws in a computer system that weaken the overall security of the device/system. Vulnerabilities can be weaknesses in either the hardware itself, or the software that runs on the hardware. Vulnerabilities can be exploited by a threat actor, such as an attacker, to cross privilege boundaries (i.e. perform unauthorized actions) within a computer system. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness. In this frame, vulnerabilities are also known as the attack surface. Vulnerability management is a cyclical practice that varies in theory but contains common processes which include: discover all assets, prioritize assets, assess or perform a complete vulnerability scan, report on results, remediate vulnerabilities, verify remediation - repeat. This practice generally refers to software vulnerabilities in computing systems. Agile vulnerability management refers preventing attacks by ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Internet
The Internet (or internet) is the global system of interconnected computer networks that uses the Internet protocol suite (TCP/IP) to communicate between networks and devices. It is a '' network of networks'' that consists of private, public, academic, business, and government networks of local to global scope, linked by a broad array of electronic, wireless, and optical networking technologies. The Internet carries a vast range of information resources and services, such as the inter-linked hypertext documents and applications of the World Wide Web (WWW), electronic mail, telephony, and file sharing. The origins of the Internet date back to the development of packet switching and research commissioned by the United States Department of Defense in the 1960s to enable time-sharing of computers. The primary precursor network, the ARPANET, initially served as a backbone for interconnection of regional academic and military networks in the 1970s to enable resource shari ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
CERT/CC
The CERT Coordination Center (CERT/CC) is the coordination center of the computer emergency response team (CERT) for the Software Engineering Institute (SEI), a non-profit United States federally funded research and development center. The CERT/CC researches software bugs that impact software and internet security, publishes research and information on its findings, and works with business and government to improve security of software and the internet as a whole. History The first organization of its kind, the CERT/CC was created in Pittsburgh in November 1988 at DARPA's direction in response to the Morris worm incident. The CERT/CC is now part of the CERT Division of the Software Engineering Institute, which has more than 150 cybersecurity professionals working on projects that take a proactive approach to securing systems. The CERT Program partners with government, industry, law enforcement, and academia to develop advanced methods and technologies to counter large-scale, soph ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Full Disclosure (computer Security)
In the field of computer security, independent researchers often discover flaws in software that can be abused to cause unintended behaviour; these flaws are called vulnerabilities. The process by which the analysis of these vulnerabilities is shared with third parties is the subject of much debate, and is referred to as the researcher's ''disclosure policy''. Full disclosure is the practice of publishing analysis of software vulnerabilities as early as possible, making the data accessible to everyone without restriction. The primary purpose of widely disseminating information about vulnerabilities is so that potential victims are as knowledgeable as those who attack them. In his 2007 essay on the topic, Bruce Schneier stated "Full disclosure – the practice of making the details of security vulnerabilities public – is a damned good idea. Public scrutiny is the only reliable way to improve security, while secrecy only makes us less secure". Leonard Rose, co-creator of an elec ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Aleph One
In mathematics, particularly in set theory, the aleph numbers are a sequence of numbers used to represent the cardinality (or size) of infinite sets that can be well-ordered. They were introduced by the mathematician Georg Cantor and are named after the symbol he used to denote them, the Hebrew letter aleph (\,\aleph\,). The cardinality of the natural numbers is \,\aleph_0\, (read ''aleph-nought'' or ''aleph-zero''; the term ''aleph-null'' is also sometimes used), the next larger cardinality of a well-orderable set is aleph-one \,\aleph_1\;, then \,\aleph_2\, and so on. Continuing in this manner, it is possible to define a cardinal number \,\aleph_\alpha\, for every ordinal number \,\alpha\;, as described below. The concept and notation are due to Georg Cantor, who defined the notion of cardinality and realized that infinite sets can have different cardinalities. The aleph numbers differ from the infinity (\,\infty\,) commonly found in algebra and calculus, in that the ale ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Operating System
An operating system (OS) is system software that manages computer hardware, software resources, and provides common services for computer programs. Time-sharing operating systems schedule tasks for efficient use of the system and may also include accounting software for cost allocation of processor time, mass storage, printing, and other resources. For hardware functions such as input and output and memory allocation, the operating system acts as an intermediary between programs and the computer hardware, although the application code is usually executed directly by the hardware and frequently makes system calls to an OS function or is interrupted by it. Operating systems are found on many devices that contain a computer from cellular phones and video game consoles to web servers and supercomputers. The dominant general-purpose personal computer operating system is Microsoft Windows with a market share of around 74.99%. macOS by Apple Inc. is in second place (14.84%), and ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
TechDirt
Techdirt is an American Internet blog that reports on technology's legal challenges and related business and economic policy issues, in context of the digital revolution. It focuses on intellectual property, patent, information privacy and copyright reform in particular. Description The website was founded in 1997 by Mike Masnick. It was originally based on the weblog software Slash. Techdirt's content is based on reader submissions as well as the editorial staff's picks. The website makes use of MySQL, Apache, and PHP, and is hosted at ActionWeb. Techdirt is managed by Floor 64, a company located in Redwood City, California, USA. There is a guest editor section in Techdirt, called "Favorite Techdirt Posts of the Week", where several high-profile personalities of politics and culture contributed articles over the years; for instance Marietje Schaake, Member of the European Parliament for the Netherlands, Sen. Ron Wyden of Oregon or author Glyn Moody. Reception and impact ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |