Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Where Angels Fear to Tread

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Open Discussions

This thread has been marked as locked.
TiMow Where Angels Fear to Tread
Dedicated Contributor 28th May, 2010 09:47
Ranking: 737
Posts: 728
User Since: 26th Jun, 2009
System Score: N/A
Location: CH
Last edited on 28th May, 2010 10:33

I originally posted some thoughts on the "Open Door" thread (http://secunia.com/community/forum/thread/show/415...), dated 26 May, following a post by Emil Petersen (Secunia), relating to the topic I wish to discuss.

With hindsight I feel this was not the best place to reach the readership intended - and not wishing to disrupt the normal tranquility and bonhomie found in this chill-out lounge (for that I apologise).

Any visitor to the forum is greeted with the following, at the head of the page:

"Secunia Forums

The Secunia Community Forum is the place where Secunia users and community members can share knowledge and discuss on topics such as - patching, product updates, vulnerability threats, exploits, and anything that is IT security related.
"

This is not only welcoming, but makes sense - after all PSI is a vulnerability checker. And on the left we see a sub-heading FOR Vulnerabilities.

Accepting that in the main it is for Secunia Official to post the vulnerabilities - like this morning, relating to Google Chrome - a nice detailed report (most of which I don't/or need to understand), just what versions are affected, and what action I need to take - Great: problem sorted.

Conversely, we sometimes see something like the following:

"Vulnerability discovered/is reported in "Program X" ".

This is bound to prompt the reader for more information - which versions are affected?; is an update patch available?; what is the advice?; etc.
And in the corner we see the Reply button .......

As soon as we do this (or even dare to start a thread) it sends other members racing for the keyboards, to warn of the dangers of Mr. Minimizer zapping their reply - whatever its content or relevance.

I have previously read the "opinions" of others, including Emil (the official line), but these are all buried away in some thread in the past - there is no official point of reference. I am also aware that reviews/changes are pending, to this situation.

However changes cost time and money - maybe Secunia should consider adapting a different standpoint, and allow this sub-forum to be operated in the normal way, with replies being assessed on their merits and relevance, and not carte blanche zapping, immaterial of worth; (usually; - a few replies do remain, for some reason).

After all, there is the Advisories section - maybe this could be adapted to include more official vulnerabilities - without specific SA numbers. I believe there should be a better link between Vulnerabilities and Advisories anyway, as it is still sometimes difficult to get full information when a new vulnerability is posted. And replies are invited under Advisories, which appear on the forum. A bit of consistency is required - one "rule" for one, another "rule" for the other.

I realise this is a prickly subject and don't intend to cause an issue, as there are often more important problems to be addressed, but this was a bee in my bonnet that wouldn't go away.

I am grateful for the product and service that I receive at no cost, and appreciate the liberal, laissez faire approach that is adopted on this forum, but sometimes we have to voice our thoughts.

I welcome your thoughts and opinions - official or otherwise.

Regards

TiMow

--
Computing is not yet a perfect science - it still requires humans.

Anthony Wells RE: Where Angels Fear to Tread
Expert Contributor 28th May, 2010 11:53
Score: 2434
Posts: 3,317
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 28th May, 2010 12:13

Hello TiMow ,

To clear up an early point of yours :-

The Chrome "vulnerability" sub-forum post of yesterday was triggered by a post to (in the comment section below) the SA and was not posted by Secunia themselves ; this is how it always works ; you will also see that the Secunia post time is exactly the same as the first reply time and is of no time/date relation to the SA date itself .

In this case the first post is interesting as it raises an anomaly in the SA wording :ie: you cannot "patch" 4.x. , so no "solution" (status "unpatched")and then you "UPGRADE" to 5.x as the "solution" :))) You may want to suggest that Emil or Morten that they pass this on to the SA dept :))

Taffy then rides to the rescue (for the second*** time in 24 hours :)) , even though in this case the comments may well be justified in their placement . Muddy Waters :))

Hope that is clear enough or not:)

Anthony

***Ref : wisely getting the author to repost here :-

http://secunia.com/community/forum/thread/show/434...

PS : I do not understand your paragraph about Advisories , vulnerabilities and numbers .

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+1
-0
TiMow RE: Where Angels Fear to Tread
Dedicated Contributor 28th May, 2010 12:32
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH
Hi Anthony

Thanks for input.

Will better digest your information, and respond to your specific query later.

Time is pressing, at the moment - have appt. (not flexible) for ´bike MoT (equivalent of).

Regards

TiMow

--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+0
-0
taffy078 RE: Where Angels Fear to Tread
Contributor 28th May, 2010 12:47
Score: 408
Posts: 1,322
User Since: 26th Feb 2009
System Score: 100%
Location: UK
Last edited on 28th May, 2010 12:50
Hi. TiMow - you're right to raise this.

Whilst my score is irrelevant in some ways, I - like most - don't enjoy having a negative score simply for posting "in the wrong place".

That happened to me recently when a poster had commented on a vulnerability in version 5 of a program. All I did was to mention that version 6 was vulnerable too - just in case he installed that. On the other hand, I recognise with the benefit of hindsight that I shouldn't have posted some things in the Vulnerabilities section so it's probably balanced out.

I'm sure we all agree that there has to be a structure to these matters. Which is why I've taken to advising new posters to move their post from Vulnerabilities into a new thread, as Anthony has noticed.

I'm also sure that we all have the same aim in helping Secunia improve this excellent facility.

Emil & Secunia clearly have taken these comments on board and will change things at the next opportunity. Perhaps they will find a way to have a "sticky"?



--
taffy078, West Yorkshire, UK

Desktop: Compaq Presario (OEM) 32 bit / AMD Athlon / 2 GB RAM
XP Home - SP3/ IE8/ Norton IS - Secunia PSI v2.0.0.3003

Laptop: Win 7 / IE11 / PSI v2.0.0.3003
Was this reply relevant?
+1
-0
TiMow RE: Where Angels Fear to Tread
Dedicated Contributor 28th May, 2010 15:08
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH
Last edited on 28th May, 2010 16:34
Hi taffy - thanks for the support. That's obviously the whole point - if a sub-forum is given as an option for posting/replying, then it shouldn't be the wrong place. We've all been stung in the past, but in the wider picture, the fact that there's a string of minimised replies must have a negative impact on the viewer, and restrict the logical discussion that can help clarify a situation for many users. You may not always be available to rescue those who stray, though (at your own possible expense).

Hi Anthony - to come back on your point. To be honest, I struggle to differentiate between advisories and vulnerability reports (this could well be ignorance on my part, as there probably is something written, to explain - my lack of research time). My take on this, is that when an advisory is issued, it can be found under Advisories with an SA number (which can then be referred to in other places), with detailed information relating to the threat and what remedial action (if any) can be taken by the user. Comments (replies) are invited, which then create a new thread on the forum.
Whereas a vulnerability report posted under Vulnerabilities forum may or may not have detailed information, and may or may not relate to an SA numbered Advisory.
What is the criteria for one or the other is, as of yet, not clear to me. To be pedantically logical - they both advise.

The Google Chrome vulnerability post is a good example - it appears in the forum to alert the user, and then one can go to the Advisories for specific details - although I'm sure the forum post (in this case) included sufficient information for most. If someone wishes to reply to the forum post, then it should be logical to do so.
The Foxit Reader post (of last weekend), also under vulnerabilities, shows the other side - when I searched for further information under Advisories, there was none to be found, as an official advisory had not been issued, which then prompted the need of some users to discuss further.

The point I was trying to make in my initial post above, was to suggest a scenario similar to the Google Chrome one, where after a vulnerability report on the forum, there should be a reference point for clarification under Advisories, immaterial as to whether it is an "official" advisory with an SA number - particularly relevant when the post on the vulnerability forum is just a one-liner.
The two areas should be more interactive, with the right for members to discuss the vulnerability on the forum, without the consequence of being minimised.

I hope this better explains my viewpoint, and appreciate that you're likely to be better informed regarding the above and welcome your clarifications (corrections).

Regards

TiMow

EDIT: Regarding the Chrome e.g. I've used - I've just re-read your (Anthony) reply, and I'm suffering from chicken and egg syndrome - Advisory first, then comment (reply) which then necessitates it's appearance on the forum - but then in this instance further replies should not be taboo. Although, now, my appraisal is not truly accurate, regarding this e.g., the (my) idea behind it remains the same.

--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+1
-0
Anthony Wells RE: Where Angels Fear to Tread
Expert Contributor 28th May, 2010 18:48
Score: 2434
Posts: 3,317
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 28th May, 2010 19:19
Hello TiMow ,

AFAIK , a vulnerability in a "progam/application" once confirmed by Secunia is reported/produces an SA with it's own number ; further research/patching/etc may update it and thsi is recorded within the SA . As a PSI user you only get the basic info from the SA , commercial clients get more .

PSI reacts to the SA and points to it in any "warning" display - you need to read it to understand the "vulnerability" and what to do with it ; or you can click on the PSI "solution" button and do/get on with other things .

I do not know what you mean by a "vulnerability report " - as such I do not know of one . When you comment on an SA you get a cut down version of the SA as the heading to the post - in the name of Secunia - in the "vulnerability" sub-forum so you are aware of the subject and as I said above this is an auto trigger from the full SA . You click on the link on the left above the post heading to read and comprehend the full SA , preferably before posting .

