For the past month or two we have been seeing more and more off-topic
message on the TH-Research (Trojan Horses Research) mailing list.
We decided to start a new mailing list to take off the "pressure".
The new mailing list is called appsec-research, and it will deal with
issues such as vulnerability research through packers and win32 binaries
to code injection.
Same rules, same issues: we are here to help people (and the rest of the
world when we can) while staying on the _good_ "side of the fence".. but
we do not allow anyone on the list before a background check.
I personally believe in the concept of full disclosure, but I realize now
that when it comes to security it's no longer practical for the very
simple reason that we are out-numbered 100,000 to one.
I am not trying to start a debate about that, it is simply how I
personally see things and how we are going to run our new list.
So, the new list will be all about how to protect and break software,
whether it's a vulnerability or a packer.. I considered calling the list
IDA-geeks, but oh well.
If you want to join send me an email message to ge@warp.mx.dk.
I wanted to discuss sending this message here with the moderator and
getting his permission, but I figured this is a moderated list, so if he
doesn't approve of it the email message simply won't get through.
Gadi Evron.
