hobbit@PYRITE.RUTGERS.EDU (*Hobbit*) (10/02/90)
I have been very busy moving my entire life and stuff to Boston, and have had utterly *no* time to deal with the list for the last few weeks. I now intend to shovel out all the back messages, but I wanted to ping the readership at large first and get a few opinions about the relative worth of keeping this list going. I have often toyed with the idea of just taking it down completely. I seem to be perpetually too busy to get things out on what you'd call a timely basis. More importantly, most of the recent submissions seem to either be about things that have been discussed in the past, or are questions about very specific and narrow fields of interest that often serve to only confuse the readers who don't know anything about it. Many questions could be answered by digging around through the archives, which are all still online from the lists's inception. Over the years a fairly useful body of knowledge has been captured there, and it's been my suspicion that we've just sort of reached our horizon of getting new knowledge into there. I could be quite wrong about this since new security topics are always coming out, but I see definite repeating patterns here. The other thing is that there is now this alt.security newsgroup. This is a completely unmoderated instant-turnaround group, which sort of flies in the face of this list's original philosophy. Any clown could send in "gee, I found this really cute hole under Buglix 5.2 and here's how to reproduce it", raising a certain flame war as well as possible liability issues or at least the wrath of local system folks. Moderation, it was hoped way back when, was one way to avoid this sort of thing. I even took pains to run the list in such a way that someone couldn't just "VRFY security-outbound" or some such and obtain the distribution list for themselves. Of course anyone could send this sort of message to just about any group, so the question here is: Just what does a moderated list do for people? Should it remain moderated? I have noticed that the signal-to-noise ratio on alt.security is at the typically low Usenet-like level. I do reject a good proportion of mangled, irrelevant, stupid, or redundant messages, but being such a filter is a rather tedious job even with a multitude of tools at one's disposal. So I solicit opinions from the readership. Should the security list become an unmoderated reflector? Should it just shrivel under the onslaught of alt.security and just vanish, leaving only its archives? Should the task [and I don't use the word lightly] of moderation pass on to someone else with more time to do it? I do wish I had the time to do as thorough a job as, say, PGN with RISKS; but with new locations and new jobs and scads of loose ends to wrap up such is not to be the case. Suggestions and such will be accepted at my address, security, security- request, etc; it all points to my mailbox anyway. _H*