Emil & Morten will try to move the post out of "vulnerabilities" if they can when it is obviously misplaced , but I haven't studied the consequences ; the same for posters who "select" to post in the "vulnerabilities" sub-forum , with or without a Secunia header post . I don't know how you get a Secunia headed post in say the "programs" sub-forum ; I was guessing that "someone" had relocated it .

As far as I am aware , all this is straightforward and known in more or less detail to regular forum posters - whether that costs/risks a penalty and/or a gladiatorial execution is irrelevant to me . What concerns me , is that this Forum has a lot of readers and a smaller number of "first posters" who seem to have suffered months of being unable to solve a problem which is actually "easy" to fix (here) and ANYTHING that makes even one poster afraid to start or come back on a thread needs looking into .

Take care

Anthony

PS: clarifying an SA is not for us , how it applies to you and your "program/app" should be the "subject" of a new thread by you or an interested user.

There are more details in this thread (already posted above) if you scroll down :-

http://secunia.com/community/forum/thread/show/434...

PPS: your Foxit thread is out of SA39291 (click the link over te tread)

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
TiMow RE: Where Angels Fear to Tread
Dedicated Contributor 28th May, 2010 19:30
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH
Last edited on 28th May, 2010 19:36
Evening Anthony

By vulnerability report, I was simply referring to a Secunia Official post under the Vulnerabilities forum sub-heading - sorry if it wasn't clear - be it a new direct entry or as a result of someone replying to an SA.

Thereby hangs part of the problem - if a comment (reply) is made to an SA , thus creating a new thread (under Vulnerabilities) and then subsequent posts are made, without the thread being moved, are these legitimate or not? (rhetorical question - no answer required).

Thanks for the explanation - will re-study it tomorrow (with a clearer head). Read another of your explanations on another reply, today, which kind of made sense regarding the official line - but I'm not convinced this whole thing is as straight forward as it should be.

And you're right about the effect it could have on some would-be forum contributors.

TiMow

EDIT: Just seen your PPS - was that link (and the SA) always there from the start, or did it get added later? I don't recall seeing it at the time, and a search (at the time) turned up nothing. But on the SA, again, replies are invited - only to be minimised later.

--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+0
-0
Anthony Wells RE: Where Angels Fear to Tread
Expert Contributor 28th May, 2010 20:32
Score: 2434
Posts: 3,317
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

TiMow ,

I'll take your EDIT to be rhetorical as well .

As I see it , best answer is having taffy to ride shotgun and an 007 licance to kill - even if only Secunia can close te tread - for obvious reasons (hint - it's an SA and their main job is commercial , not PSI :))

Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
taffy078 RE: Where Angels Fear to Tread
Contributor 28th May, 2010 21:01
Score: 408
Posts: 1,322
User Since: 26th Feb 2009
System Score: 100%
Location: UK
Anthony: l.o.l. ;0)

Or Fred, perhap? (licenced to Dill.)

--
taffy078, West Yorkshire, UK

Desktop: Compaq Presario (OEM) 32 bit / AMD Athlon / 2 GB RAM
XP Home - SP3/ IE8/ Norton IS - Secunia PSI v2.0.0.3003

Laptop: Win 7 / IE11 / PSI v2.0.0.3003
Was this reply relevant?
+0
-0
Maurice Joyce RE: Where Angels Fear to Tread
Handling Contributor 29th May, 2010 04:37
Score: 11626
Posts: 8,916
User Since: 4th Jan 2009
System Score: N/A
Location: UK
@TiMow
Thank you for the thread & opportunity to respond. I totally agree that clarification is required. It is indeed emotive but unless openly & frankly discussed will remain that way. I believe your central point is:
"Secunia Forums

The Secunia Community Forum is the place where Secunia users and community members can share knowledge and discuss on topics such as - patching, product updates, vulnerability threats, exploits, and anything that is IT security related."


I suppose we must all agree that Secunia own the programme & allow us to use it free of charge and their rules (or lack of them) apply but .......
It looks like they are addressing your (our) concerns but the outcome & future guidance remains unclear. To date deathly silence except that leaked to the Forum from individual email communication.

1. The approach of zapping well intentioned questions & replies in certain Forum areas (even they are random) has caused totally unnecessary alarm, particularly from willing helpers,(who give there time free of charge)given there are currently no general guidance - indeed there is encouragement from Secunia to respond to vulnerabilities - other than what U have quoted. An explanation from the 5 point zapper would be helpful as to why some replies/questions were deemed irrelevant others not.

2. They allowed a Facebook/Twitter/Email/Messenger type posts to develop on a working thread until recently closed without penalty yet well intentioned questions were zapped elsewhere on the Forum. That by any stretch of the imagination is double standards.If I understand correctly, this Twittering will continue despite the trial on the current thread receiving no new members after some drum beating. There is no written mandate for this activity as your Secunia quote clearly shows.Without such a mandate, some could see these posts as irrelevant & score it accordingly. To me,this is a whiners charter if future zapping takes place. Secunia could well end up with an appeals tribunal unless they start explaining things openly.

@Anthony makes the only other balanced observation mainly:

"What concerns me , is that this Forum has a lot of readers and a smaller number of "first posters" who seem to have suffered months of being unable to solve a problem which is actually "easy" to fix (here) and ANYTHING that makes even one poster afraid to start or come back on a thread needs looking into."

This point is aptly demonstrated by my latest "recruit" ( I have 6) who asked to use my email address to sort out her problems. She is a very switched on "cookie" but felt the Forum did not offer any chance of helping having read a few threads. That is sad.

Both of the highlighted areas are keys issues. Clear guidance for helpers is vital &, more importantly, encouragement for people to use the Forum for assistance knowing they will be dealt with in a helpful,timely & knowledgeable manner.

I suspect we have lost some very good helpers in the past due to the haphazard approach on the Forum use. Time to stick our heads above the parapet & ask serious questions:

1. We appear to have developed a webmaster & welcoming committee - surely this is the responsibility of the first person to answer the cry for help in the knowledge that he/she can solve the problem? Is such a post, without any solution included, irrelevant? Who is policing this?

2. Given that no one other than "helpers" appears to have any appetite for social gossip is it relevant & does it meet the aims of Secunia? If so, usage guidance is necessary & a quite separate area created where "point scoring" amongst helpers is eliminated. This should include promotion of programmes unless it is deemed as useful in solving a problem.

3. If new guidance is being applied where will it be posted? Will a newcomer be required to acknowledge he/she has read the guidance before being able to create a profile?

In a nutshell, without clarity the initial issue you raised will not go away. They created the current Forum aim & they should apply equal treatment in upholding it. Your header is 100% accurate. There is fear on where to post on the Forum & newcomers stand no chance of knowing under the current climate.

While all this time wasting has been going on between helpers @Barbaresa has been waiting over 36 hours for a response on this thread:
http://secunia.com/community/forum/thread/show/434...

Who is running with the issue? Secunia will not - it is not vulnerability related. Surely,as @Anthony pointed out, we should be homing in & helping rather than pleading with Secunia to give us a clue on what is going on.

I personally could not give a fig on how Secunia run their Forum and will continue to help when time allows but it would be nice to see a more effective policy & uniformity in policing it.

@Timow - hope I have not strayed to far off course. 200% behind U on getting this can of worms sorted and to hell with the point scoring.

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+1
-0
Anthony Wells RE: Where Angels Fear to Tread
Expert Contributor 29th May, 2010 10:26
Score: 2434
Posts: 3,317
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

To All ,

I tend to agree with pretty much everytihng expressed by Maurice Joyce .

However , I do believe that personal contact and what seems to be a genuine warmth generated in the Forum and appreciated by some/many (?) readers should be maintained . Bathwater , babies , etc.

Personal Email or telephone contact for some is perhaps a more suitable introduction/answer to handling/exposing an IT problem and , if agreeable , could perhaps be expedited via Secunia's safe hands or a charitable/responsible Forum member entrusted with private contact data . It should not take a genius to track down certain members as it is - I am definitely not recommending that !!

A chat room for those who wish it is fine - I would hope it would encourage female participation and allow Mogs poetry/sophistry to endure - but should be clearly split from anything offreing "newbie" advice ; which I firmly believe should be PSI/OSI web security oriented .

A "joke" bin/scrap heap is essential - please note taffy , you put the joke in there in the first place, not in a post and then say you'll "look" for the bin :))

I see no point in everybody having copied someone else and putting the ACCEPT screed in the signature when the problem is obviously no where near fruition - post it when it is obviously relevant if you must ; similarly less "early" closing of threads by Secunia . I'm sure it's not a rush for approval points :)

Take care

Anthony

PS: have picked up Barbareska (forgot yesterday:(() but am not clear about her problem - seems to be related to er DVD hardware - out of my conscription .


--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
Maurice Joyce RE: Where Angels Fear to Tread
Handling Contributor 29th May, 2010 10:32
Score: 11626
Posts: 8,916
User Since: 4th Jan 2009
System Score: N/A
Location: UK
@Anthony
Thank you. Thought U might like to pick @Barbaresa. I think U have a handle on it. Subject to her reply to your questions I believe her reinstall has either not put the DVD/CD drivers on or they are outdated. If U want a hand give me a shout otherwise I will steer clear.

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+1
-0
Anthony Wells RE: Where Angels Fear to Tread
Expert Contributor 29th May, 2010 10:40
Score: 2434
Posts: 3,317
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

@Maurice ,

I found these with your friend (!) "Google" :-

http://www.computerhilfen.com/hilfen-26-186214-0.h...

http://www.computerhilfen.com/tech/tip-dvd-player-...

