Interesting, no? Very similar to recent questions raised about Full Disclosure
becoming a thing of the past. From orgs buying vulns to NDAs to criminals
wanting to profit from their own creations to orgs trying to cover ass from
regulations, far less information is being openly shared. Mayhaps we're
becoming more guarded as everyone becomes more paranoid about the indexing of
the Internet's voices...
Maybe it is because aliases are used far less often these days as many people
have something to gain from their name being associated with useful posts (and
likewise to avoid being soiled by bad posts since we tend to be intolerant of
newbies and wrong answers).
It's an extremely interesting topic, and it is not just the black hat side of
things that has matured into profits and "professional" activity, but our side
as well. It's my biggest complain these days: trying to share information
beyond vague "we got hacked through our unpatched web server, but I can't say
anymore."
<- snip ->
Are people afraid to post that kind of stuff anymore or what? Have our
NDAs pushed us to just talking with our buddies in SILC servers, or just
posting stuff in blogs?
I think a lot of people have been told not to post infrastructure
data on groups and lists, but I don't think that affects PT/VA work.
Maybe they're scared of looking n00b?
<- snip ->
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
