Federal Linux

BUGTRAQ is dead

Tracy R Reed  | 

The BUGTRAQ mailing list ain’t what it used to be.

I sent the following to the bugtraq mailing list. The moderator of the list replied with basically a shrug of the shoulders and bounced my post back to me.


Subject: The utility of bugtraq From: Tracy R Reed <[email protected]> Date: Mon, 26 Jun 2006 14:35:38 -0700 To: [email protected] I have been a subscriber to bugtraq for over 10 years. I made the acquaintance of Aleph1 and I think maybe he turned me onto the list, I don’t recall. When I first subscribed I read every email that came across the list because it was probably something that applied to one of the UNIX’s I administered and could affect me. Many emails contained actual exploit code which was very interesting in understanding what was really going on. But the list has changed a lot since then. Now it seems like every platform is fair game for the list even though no one person cares about more than a very small percentage of those platforms. We have tons of XSS exploits being posted for webapps that nobody has heard of. We even have XSS exploits being posted which are unique to individual websites. What is the point of posting those? What are the rest of us going to learn from a site-specific XSS exploit for blacksingles.com that we didn’t learn from the previous thousand XSS exploits and why should we read over a thousand emails a month about such things? I don’t know if the change in the population of the Internet in general is responsible for the change in utility of the bugtraq list or if it is due to the new ownership of the list but it went from being an indispensable tool for the system administrator to being a massive source of useless noise. I guess it’s time for this old UNIX fogey (and I’m just 31!) to move on.