If she comes back with drivers in Windows 7 , then that will be very much for you to give guidance .

Take care

Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
taffy078 RE: Where Angels Fear to Tread
Contributor 29th May, 2010 15:09
Score: 408
Posts: 1,322
User Since: 26th Feb 2009
System Score: 100%
Location: UK
Last edited on 29th May, 2010 15:15
Hello. Here’s my take on this:

1. I joined 15 months ago and have been helped many, many times.

2.1 I started my “IE8 German Government” thread on the 17th January this year.
http://secunia.com/community/forum/thread/show/334...
Some of you, the main resident technical guys, made humorous remarks in your replies and it escalated from there. I closed it on the 30th April - in those three months, there were 222 posts (nearly all ‘social’ and 3996 views). So many posts that it seemed to take forever to get to the end of the thread to update myself/respond.

2.2 This suggested to me the need for a ‘social’ thread. Emil was quite laid back about this – “members decide” was his view.

2.3 So I asked members:
http://secunia.com/community/forum/thread/show/409...
The response was disappointing (7 posts & 2311 views) but no-one said “no thank you”.

2.4 “Open Door” started on the 30th April:
http://secunia.com/community/forum/thread/show/415...

It was a trial and imho it has been very well-supported. There have been 133 posts and 1486 views. Again, most of you guys have posted “social/humour.”

2.5 Not long ago I asked for your views on the way forward. The overwhelming response was to have two new monthly threads: one for general PC-related technical matters and the other for ‘social’.

2.6 A new member suggested a “welcome/advisory/do’s and dont’s for newcomers. I mentioned this to Secunia Support recently when I sought their OK to post the two new threads. I said that in my view it should be a Secunia thread. They were non-committal in their response in their email to me -which I shared with you in Open Door. Also see Emil’s comment in Open Door 26th May 09:21.

If you guys still feel that such a thread/sticky is important, I suggest you email them.

2.7 With your blessing, I propose to start the general technical & social threads on 1st June but I have no wish to upset anyone. If you guys feel that my doing this will harm this forum/put off new members then I must bow to your wishes.
But do let me know before the 1st June, please.

3. I have a template post in Vulnerabilities if I’m the first to reply. It’s on the lines of “Hi, XXX and welcome to Secunia. This section - Vulnerabilities - is used by Secunia to provide information about vulnerabilities. So it is unlikely that any member will post a reply here. If you need advice/help, what you now need to do is to create a new thread.” I’m only doing that to stop newbies being put off by receiving a negative score if they respond and so that the first to post there can get his/her new thread going quickly. If what I suggest in my ‘wish list’ below is taken on board, I won’t need to do it.

4. [b]"Wish List"[/b}Every forum of which I’m a member comprises four sections:

Aims of the site & Rules (in a sticky)/Welcome to new members & Q&As (in a Sticky)/Technical/’social’

4.2 Most have more than one technical section and after the subject would show a reminder of/an extract from the Rules/Q&Q as appropriate. Q&As is not the first place a new member would look for.

So e.g. using Secunia, there could be
A. Where to post: Open/Programs/PSI (explain the difference): 1. Before you post a new thread, we suggest that you use the search facility to see if your problem has been raised before & resolved. 2. Please mark replies to your thread as relevant or not. When your problem has been resolved, please close the thread by pressing “Accept” against the post that helped you the most.

B. Where not to post: “Vulnerabilities – threads by Secunia officials. Please do not respond here – instead, start a new thread. / CSI: This section is for corporate users. Only post here if you are XXX.”.

I appreciate though that this is Secunia's site, provided free, and that it costs money to change a forum design/content.

5. All that I am trying to do is to help new members avoid the pitfalls that I first experienced, being a PC ‘dummy’. I am sorry that in doing this, I seem to have caused issues.

PS I have numbered this for ease of reply.

--
taffy078, West Yorkshire, UK

Desktop: Compaq Presario (OEM) 32 bit / AMD Athlon / 2 GB RAM
XP Home - SP3/ IE8/ Norton IS - Secunia PSI v2.0.0.3003

Laptop: Win 7 / IE11 / PSI v2.0.0.3003
Was this reply relevant?
+0
-0
taffy078 RE: Where Angels Fear to Tread
Contributor 29th May, 2010 15:18
Score: 408
Posts: 1,322
User Since: 26th Feb 2009
System Score: 100%
Location: UK
PS Point taken about the Accept comment, Anthony.

--
taffy078, West Yorkshire, UK

Desktop: Compaq Presario (OEM) 32 bit / AMD Athlon / 2 GB RAM
XP Home - SP3/ IE8/ Norton IS - Secunia PSI v2.0.0.3003

Laptop: Win 7 / IE11 / PSI v2.0.0.3003
Was this reply relevant?
+0
-0
taffy078 RE: Where Angels Fear to Tread
Contributor 29th May, 2010 15:23
Score: 408
Posts: 1,322
User Since: 26th Feb 2009
System Score: 100%
Location: UK
PPS Not relevant to this topic but posted here because I know you guys will be able to help jckinnick in this thread:

http://secunia.com/community/forum/thread/show/435...

Clearly I was on the wrong track in my reply but haven't a clue why!

--
taffy078, West Yorkshire, UK

Desktop: Compaq Presario (OEM) 32 bit / AMD Athlon / 2 GB RAM
XP Home - SP3/ IE8/ Norton IS - Secunia PSI v2.0.0.3003

Laptop: Win 7 / IE11 / PSI v2.0.0.3003
Was this reply relevant?
+0
-0
Maurice Joyce RE: Where Angels Fear to Tread
Handling Contributor 29th May, 2010 18:42
Score: 11626
Posts: 8,916
User Since: 4th Jan 2009
System Score: N/A
Location: UK
@Taffy,
As always a charming reply. I think U have appreciated that my input to @TiMow's excellent thread is merely to support his views,add my own little bit by way of pointing out that he has good cause to raise this issue & propose other ideas.

This is all about policy & fair policing of the Forum. No one has been offered the post of Handling Contributor therefore this function & that of Webmaster remains the sole responsibility of Secunia. The stated aim of the Forum is:

"Secunia Forums

The Secunia Community Forum is the place where Secunia users and community members can share knowledge and discuss on topics such as - patching, product updates, vulnerability threats, exploits, and anything that is IT security related. "


Part of your reply is within the heart of the problem. If Secunia are "laid back" about creating a social scene in the Forum which is currently NOT a stated aim they should be equally "laid back" when an unfortunate first timer & a dedicated helper strays into unmarked "forbidden territory".

As my previous post pointed out this is not the case. Irrelevant** posts on "live" threads continue to survive.
**Without guidance, my interpretation of this is that any post made by a helper that does not offer a solution or ask further questions for a build up to a solution is irrelevant.
Enforcing this interpretation,if correct,is a matter for Secunia.

On the other hand some relevant posts which unfortunately strayed "off piste" due to a lack of Official guidance have been {b]randomly[/b] zapped without explanation. I repeat what I have already said this is crass double standards which has raised the temperature of the water faster than Global warming & I believe it will drive people away as pointed out by @Anthony.

On a personal note nothing U have attempted to achieve has upset me. Indeed,from my viewpoint, the Forum would be a much sadder place without the diversity of ideas, fun & solutions offered by the current band of willing helpers.

We all need Forum use guidance & fair treatment - that can only come from one place.

Secunia have promised something is on the way. Perhaps then we can all use a level playing field whatever the guidance includes.


--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+1
-0
TiMow RE: Where Angels Fear to Tread
Dedicated Contributor 29th May, 2010 20:33
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH
Last edited on 29th May, 2010 20:49
Evening All (in the words of Jack Warner)

Lot to read, digest and re-read (tomorrow).

@ MJ - Glad to see we're running on the same track, despite a near derailment - just leaves on the track in the end.

Through the input of the "usual suspects", I'm now bit more savvy than I was regarding the relationship between Advisories and the Vulnerability forum - I was missing a big point, that's now been clarified - and obviously erred with a few minor inaccuracies in my previous posts above.

However, to me the solution is clear: - Secunia should cease to treat the vulnerability forum as the sacred cow, that shouldn't be touched. It should be operated along the same lines as the other sub-forums - maybe policed a bit more strictly, but not with the inconsistent minimising that takes place at present.

This course of action doesn't involve any changes to the structure of the forum; any do s and don't s; any sticky s or taffy having to ride shotgun - it just requires a change of attitude.

Surely if a user makes a comment, that is invited after the Advisory, and this now becomes a new thread under vulnerabilities, then it shouldn't be zapped as a matter of cause.

I don't accept the official view (as best as I can recall), that as the Advisory is finite, then any reply is therefore irrelevant.

And having again studied some of the threads under Vulnerabilities relating to which replies are and are not minimised, the inconsistency needs to be eliminated - by leaving it to the responsibility of the readership (as the relevance scoring was designed to encourage).

I may have more to add (tomorrow) after re-reading some of the longer posts (there was one para in Maurice's that wasn't clear - but after a 2nd read may sort out); but felt I should respond after such beneficial contributions.

Thanks for your input.

Regards

TiMow

--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+0
-0
thedillpickl RE: Where Angels Fear to Tread
Contributor 31st May, 2010 01:47
Score: 376
Posts: 872
User Since: 3rd May 2009
System Score: 100%
Location: US
Hi All;

As this thread has aged a bit before my coming here, I would like to make brief comments as I read through. I apologize to those (like me) with short memories who will have to go back to reread.

