Domain: oisafety.org
Stories and comments across the archive that link to oisafety.org.
Stories · 2
-
Creating an Open Alternative to Bugtraq?
mbogosian asks: "I am not a sysadmin, nor am I a security expert, but I appreciate those who are. In response to a recent story, I went out and registered two domain names: opentraq.org and opentraq.net. I am hereby throwing down the gauntlet: I am willing to have them resolve to DNS servers belonging to a group of volunteers who wish to start and maintain an Open alternative to security services like BugTraq and others offered at the SecurityFocus website without being encumbered by the OIS Security Vulnerability Reporting And Response Process. I will continue to pay the renewal fees for the names as long as someone wants to continue the the effort. After the project becomes established and is maintained by a reputable (i.e., non-commercial) group of volunteers, I am willing transfer ownership of the domains to that group at no cost. Feel free to contact me if you are interested. Let the discussion begin! " Do you feel such a thing is necessary at this time? Why or why not? -
Group Releases Anti-Disclosure Plan
dki writes "SecurityFocus reports that the Organization for Internet Safety (OIS), a group of 11 of the largest software and security companies, has released a public draft of a proposed bug disclosure standard. The document outlines a process for reporting and disclosing bugs that aims to eliminate releasing exploits to the general public. Not surprisingly, the OIS was founded out of a Microsoft-hosted security conference. Comments on the draft will be accepted until July 4th; the final copy will be released at the Black Hat Conference in Las Vegas."