Thursday, September 20, 2007
GNUCITIZEN: I liked you back when you were a temp!
About a year ago I started following GNUCITIZEN (back when it was just PDP) because the graphics were cool and there was interesting content like running Jython within your browser and even the AttackAPI.
But things started to get less and less interesting as GNUCITIZEN hit the Web 2.0 Security warpath--and other folks started blogging besides PDP. Then came the Firefox vuln (yeah the one you just updated for) and then today's pre-disclosure of a Acrobat 0-day.
The site is certainly on a downward trajectory and it was with a certain sadness that comes this time of the year [in North America when you know the days are getting shorter] when I read the profound advice not to open any PDF's. Another non-actionable disclosure. If you are going to pre-disclose (which I disagree with, but fine!) at least provide something useful, like a PoC. Otherwise, what is the point? A site that had the potential to be something interesting and off-beat like lcamtuf has devolved in to banal disclosure posturing. And we certainly could use a lot less of that.
Oh but it looks like the site is now down, so its not a total loss.