@Timow, no need to worry about posting to the "Open Door" thread. My idea was that it was 'open' as long as the subject was not belabored, which it was not.

The listing you refer to at the head of the Secunia forum page is seldom read, in my opinion. It says we can "... share knowledge and discuss on topics ...". This is not always the case in fact. Besides, who reads headers anyhow? The topic headers of threads, nowadays, seldom reflect what the thread is about. (BTW, like your header here) I don't wish to antagonize or infuriate. Just an observation of the state of things.

Possibly a big 'Secunia' red button with "Start Here!" on it would attract more attention. Also, the 'rules of the road' for the forum in addition to the 'greeting'.

As to vulnerabilities & Secunia Advisories (SA's), these did not have a home on the forum in the past. You could check out specifics in PSI or goto the secunia.com site and view them in total. Also CSI had their own 'place' which we were not allowed (not that we needed to be there). This all became an issue when Secunia decided to lump it all together. I'm not complaining or saying it should not have been done. It will, however, have to be sorted to make things work correctly.

@Anthony, you're spot on when you say the vulnerability report (post) & SA are not at the same time. The vulnerability report is a reaction to the SA. The SA is a reaction to a report by a know entity (individual or group) or a discovery by Secunia itself of a vulnerability in a program. Most of this reporting is on the fly to prevent as much damage as possible. Sometimes errors are made. I would rather know somethings wrong and have it reported incorrectly that not have it reported for a couple of days.

In the particular case of Chrome 4.x, this was changed to end-of-life by the time I got 'round to it.

@Taffy, is your score irrelevant or irreverent? Your spell chequrer may be acting up again! (HA! Sorry) I agree that this forum is a superior site of hope, help & cheer. Thanks for your part in helping fix things here and sticking your neck out to help the guy that didn't know any better.

@Timow, I agree that if it's on the forum http://www.merriam-webster.com/netdict/forum ,"a public meeting place for open discussion" (one of the definitions given), it should not be naughty to reply. A 'flashy kadoodle' box on the side of the page (with a do not show this button would be in order to announce vulnerabilities, in my opinion. The "Vulnerabilities" section should be used to discuss the vulnerability. (man, I'm getting tired of typing vulnerability)

@Anthony, you make a very good point of helping vs. consequences. I would like to hear more of moving or relocating a misplaced thread rather than simply lopping off the poor newbie's head & sending him down the road to seek help elsewhere. I am sick of finding "New Members" with a score of -96, it's ludicrous, even absurd.

@Taffy, as a matter of fact, I do have a license to 'Dill". Remember, my alter ego is "Judge Dredd"!

========

I would like to continue to respond to this thread at a latter time (possibly tonight) starting with Maurice Joyce's post of 29th May, 2010 04:37.


Fred

--
XP Home
Chrome, Firefox, IE8
--
consilio et animis
Was this reply relevant?
+0
-0
thedillpickl RE: Where Angels Fear to Tread
Contributor 31st May, 2010 05:05
Score: 376
Posts: 872
User Since: 3rd May 2009
System Score: 100%
Location: US
Last edited on 31st May, 2010 05:22
Back for part two;

=======

@Maurice, as to your first response to Timow on 29th May, 2010 04:37:

1) I will do my best to keep emotion out of this open & frank discussion.

2) I agree that Secunia does own PSI & this forum. They and their representatives have exclusive control, ultimately, over what takes place here. To that point Emil Petersen is on record saying, on "IE8...", at 19th Jan, 2010 10:24, quote,

Hi,
generally, we won't remove users or delete posts/threads unless it's obviously intended as spam. Users going off topic naturally cluster a thread up a bit, but unless you post spam or otherwise cause problems for the community you shouldn't worry (though we may occasionally remove double posts and the like).

end quote. I am not aware of Emil or anyone at Secunia rescinding that statement.

3) To the "deathly silence" which you refer to, perhaps they (Secunia) believe that we can act as adults and are giving us a chance to sort some / all of this ourselves. Also, please enlighten me of the leaky "individual email communication" to which you refer. Is it that Taffy & Emil Petersen have communicated in e-mails to expedite matters that you are speaking of? There have been several times that I have observed Emil ask for e-mail to resolve problems in the past.

4) The 'zapping' of ones points is of little concern to me, although I believe extreme cases would cause a new member to feel unwelcome here. All present have taken a 'hit' to help out.

5) I have witnessed the "well intentioned" questions getting zapped a couple of times. I have no doubt, mistakes were made that I am unaware of. The ones that I saw were repeats of an already running thread, also I do not believe this is the way it is being handled now. The possibility exists that I am wrong on this point.

6) As to the "twitter" on working threads, I still believe that some 'twit' is needed between the person giving help & the person needing help, if the person needing help is inexperienced in technical things and they are more receptive to help provided in an nontechnical way. I have used this before myself with great success.

7) As to the "twitter" on a chat thread, I could care less if it 'bothers' someone. They should unsubscribe & ignore that particular thread. No drum here.

8) I whole heartedly agree about Anthony's statement and Secunia statement (highlighted). I applaud that you have gotten so involved in helping that you have taken it off forum. I have been criticized before for doing the same. True, others on the forum loose the benefit of the solution. Sometimes it is more important to do the right thing & get the job done than to win others approval. It is sad & embarrassing when you think of people leaving the forum un-helped and dissatisfied.

9) Who is this 'webmaster'?

10) We (the regulars) should all consider ourselves the welcoming committee. I would pose a direct question. If I (being in the US), ran across a new thread, at 10pm (knowing you're most likely in bed, asleep), with the person requesting help having a different OS than mine and working on a program with which I was unfamiliar, but knowing that you (Maurice) used that OS and were familiar with that program, shouldn't I offer a greeting to this newcomer, to reassure them that they are welcome here and that their question will be answered because I know of a fellow who will most likely be on in a few hours? No solution, just reassurance.

11) I remember when the creator of this thread was requesting help here. Seems to me that's how I found this forum, ah yes, I was looking for help. Not all of us were born here. Perhaps it might interest a newbie that we trade weather reports. Again, unsubscribe.

12) Secunia has made it plain that in "Open Discussions" programs may be talked about, just not in a spammy way.

13) Yes, I foresee a cover page that everyone has to go through to get here, that beats you over the head with rules (not). Maybe you'd prefer an admittance exam? Just like for college, whoops, I didn't go to college!

14) Nutshells aside, barbareska (please check spelling) has a problem about which I am unfamiliar. Anthony has taken the bull by the horns, done a Google search to attempt a solution with no successes to date. He has expressed to barbareska (I copy & paste names so that I get them correct) that although unsure of the correct course of action, he will be back and that he's hopeful that someone with working knowledge of the situation will be there soon.

I would have replied, as I have helped her before, she is quite delightful. I, having nothing relevant to say did not want to butt in with unimportant info.

15) I do care how Secunia runs their forum and think they are doing a pretty good job. Always room for improvement, but impressive as it is still mostly for non-paying customer. The support response is excellent, BTW.

16) Very happy to agree on the last two points. I love to sort worms. If you change your username, I will too. That will show them that we could care less about our points score, number of posts and how long we have been on the forum!

=======

May or may not be back tomorrow for part three.

Forget Tomahawk's, I see incoming ICBM's.


Fred

p.s. Hey look, I'm over 500 posts! Yippee!!

--
XP Home
Chrome, Firefox, IE8
--
consilio et animis
Was this reply relevant?
+0
-0
TiMow RE: Where Angels Fear to Tread
Dedicated Contributor 31st May, 2010 08:11
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH
Hi Fred

Glad you're around and were able to add your comments - a lot of good points and common sense.

Unfortunately, it seems that it is only ever the (un-) favoured few that seem to participate in these debates. And after a good amount of chewing the cud, and in this case, hopefully agreement, we can only hope that it gets picked up by those that actually action change.

And (I know it's bad grammar to begin with "and") as Maurice has rightly pointed out, we shouldn't tie up too much time in such discussions when there may be more important issues to be addressed - I'm sure time is a precious commodity for us all.

But in the hope that this thread may attract an official response, I would be interested in how such a response could apply (be relevant) to the following 2 threads, both posted under Vulnerabilities:

http://secunia.com/community/forum/thread/show/378...

- relating to Skype; 22 replies, 2 of which minimised; 1 of which has taken a big hit (and rightly so) and the other was a repeat (but was not hit with -5);

and

http://secunia.com/community/forum/thread/show/429...

- relating to Foxit Reader; 8 replies, 8 of which minimised (each with minimum of a standard -5 hit, and on a Holiday Monday - were there no open-air concerts in the Tivoli Gardens that weekend?).

Regards

TiMow

--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+0
-0
taffy078 RE: Where Angels Fear to Tread
Contributor 31st May, 2010 08:30
Score: 408
Posts: 1,322
User Since: 26th Feb 2009
System Score: 100%
Location: UK
well done for creating this, TiMow.

I'm confident that Secunia will read the comments about Vulnerabilities/inconsistent zapping) and that they'll take the comments on board as soon as they can.

