I'm not clear on why a mailing list like F-D is in any way better than a subreddit or an instance of Lobsters.
Proponents of the mailing list say that the list is decentralized and allows everyone to archive its contents. The list is not in fact decentralized, and a message board also allows for archiving. The boards don't do this by default, but that's a good thing.
Message boards also offer a better reading experience. A lot of F-D is dreck. A threaded view (maybe with voting, maybe with collapsible threads) is the only sane way to view it. Boards also offer search.
People wonder why I post so much on HN. It really has nothing to do with HN; it's that HN replaced Usenet (and blogging and IRC, but mostly Usenet). I now grudgingly admit that web-based message boards are better than Usenet. The relationship between Usenet and mailing lists was once deep and productive. Maybe message boards should replace lists (at least, big public lists) as well.
Outside the several mailing lists we have, there's nothing resembling a central repository of security research and industry gossip. It's possible that it all could be done better with a custom web forum, a VIP room on Chatroulette, or a well-designed UUCP dead-drop - but so far, despite many attempts, nobody really succeeded with that.
Plus, F-D is awful mostly because it's a fairly accurate mirror of the security community itself (and certainly many of the web forums I have seen). More often than not, this is what makes the headlines - not a novel sandbox escape exploit that bypasses kSLR.
They perform slightly different functions and rely on a higher level of trust than an open mailing list can deliver but the security community is not uniformly awful.
It's a lot more decentralized than a web page (with pull-bassed rss/atom and/or that is scarping friendly), and a lot more decentralized than a web app (even with some form of non-standard smarty-pants ajax/js/whatnot-api).
It's comes with reliable, working push notifications!
> [m]essage board also allows for archiving.
Oh come on. You can scrape message boards, and in theory they could provide a dump -- but of what? The SQL backup of certain sections of the board? Just the public threads, but not the private messages? Some kind of export that makes it less than plug-and-play to host a mirror of the archives with the full structure intact?
(I seem to remember there was some private investigation posted recently where someone that had downloaded a few dumps someone else had stolen after having cracked a few boards to get access to the raw data).
> The boards don't do this by default, but that's a good thing.
What? Public discourse. If it was there yesterday, it's nice to be able to have it again tomorrow. One of my few pet pain-points of data gone from the Internet is related to a thread on mix-master remailers that was posted to the cypherpunk list in the late 90s (ironic I know, if I hadn't been so young that I didn't keep an archive of all interesting email -- I do have a printout though. It relates how a spokesperson for intelligence an service reported they try to run as many mixmaster nodes as they can, to better to traffic analysis).
> Message boards also offer a better reading experience.
There might be a few boards that offer half-decent reading experience, but in my opinion they're all worse than Pine. And Pine isn't that great of an email client.
> A lot of F-D is dreck.
Hello personal baysian filter, kill-thread etc.
> A threaded view (maybe with voting, maybe with collapsible threads) is the only sane way to view it.
I wish we had that here. Hiding threads would be great. I do have it my mail reader.
> