Scope

The word ``security'' here refers to what attackers can do. The question of what attackers are doing is a minor side issue; there are other mailing lists where people can satisfy their morbid curiosity. We want systems that attackers cannot exploit.

securesoftware is dedicated to operating systems and applications that are available to the public free of charge: Linux, for example, and Netscape. We don't want to pay for software; we don't think that paying for software is going to make our computers secure; and we're tired of hearing commercial advertisements for security tools that never live up to the hype.

bugtraq

• Contributors label their messages for easy filtering. Subject lines look like ``[remote] [control] BIND 8.2.* TSIG buffer overflow'' instead of ``Multiple Vulnerabilities in BIND.''
• securesoftware lets information flow freely and quickly from contributors to readers. Messages to securesoftware are immediately distributed to subscribers. Critical announcements don't have to wait for moderators who have taken the weekend off or who are getting cold feet about distributing certain types of information.
• securesoftware doesn't have all those useless messages about commercial programs that you don't use.

As a contributor, you will find securesoftware more responsive than bugtraq. If you use the proper subject-line format, your message will be distributed immediately; if you don't, your message will be bounced immediately. Try sending your message to both securesoftware and bugtraq, and see what happens!

securesoftware is run by me. It is not operated or endorsed by SecurityFocus.com, the commercial operators of bugtraq.