Then you technical experts can get back to doing what makes this forum the best around, imho: resolving problems. :0)

--
taffy078, West Yorkshire, UK

Desktop: Compaq Presario (OEM) 32 bit / AMD Athlon / 2 GB RAM
XP Home - SP3/ IE8/ Norton IS - Secunia PSI v2.0.0.3003

Laptop: Win 7 / IE11 / PSI v2.0.0.3003
Was this reply relevant?
+0
-0
TiMow RE: Where Angels Fear to Tread
Dedicated Contributor 31st May, 2010 08:53
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH
Hi taffy

Just a small point - you shouldn't confuse me with a technical expert. I have no technical background, either through study or experience. I have always been better with my head than my hands (although through necessity the balance has shifted) and sometimes seem able to adopt a logical approach to problem solving.

It is only through solving my own computer problems (with and without information gleamed from this forum), and reading about others' problems on the forum, that, I (like you and others) am sometimes able to pass this information on to those experiencing similar issues to those with which I may be familiar (when time permits).

I also didn't want my summary to the point of this thread to be lost amongst the long and interesting posts above, so I'm reproducing it below (sorry for repetition).

on 29th May, 2010 20:33, TiMow wrote:


However, to me the solution is clear: - Secunia should cease to treat the vulnerability forum as the sacred cow, that shouldn't be touched. It should be operated along the same lines as the other sub-forums - maybe policed a bit more strictly, but not with the inconsistent minimising that takes place at present.

This course of action doesn't involve any changes to the structure of the forum; any do s and don't s; any sticky s or taffy having to ride shotgun - it just requires a change of attitude.



TiMow


--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+1
-0
mogs RE: Where Angels Fear to Tread
Expert Contributor 31st May, 2010 11:06
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Morning all.
Just thought I'd add my twopennyworth.....the value of which may never alter, strangely enough.
I'll go for a musically related quote: after having got the gist of the debate.
Namely:- "accentuate the positive" else a lot of negativity creeps in. Where something is of no value to a reader, may be worth a jot to another. Zapping is a form of inhibition and oppression...I'm rather surprised that it's being used at all...originating as it does from a Danish society !
I am hopeful that fair mindedness will prevail on the forum.....giving some room to the diversity of opinion and different manners of expression that, I believe, is very necessary to ensure it's good health......tho' I don't have any real faith in human nature.....territorial wars characterize areas of lack of development.
I would like to see more time given by members and Secunia to the subject of vetting/policing from the outset.....rather than a race to be charitable to those, whose other hand is always closed....perpetuated by their belief in.
Does an Ethiopian use the word "love" before procreation/multiplication ? What does multiply? Is she a fool to believe him ?

--
Was this reply relevant?
+0
-0
ValerieA RE: Where Angels Fear to Tread
Member 31st May, 2010 11:54
Score: 0
Posts: 5
User Since: 15th Dec 2008
System Score: N/A
Location: UK
Perhaps I may be permitted to join this thread as a fairly knowledgeable PC user (but not at fault finding and correcting) and give an outsider view for not really wanting to create posts asking for help?

I like to search for answers hence I found Maurice's email address. Being as we appear to be naming people I must say I would have been equally happy to ask "Timow","Anthony" or "ddMarshall" but their addresses do not appear to be available. All four offer detailed, friendly and easy to follow instructions in solving a problem which I have used before. Surely that is what the forum is for?

"thedillpickl". I can almost feel your jealousy & hatred of Maurice's knowledge in comparison to yours. Your continued personal vitriolic attacks on him are totally uncalled for and are a very good reason why Secunia should consider imposing conduct rules. You have certainly downgraded this discussion like so many others with your childish nit picking and failure to really understand what is really being discussed which somewhat negates your idea of adult behaviour. 500 posts with so little reward really does say a lot about your talent in comparison to your peers.

Without him and the others I have named any chance of a reasonable answer when Secunia staff are not available are lost, except, from those ready to pounce and copy his research, use it as an answer and claim the credit.

You really do appear to have a very poisonous attitude. I note some posts you created in the past got no votes of approval which is heartening to see.

If rudeness is the order of the day perhaps it really is time for you to spend less time here attempting to belittle people, being sarcastic, offering really nothing, and more time teaching yourself about a PC so that you can be of more value to general users and upgrade your credit rating.

Why do I prefer not to create a cry for help? "Anthony" has part of the answer which "Maurice" picked up on. The others are simple to explain.

a] Because people like "thedillpickl" are allowed to flourish who has so little to offer except that which I have already stated.
b] Searching for an answer is made difficult and longwinded because of all the interruptions most of which do not relate to the original question or duplicate it.
c] A slight lack of official direction. I have no real idea where to post to be accurate and correct but luckily appear not to have gone in the wrong area.

I to do not agree with some points raised before "thedillpickl" interrupted but they are not serious enough to comment on and I am sure Secunia will be able to come to some reasonable conclusion from the thoughtful comments already made. "Timow","Anthony" and "Maurice" look like they are in general agreement which is a good sign.

In conclusion, I really must try to help Maurice regain some respect as he has helped me for over 5 hours over the bank holiday. PCWorld wanted to charge me £99.99 for a fix that Maurice has completed at no cost. His reward is a miserable 5 points awarded on my other post. Without people like him around - I note he has helped others on a personal basis - something would be sadly missing.

Secunia must strive to keep him and like minded people I have named happy and interested enough for them to continue to help us all. We can all do without the "thedillpickl" who may well wish to change his name to something more suitable. Being a lady I do not want to be ruder than him by giving a clue.

Thank you Secunia for an excellent free programme. I do hope you can accommodate some of the main ideas requested to enhance the total package. Sorry if I have broken protocol but something must be said to stop narrow minds from taking over from talented and very helpful regular advisors when you are not available.




--
Valerie

Packard Bell
Intel Pentium 4
Windows XP Home SP3
Was this reply relevant?
+0
-0
mogs RE: Where Angels Fear to Tread
Expert Contributor 31st May, 2010 12:39
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Hello.
Seek and you may find......an expectation of receiving repeatedly some may need to be weaned off.....I don't see Maurice and the dill as the personification of good and evil !! It may be that I'll never be able to help you....you may be able to help me.....of their good will, I've much more experience !
Ladies are sometimes much freer with their favours ?

--
Was this reply relevant?
+0
-0
taffy078 RE: Where Angels Fear to Tread
Contributor 31st May, 2010 13:48
Score: 408
Posts: 1,322
User Since: 26th Feb 2009
System Score: 100%
Location: UK
Last edited on 31st May, 2010 14:25
Points have been made & opinions expressed.

I'm sure we each have something to offer this Forum and I for one would hate to see anyone "take their bat home".

I'm even more sure that we each have the Forum's best interests at heart.

With that in mind, may I now suggest to TiMow that you now close this thread.

But before you do & before I end this post may I highlight two excellent ideas:

(1) Anthony: "Secunia's safe hands or a charitable/responsible Forum member (could be) entrusted with private contact (details)"

(2) As it's your thread TiMow and you wanted to highlight this, may I repeat it:

On 29th May, 2010 20:33, TiMow wrote:

"However, to me the solution is clear: - Secunia should cease to treat the vulnerability forum as the sacred cow, that shouldn't be touched. It should be operated along the same lines as the other sub-forums - maybe policed a bit more strictly, but not with the inconsistent minimising that takes place at present.

This course of action doesn't involve any changes to the structure of the forum; any do s and don't s; any sticky s or taffy having to ride shotgun - it just requires a change of attitude."

Regards & best wishes.

--
taffy078, West Yorkshire, UK

Desktop: Compaq Presario (OEM) 32 bit / AMD Athlon / 2 GB RAM
XP Home - SP3/ IE8/ Norton IS - Secunia PSI v2.0.0.3003

Laptop: Win 7 / IE11 / PSI v2.0.0.3003
Was this reply relevant?
+0
-0
thedillpickl RE: Where Angels Fear to Tread
Contributor 31st May, 2010 16:42
Score: 376
Posts: 872
User Since: 3rd May 2009
System Score: 100%
Location: US
Hi All;

If I might be permitted a moment, before any thread closing takes place.

@Valerie, hello, we have not been properly introduced. My name is Frederick Stogsdill, you may call me Fred, as most everyone else does. There is a story behind the user name 'dillpickle' that doesn't bear repeating here, I assure you that it is in no way meant to be offensive.

I can certainly understand your defense of Maurice, you may believe or not, I have been on his 'side' in the past. The problem is (sorry Maurice, just being honest, as I see it) that Maurice has a habit of switching sides when it is convenient for him. For example, the points scoring. Hence my suggestion for us both to start from scratch. I believe a person has the privilege to change their mind and even to change back again, just not to make things convenient.

Any 'poison' you may detect is from my being relegated to observing the forum from afar. I really like helping people. I think this is quite possibly the best forum for getting help, bar none. The problem is, although I have a fairly thick skin, I don't wish to run off 'newbies'. When my suggestions, thoughts, opinions, and ideas are shot down, not with points, but written word, it confuses & demeans the person who started the thread to ask a simple question. Therefore I am limited in the type of threads I can work. I only answer threads that I have a direct answer to a direct question.

As to 'points', I think that's great that we can 'look' at the numbers. Toyota was a top selling, with wonderful numbers, automobile. Until they started accelerating on their own & killing people.

A final note: I do not continually 'attack' Maurice, as a matter of fact. The above post is my only response for awhile. There are posts of mine on "Open Door" where I attempted to engage Maurice in 'chat', as he was doing the same with others about a BBQ. All I can say is that I did not throw the first stone.


