Bugtraq
From Free net encyclopedia
Quarl (Talk | contribs)
Date canonicalization: "[[November 5]], [[1993]]" → "[[1993-11-05]]"; "[[June 5]], [[1995]]" → "[[1995-06-05]]"; "[[May 14]], [[1996]]" → "[[1996-05-14]]"; "[[October 15]], [[2001]]" → "[[2001-10-15]]
Next diff →
Current revision
Bugtraq is a full disclosure mailing list dedicated to issues about computer security. On-topic discussions are new discussions about vulnerabilities, methods of exploitation, and how to fix them. It is a high volume mailing list, and almost all new vulnerabilities are discussed there.
Bugtraq was created on Friday 1993-11-05 by Scott Chasin, in response to the perceived failings of the existing internet security infrastructure of the time, particularly CERT. Bugtraq's policy was to publish vulnerabilities, regardless of vendor response, as part of the Full Disclosure movement of vulnerability disclosure.
Elias Levy noted in an interview that "the environment at that time was such that vendors weren't making any patches. So the focus was on how to fix software that companies weren't fixing."
In the beginning, the mailing list was not moderated, however the signal-to-noise ratio became unacceptably bad. It became moderated beginning 1995-06-05. At the same time it moved from its original home at Crimelab.com to Netspace.org.
The mailing list was moderated by Elias Levy (a.k.a. Aleph One) from 1996-05-14, until he stepped down on 2001-10-15, then Dave Ahmad took over until he stepped down on 2006-02-23. The current moderator is David McKinney.
In July 1999 Bugtraq moved from Netspace.org to SecurityFocus. The last few years, Bugtraq has been the property of the computer security company SecurityFocus, which was bought out by Symantec on 2002-08-06.
