Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20080417013228.GA5031@openwall.com>
Date: Thu, 17 Apr 2008 05:32:28 +0400
From: Solar Designer <solar@...nwall.com>
To: announce@...ts.openwall.com
Subject: [openwall-announce] community resources: oss-security, oCERT, xvendor

Hi,

As many of you should have noticed, I haven't been sending these
announcements out for a while, although news items were being added on
the http://www.openwall.com front page.  My excuse is that I was waiting
for some major news to announce, and I wanted to mention the minor news
items at the same time.  Well, now I have too many things to announce,
so I'll group them by topic.  This message is about new community
resources and community activities.

1. We've setup a new web page on Openwall user communities, hosted
community resources, and community involvement and activities:

	http://www.openwall.com/community/

This web page includes pointers to the resources described below.

2. We're hosting the Open Source software security (oss-security) wiki,
as well as the oss-security mailing list.  These are a product of
cooperation amongst various Open Source software vendors, projects, and
security researchers.  The purpose of the oss-security group is to
encourage public discussion of security flaws, concepts, and practices
in the Open Source community.

The wiki, which includes information on joining the mailing list:

	http://oss-security.openwall.org/wiki/

I'd like to thank (GalaxyMaster) for setting up and administering the
wiki, and many others (20+ authors) for their work on the content.

The list archive (292 messages so far, since mid-February) is also
available on the web:

	http://www.openwall.com/lists/oss-security/
	http://dir.gmane.org/gmane.comp.security.oss.general
	http://marc.info/?l=oss-security

3. We have joined the oCERT project (the Open Source Computer Emergency
Response Team), in two ways: I serve on the advisory board of oCERT,
and Openwall is a registered public member of oCERT such that we can be
sure to receive notification of vulnerabilities pertaining to our
software (and, far more likely, to third-party software that we
redistribute as a part of Openwall GNU/*/Linux) that will be handled via
oCERT.  Other Open Source projects are welcome to register with oCERT,
too.  (We're also a member of oss-security and vendor-sec, and are
registered with the CERT/CC.)  The website for oCERT is:

	http://ocert.org

4. We've made the xvendor mailing list, which existed since 2002, public.
The purpose of the xvendor group is collaboration and information
exchange between OS distribution vendors (mostly Linux) on non-security
topics.  However, we have just learned that a similar list was started
at freedesktop.org recently:

	http://lists.freedesktop.org/mailman/listinfo/distributions

This means that the status of xvendor is currently unclear:

	http://www.openwall.com/lists/xvendor/2008/04/16/2

Yet I've decided to keep xvendor around, and even to mention it in this
announcement, while we figure out whether and how xvendor can co-exist
with the "distributions" list.  More information on xvendor (list
charter and how to join) can be found here:

	http://www.openwall.com/community/xvendor

The archive is available here:

	http://www.openwall.com/lists/xvendor/
	http://dir.gmane.org/gmane.comp.misc.xvendor
	http://marc.info/?l=xvendor

5. I have participated in an IBM-organized Global Innovation Outlook
(GIO) "deep dive" on Security and Society (a day long brainstorming
session, with only short coffee breaks and a lunch break).  This dive
was held on April 10 (with a welcome dinner the day before) in a fine
5-star hotel in the heart of Moscow.  Five more dives on the topic are
to follow in other cities around the world, then IBM is to publish a
report.  Meanwhile, you can find detailed reports on past GIO topics on
the IBM website section dedicated to the GIO initiative:

	http://www.ibm.com/gio/

as well as read and comment on the GIO blog:

	http://gio.typepad.com

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: 5B341F15  fp: B3FB 63F4 D7A3 BCCC 6F6E  FC55 A2FC 027C 5B34 1F15
http://www.openwall.com - bringing security into open computing environments

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.