Sincerely;

Fred

--
XP Home
Chrome, Firefox, IE8
--
consilio et animis
Was this reply relevant?
+0
-0
TiMow RE: Where Angels Fear to Tread
Dedicated Contributor 31st May, 2010 20:05
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH
Last edited on 31st May, 2010 20:30
Evening fellow contributors

taffy - just to answer you briefly first - I appreciate your concerns about closing this thread now, but I was still in the hope of some official feedback. I know (believe) that sometimes they deliberately take a back seat in the belief that the contributors sort such discussions out themselves, or it runs out of steam. Anyway it would have denied Fred his right to reply - and who should I click to accept?

Valerie - hi - I hope you're still on e-mail alert on this one, and are able to return to catch up.

As the originator (but not owner) of this thread, I would like to respond with a few thoughts, despite drifting off track a bit from the original topic.

It's good to have input from a different perspective (especially a female one) and you shouldn't feel any awkwardness in joining any thread or creating your own if you need to seek advice. Judging by your profile info. on the left of your post, you've obviously been a silent forum user for quite some time, and are probably familiar with the regular contributors (it got me thinking that it may almost come over as a Gentleman's Club at times to the unsuspecting onlooker - I hope not).

The advice in general is that no one should broadcast their e-mail address (or more) on an open forum - at best it invites all kinds of rubbish. Maurice, I believe, has created a "throw away" one for use here (and other places?). We could all do that, but for myself, I don't have either the time or expertise to make it worthwhile, for anyone. I only try to offer assistance on stuff that I have done myself or read about others doing, and can then pass it on - but my field of knowledge is quite limited.

It's interesting to note your take on some of the above replies (and, guessing; other posts from the past). For those of us who may or may not be more familiar with the players concerned and the situation that seems to have unfortunately developed, we might not see things in quite a harsh light.

We all have varying degrees of advise and opinions to offer, and in the past errors of fact and judgement have been made. But on the whole, these differences have been voiced in a relatively civilised manner. I think it's important that we don't get involved in mud slinging or name calling. We should all be free to express our opinions and sometimes that means calling it as we see it, so long as we don't lose sight of common decency.

I can appreciate your gratitude to Maurice (a hundred quid is a hundred quid), but I think the respect he already commands from the community at large isn't in question or being threatened, and am sure that he can put up a good (written) fight when he needs to, but am sure he's also grateful for your support.

Regarding Fred (thedillpickl), his contributions in the past have helped others on the way to ironing out their problems - if not always directly he is often able to point posters in the right direction to threads or info. that might help. His input, as with many others, is not to be underestimated. We all have our own ways of relating our information and unfortunately this can sometimes be misinterpreted by those reading (I put my own hands up, here).

For me, one of the most valuable contributions from any of the posters trying to help (as you have rightly pointed out regarding Maurice) is their time - even if the help offered doesn't always hit the mark. Sometimes the advice given is only as good as the details (or lack of them) that are initially posted.

Anyway this now is way off track to the original point of this thread and I'm probably in danger of taking a hit or two.

I hope you get to read this and feel able to respond if applicable - either here or elsewhere in the future. Regards to all

TiMow

--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+1
-0
Anthony Wells RE: Where Angels Fear to Tread
Expert Contributor 31st May, 2010 20:48
Score: 2434
Posts: 3,317
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 31st May, 2010 20:55
Hi TiMow ,


Meeeee ,mmee ,me me !!

Lock me out for a fiver .

As I keep getting my name in lights - cough ,cough , modest shuffle , this where I am today :-

I know that there are some 4 million customers/users of Secunia and over 2 and a 1/2 million downloads of PSI .

I do not know how many use , read , need advice , etc., from the Forum . I don't know how it is considered/rated as a website , despite what "helpers" might think .

I do know that not everybody will be pleased with it's style - either in general or individually - and that we are limited in "helper" numbers . There is not enough feminine input and it is not actively encouraged .

I do not like voting - I believe that it has changed the atmosphere of the Forum .

I do not like the "vulnerabilities" and "CSI" sub-forums appearing as/where they do - it is confusing for just about everyone .

I hate "authority figures" and that is reason enough for me to have clashed with most of you on at least one occasion and am still at it today :))

I miss a beginners guide of how to use the PSI in the programme itself and a how to post intro to/in the Forum .

I like taffy's monthly - it has limited numbers , but so what ? It is not a chat room (which would need guidelines) and the same for "tech tit-bits" info for newbies ; in my opinion (asked for before 01/06/2010) there are only two or three regular helpers who have the tech knowledge to help correctly - I am not a "teccie" , taffy . Any such "thread" should be a sub-forum with a moderator , imho . Recommending programmes can open up yhe proverbial can of ..

Everything is conjecture unless someone can suggest a plan of action and itis certainly taking up time for minimal progress . I don't see Secunai wading tru' this to construct their next website modifications

Take care

Anthony



--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
mogs RE: Where Angels Fear to Tread
Expert Contributor 31st May, 2010 21:32
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Last edited on 31st May, 2010 21:34
Lots of people like taffy's OD " judging "by the veiwing figures for the first month....whether they be male or female in actual fact is another matter !
All this round of contention began at the introduction of an unfair points system.
Unfair....as those who give of their own time freely, can finish up feeling disheartened, bitter and agrieved.....whatever level of ability and learning. Not that I'd like to be a paid "carer"!

--
Was this reply relevant?
+0
-0
thedillpickl RE: Where Angels Fear to Tread
Contributor 1st Jun, 2010 00:51
Score: 376
Posts: 872
User Since: 3rd May 2009
System Score: 100%
Location: US
@Timow, I appreciate the time & effort you have spent addressing the original problem. I apologize for ending up off topic. I originally meant to answer a few points as I read the thread (got here late), not start my own discussion.

@Anthony, here, here.

@Mogs, :)


Fred

--
XP Home
Chrome, Firefox, IE8
--
consilio et animis
Was this reply relevant?
+0
-0
taffy078 RE: Where Angels Fear to Tread
Contributor 1st Jun, 2010 08:24
Score: 408
Posts: 1,322
User Since: 26th Feb 2009
System Score: 100%
Location: UK
Thanks TiMow - point taken.

So may I add another comment, please, concerning the timing of new threads.

I sometimes come here at odd times (in UK terms) so, believing that the technical guys may not be here for a while, I have sometimes posted on the lines of "teccy will appear soon - meanwhile, more info please on . . . ".

Occasionally, I have pointed then to another thread on the same issue when e.g. Maurice has already posted the solution. This happens a lot because many new posters don't "search".

I do it so that the poster, usually a new one, has some kind of reply quickly. When you've a PC problem it often comes at a bad time for you so speed matters. No reply = look elsewhere.

If I get points from one of these posters for pointing them to another member's solution, I'm not really bothered.

What matters at the end of the day is that someone who needs help gets it - quickly. I realise that I may make mistakes sometimes but these have always been spotted and corrected.

Finally - I like your idea, Anthony, of a Moderator on the two new monthly topics (replacing Open Door, from today). Will those lovely guys at Secunia take notice? ;0)

--
taffy078, West Yorkshire, UK

Desktop: Compaq Presario (OEM) 32 bit / AMD Athlon / 2 GB RAM
XP Home - SP3/ IE8/ Norton IS - Secunia PSI v2.0.0.3003

Laptop: Win 7 / IE11 / PSI v2.0.0.3003
Was this reply relevant?
+0
-0
TiMow RE: Where Angels Fear to Tread
Dedicated Contributor 1st Jun, 2010 10:05
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH
I think this thread is slowly becoming E.-o.-L., as a few deviations have been creeping in - for me, not a problem, as many good points have been raised and discussed - and I am grateful to all that have taken time to contribute.

I'm not going to close it, just in case someone wishes to comment further - it will either get locked or slip away into obscurity, unless a new debate is created, after a posting.

The powers that be have obviously not felt the need to contribute, although I hope they are at least aware of some of the points raised and views expressed, and agree with Anthony, that it probably wont effect policy change regarding the forum.

As is often the case with such discussions/debates - it's like a communal piece of chewing gum, that gets passed around between the "usual suspects" for constant chewing over, but after a while all the flavour is all gone.

I'm also, only in part agreement with Anthony about "taking up time for minimal progress" - you are basically correct but I feel that some of the points raised are valid and worth re-emphasising - even if they don't get picked up officially, those on the periphery are now more aware (if not already):

1) The function of the Vulnerability forum needs addressing - when comments are invited after an Advisory and then create a new thread, they and subsequent replies should not be indiscriminately marked down and minimised (or not - consistency please). [For me, the position of the CSI forum is not an issue, as I think most are aware of it's function. Maybe for the first-time poster the order of the dropdown list when creating a new thread should not be alphabetical - the CSI forum is the first and sometimes gets wrongly chosen. Perhaps this at the bottom and Open Discussions at the top];

2) Despite the best intentions, the scoring system doesn't seem to be as positively received as maybe intended - and is obviously not a true (accurate) measure of technical ability - but only a rough guide, probably more indicative of time invested. On top of that, its introduction may have created a negative atmosphere for some, and may have introduced an unnecessary competitive element;

3) The forum, for some/many (?) - but only expressed by one established user, above - may not always be seen as a friendly or accessible place (?), as all would hope (for some reasons given, re-visit above post from @ValerieA). This can also be seen by the unwillingness of some posters to create their own thread, as a lot of off-topic replies are often tagged on to other threads (maybe if the points system remains, then some kind of points incentive for creating a new thread? - or similar).

The above points are only my own, with the help of my perceived interpretation of others, as expressed in the above responses.

