> 2)Only announcements for OSI approved projects. Webappsec has this > policy I think, and it rewards people who share the most openly.
I would argue that something like this is the best for full disclosure. Afterall, if you release a tool, your techniques are not really fully disclosed if you keep the source code closed. Note that open source != free (example: commercial PGP), but I would think the source code should be made publicly accessible, even if the licensing is more restrictive. However, in the case of "INSECT Pro", the frequency of posts is far too high, regardless of other considerations. tim _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