I thank Secunia and the readership at large, for their interest and patience and would like to state that was only ever meant to be a positive and not negative discussion, hopefully for the wider benefit of all.

Best wishes

TiMow

--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+1
-0
Anthony Wells RE: Where Angels Fear to Tread
Expert Contributor 1st Jun, 2010 12:23
Score: 2434
Posts: 3,317
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 1st Jun, 2010 12:28

Hi TiMow,

More grist for the "vulnerabilities" mulling (has just reappeared by chance) ; don't try to help (point up an anomaly) or some bored person in the SA Dept. may seek revenge whilst your "on holiday" :(( :-

http://secunia.com/community/forum/thread/show/373...

If Secunia don't want/have time to read all this stuff , you can always forward your précis/summary to them for their consideration . As can anyone else for that matter .
I would not suppose there will be an overnight change , for all that .

Gotta go , busy busy :)))

Take care
Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
thedillpickl RE: Where Angels Fear to Tread
Contributor 1st Jun, 2010 18:06
Score: 376
Posts: 872
User Since: 3rd May 2009
System Score: 100%
Location: US
@Ant, and so it goes.

--
XP Home
Chrome, Firefox, IE8
--
consilio et animis
Was this reply relevant?
+0
-0
Anthony Wells RE: Where Angels Fear to Tread
Expert Contributor 2nd Jun, 2010 17:08
Score: 2434
Posts: 3,317
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 2nd Jun, 2010 17:34
Hello TiMow ,

I have "found :)" the elusive "vulnerability report" and it's appearance as a Secunia headed thread in the "programs" sub-forum , you can see it here , in this thread :-

http://secunia.com/community/forum/thread/show/432...

If you click the link on the left above the heading , you go to the overall Vulnerability report and the same as for an individual SA , you are invited to comment and told that this will display in the Forum - sub -forum not specified ; but , in this case , "programs" seems logical . So it has not been "moved" by Secunia , it is triggered by the comment as with the SA comments box and is "timed" by the comment posted.

In this case , Maurice Joyce has put in a warning post , but this is in "programs" were you would expect to comment on the the programme itself and not a/the vulnerability itself - one or more may apply . So what on earth are the Secunia rules for posting here .

Another addition , perhaps , for your commentary to Secunia .

Happy cogitation .

Anthony

EDIT: look what happened here :-

Taffy knows about it and , if I remember correctly ,Maurice Joyce predicted it ; but it was a -2 rather than a -5 .

http://secunia.com/community/forum/thread/show/422...

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
TiMow RE: Where Angels Fear to Tread
Dedicated Contributor 2nd Jun, 2010 17:39
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH
Last edited on 2nd Jun, 2010 17:47
Hi Anthony

If I recall, it was to this (not specifically this one, but Vuln. Rep. in general) that I was referring in one of my previous posts, that you queried, but I couldn't quite remember precisely, as it appears to be a rarer beast than the SA, and is not as often seen.

When the thread is triggered by the first comment/reply and appears on the forum, the original Secunia Official post that shows at the top, is the "one-liner" that I also remember seeing, and referred to, previously here. But I still can't be sure that I haven't seen one-liners relating to SA's under Vulnerabilities, as well.

Is this the exception, or the rule, that a Vuln. Rep. appears under the Programs sub-forum?

Food for thought, and further mastication.

TiMow

EDIT: Having just seen your edit, I've probably answered my own Q. This is why I couldn't find these one-liners under Vuln. - because they live under Programs - and therefore shouldn't be subjected to the same indiscriminate harsh treatment, albeit a little less painful, but with the same overall result.

--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+0
-0
Anthony Wells RE: Where Angels Fear to Tread
Expert Contributor 2nd Jun, 2010 17:54
Score: 2434
Posts: 3,317
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

Here's Secunia's full list , TiMow ,unfortunately they don't show which is where so you would need to check each one . Somebody has been thru' the lot with their "marker pen" , it would seem after a couple of random checks ; I'm sure i figure frequently :)) :-

http://secunia.com/community/forum/userthreads/-1

Too late for all that , done and gone , Secunia needs to sort out the rules for the newcomers .

Mange bien .

Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
TiMow RE: Where Angels Fear to Tread
Dedicated Contributor 2nd Jun, 2010 18:15
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH
There's probably someone in the land of the Vikings, hiding a drawer full of marker pens, and only now realising he's been marking the wrong homework.

--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+0
-0
gjjean RE: Where Angels Fear to Tread
Contributor 2nd Jun, 2010 21:34
Score: 192
Posts: 197
User Since: 9th Apr 2010
System Score: 100%
Location: LB
Hello all

@ Timow

Thanks for creating this thread where one can relief himself and express ideas.

@Anthony

The bigger hits of -5 were in this thread:

http://secunia.com/community/forum/thread/show/429...

My thoughts are:

1- In vulnerabilities section Secunia should remove “ Replay” & “ Quote”.

2- In response to the vulnerabilities, one should ask for solutions in “ Discussion “

Wish you all the best


--
HP pavilion DV6
Win 7 64bit - SP1
IE10 + MSSE4.3.215
Was this reply relevant?
+0
-0
TiMow RE: Where Angels Fear to Tread
Dedicated Contributor 3rd Jun, 2010 11:05
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH
Last edited on 3rd Jun, 2010 11:23
Hi John

Thanks for feedback.

Your use, as always, of the English language is accurate and easily understandable, but one (humorous) point to which you may not be aware, is, in colloquial (everyday spoken form - not necessarily accurate) English, the term "relieving himself" often refers to what we sometimes have to do after a good evenings drinking, when we can't wait to get home, before we have to find a tree or dark wall down an alley (maybe you do already know this, and the implication was intended).

To all:

A new reply, to the following (under Vulnerabilities) this morning:

http://secunia.com/community/forum/thread/show/434...

I was thinking of testing the water, and was going to respond to the poster, but had to go out, shortly. On my return, when I checked in, the reply had been minimised, with a big hit of -10 ..... a bit of muscle flexing?

This is now getting really ridiculous, and is in danger of undermining the principles of this forum; as I feel I have a couple of valid points to make to this poster, that may offer some insight into resolving what he has reported (now hidden away).

Come on Secunia (I appreciate that Emil and Morten are probably only messengers) - I hope you are aware of the content and development of this thread, but it is now time for some input and feedback from you.
What am I (or anyone else) to do here, when I (we) feel we can offer some assistance but are concerned about the impact that minimising and negative scoring might have? This is not a rhetorical question - please advise.

This is not just a case of me (us) moaning about this situation - this is now starting to effect the fundamental aim (imho) of a help forum, and the responses (or lack of) that may be offered in helping others.

My header for this thread, exactly sums up this whole situation.

Are your principles (and as of yet, unrecorded rules) more important than assisting users' calls for help (even if they are sometimes voiced belligerently and in the "wrong" place)?

I know we all benefit from this free service and the liberal approach (normally), adopted with this forum, but as it undoubtedly still costs money to operate, lets try and get it back on track, please.

TiMow

--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+0
-0
taffy078 RE: Where Angels Fear to Tread
Contributor 3rd Jun, 2010 11:46
Score: 408
Posts: 1,322
User Since: 26th Feb 2009
System Score: 100%
Location: UK
Last edited on 3rd Jun, 2010 11:48
I too thought John's post was spot-on.

Nice one TiMow re "relief"! ;0)

But on a more serious note, you've again got straight to the point, TiMow.

Herb Ransom has been nuked simply for what? For asking for help/advice in the wrong room. Hardly the way to attract/keep new members is it.

I disagree with those who've said that the negative points are not for posting in the wrong section but for "posting on a Secunia thread that is for Information only". That doesn't make sense imho.

And what if Herb just happens to be the CEO of a major customer of Secunia CSI? Negative impact upon Secunia income.

But rather than keep posting here - after all, Emil has already said they are going to change the procedures - why not email them, as I've done.

Hopefully, that way, all the lost marks will be reinstated - & peace will break out.

Edit; typo.

--
taffy078, West Yorkshire, UK

Desktop: Compaq Presario (OEM) 32 bit / AMD Athlon / 2 GB RAM
XP Home - SP3/ IE8/ Norton IS - Secunia PSI v2.0.0.3003

Laptop: Win 7 / IE11 / PSI v2.0.0.3003
Was this reply relevant?
+0
-0
TiMow RE: Where Angels Fear to Tread
Dedicated Contributor 3rd Jun, 2010 11:57
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH
Hi taffy

I think this needs to remain in the public domain, so all that wish to, can express an opinion, or at least keep up to speed with what's being discussed.

It's becoming time consuming as it is, without starting a secondary line of communication.

I'm sure they look at all threads and read their contents.

Speaking personally, and to re-iterate a previous point - I'm not necessarily looking for a procedural change, just a change in attitude - much easier and cheaper.

Regards

TiMow

--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+0
-0
Anthony Wells RE: Where Angels Fear to Tread
Expert Contributor 3rd Jun, 2010 12:59
Score: 2434
Posts: 3,317
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 3rd Jun, 2010 13:07

Flowers in the sand , John .

Have advised Herb , who is far from being a new member** ; but obviously is not psychic about unknown/unwritten rules .

Gotta go , life calls :))

Anthony

** http://secunia.com/community/forum/thread/show/255...

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
thedillpickl RE: Where Angels Fear to Tread
Contributor 4th Jun, 2010 07:29
Score: 376
Posts: 872
User Since: 3rd May 2009
System Score: 100%
Location: US
Hi All;

Been busy, sorry.

Just skimmed latest on this thread. Poo on what is happening to people like Herb. Didn't check it out but can imagine.

My opinion is quickly turning to doing away with the vulnerabilities threads. The SA reports have always been available. The vulnerabilities thing is mostly a convenience and informational thing (for me anyhow).

But yeah, enough's enough!


Fred

--
XP Home
Chrome, Firefox, IE8
--
consilio et animis
Was this reply relevant?
+0
-0
michaelsalis RE: Where Angels Fear to Tread
Member 4th Jun, 2010 14:12
Score: 57
Posts: 141
User Since: 18th Feb 2009
System Score: 98%
Location: UK
Secunia Forums were always a friendly helpful place to go before the scoring was put in place and in my opinion the best forum available.

Since scoring has been introduced it is becoming, as I feared, more like the other less helpful Forums.

The idea of scoring in principle is good, however, in practice it becomes a free for all competition which then becomes most unhelpful. Scoring is always abused.

The sooner Secunia forgets about the scoring system the better for sanity to be brought back to the forum. We never had trouble in this forum before scoring was introduced and now some of the busiest posts in the forum are about the scoring system not the much more important task of helping people with their problems and questions about patching and the like.

--
Michael
Toshiba Satelite A660
Intel i7
Windows 7 Ultimate
IE9

Toshiba Equium Laptop
Intel Centrino Duo
Windows Vista Ultimate SP2
IE9
Was this reply relevant?
+1
-0
TiMow RE: Where Angels Fear to Tread
Dedicated Contributor 4th Jun, 2010 14:57
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH
Last edited on 4th Jun, 2010 15:35
Good to hear the views of another regular poster.

It appears the common denominator of those who have expressed an opinion - over and above the original point of this thread - is the negative aspect of something that was originally introduced to supposedly have a beneficial effect.

I hope these points are being noted.

--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+0
-0
Anthony Wells RE: Where Angels Fear to Tread
Expert Contributor 4th Jun, 2010 17:08
Score: 2434
Posts: 3,317
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 4th Jun, 2010 17:11
I know this thread is dragging on ; but it has just reminded me that whenever I visit any another website , I never sign up/log in just to vote .

Obviously a poster to a thread may vote (sparingly it seems) and maybe some peruse lots of threads to give an "opinion" - asked for , after all , but "relevant" ?? .

But what is the opinion of the general reader/observer and he or she who has found the solution just by reading and would report back (often helpful in itself) only to see the thread(s) closed ; sometimes inadvertently by the owner :-

http://secunia.com/community/forum/thread/show/439...

So , what is relevant , rather than helpful or pertinent solving the crime wholly or merely partially ??

Sorry , it's POETS day and the devil and all that ; I'm gone .

Take care
Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
taffy078 RE: Where Angels Fear to Tread
Contributor 4th Jun, 2010 20:53
Score: 408
Posts: 1,322
User Since: 26th Feb 2009
System Score: 100%
Location: UK
and it's not only members who can "vote/score" of course. Which is why I've not posted in the latest thread in vulnerabilities.

--
taffy078, West Yorkshire, UK

Desktop: Compaq Presario (OEM) 32 bit / AMD Athlon / 2 GB RAM
XP Home - SP3/ IE8/ Norton IS - Secunia PSI v2.0.0.3003

Laptop: Win 7 / IE11 / PSI v2.0.0.3003
Was this reply relevant?
+0
-0
thedillpickl RE: Where Angels Fear to Tread
Contributor 7th Jun, 2010 02:21
Score: 376
Posts: 872
User Since: 3rd May 2009
System Score: 100%
Location: US
Hi All;

This is off of the original topic of the vulnerability threads, but right in line with the general discussion that devolved from it.

The way it is supposed to be: http://secunia.com/community/forum/thread/show/441...


Fred

--
XP Home
Chrome, Firefox, IE8
--
consilio et animis
Was this reply relevant?
+0
-0
lmacri RE: Where Angels Fear to Tread
Member 8th Jun, 2010 00:12
Score: 42
Posts: 86
User Since: 9th Sep 2009
System Score: N/A
Location: CA
TiMow:

Thanks for starting this discussion. Just two days ago I came across a post by a relative newbie looking for help updating an insecure program
(http://secunia.com/community/forum/thread/show/432...) and was dismayed to see that the first response to their question
was someone admonishing them for posting in the Programs forum. How's that for encouragement?

So here's my two cents worth:

1. Secunia should provide guidelines to explain posting etiquette and to help users select the best forum for new topics.

2. Leave the administration of the forum to Secunia employees. I like the system used in the Symantec Norton forum (http://community.norton.com/t5/Norton-Internet-Sec...) where moderators will move a thread to the appropriate forum when necessary and then notify the originator via an automated private e-mail.

Users should think twice before firing off an opinion on the forum. If you aren't asking for help, offering a possible solution to a problem, suggesting a software improvement or requesting clarification of someone else's instructions, then ask yourself if your comments are really going to contribute anything positive to the conversation.

3. Get rid of negative scoring. If someone objects to the content of a post then they should be able to flag that post for the moderator and let the moderator decide whether the post should be removed from the forum. Users can click on a "kudos" button on posts in the Symantec forum (similar to the "thumbs up" icon on the Secunia forum) so that users know that the information was helpful to someone, but by and large I find these scoring systems that allow individuals to collect points to be counter-productive and open to abuse.

--
Vista Home Premium 32-bit SP2 * NIS 2013 v. 20.4.0.40 * IE 9 * FF v. 29.0 * PSI v. 2.0.0.3003
Was this reply relevant?
+2
-0
TiMow RE: Where Angels Fear to Tread
Dedicated Contributor 8th Jun, 2010 08:28
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH
Hi lmacri

It appears that this topic (and thread), doesn't want to lie down and there are still those wishing to add their views - good to read yours.

Even established users aren't always sure of the required protocol, when posting and replying on the forum. For myself, only since starting this thread, have I been able to gain clarification on the basic procedure.

1) When an Advisory is issued, comments (replies) are invited. When a comment is made, this creates a new thread on the forum under the vulnerability sub heading. Possibly this reply, but normally subsequent ones are negatively scored and minimised, as vulnerabilities is the sacred ground (as in the title of this thread).

2) When there is a Vulnerability Report (also inviting comments), this then becomes a thread under under the programs sub-forum, after the first reply. Therefore, this, and subsequent replies are legitimate and valid here.

In the link example you provided above, there was actually no requirement for the advice to create a new thread (as this was in Programs), but was probably triggered by seeing a Secunia Official post relating to a vulnerability, that prompted that reply (in this case unnecessarily).

The common consensus appears to be that both changes (in policy or attitude), and guidelines are required, for the successful operating of this forum.

TiMow

--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+0
-0
mogs RE: Where Angels Fear to Tread
Expert Contributor 8th Jun, 2010 08:35
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Whether we agree with the points system or not....if some get zapped more than others: I'm still thankful Secunia provide the FREE psi and have given room for free debate on the forum.
What others do or don't....preconceptions/models....sheep we've already discussed (?!)....has anybody got a silver dollar together yet ?! I'm not a fistful of copper ?! We definately used to be more cheerful ?

--
Was this reply relevant?
+0
-0
Anthony Wells RE: Where Angels Fear to Tread
Expert Contributor 8th Jun, 2010 16:00
Score: 2434
Posts: 3,317
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 8th Jun, 2010 16:02
@Imacri and TiMow ,

Maurice Joyce posted as he did because , at the time , this was happening to a Vulnerability Report headed thread in the Program sub-forum (I hate that term) :-

http://secunia.com/community/forum/thread/show/422...

AKAIK , as Secunia have not disclosed the Forum voting rules they apply, this could still happen :ie: a less severe treatment of a specific SA comment started thread .

Take care
Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
TiMow RE: Where Angels Fear to Tread
Dedicated Contributor 8th Jun, 2010 18:04
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH
Something else that wasn't apparent or obvious (the topic of this particular thread wasn't relevant to me, so I didn't follow it).

It did seem a bit un-Mauricelike, and I thought it was a genuine error.

As I've only become aware of the differences between and relationship of Advisories and Vuln. Reps. (and their subsequent appearances on the forum) thru' the development of this discussion, I can imagine that it's a real minefield for the uninitiated. I at least thought the Programs section was safe, immaterial of the original post.

I thought this thread was slowly slipping by the by, but as another reply is made, it triggers off another train of thought, prompting a reply.

TiMow

--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+0
-0
taffy078 RE: Where Angels Fear to Tread
Contributor 8th Jun, 2010 18:27
Score: 408
Posts: 1,322
User Since: 26th Feb 2009
System Score: 100%
Location: UK
Before reading your latest post TiMow I was very confused with the path for a topic moving from an Advisory through Vulnerabilities to Programs - see my post in Off-Topic General Tech Talk today @ 18:13.

I now understand it better but am not sure it is easy enough for a PC-amoeba such as me to pick up what clearly is a major issue.

It was entirely down to Mogs posting in that section that I heard about the Adobe issue.

--
taffy078, West Yorkshire, UK

Desktop: Compaq Presario (OEM) 32 bit / AMD Athlon / 2 GB RAM
XP Home - SP3/ IE8/ Norton IS - Secunia PSI v2.0.0.3003

Laptop: Win 7 / IE11 / PSI v2.0.0.3003
Was this reply relevant?
+1
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability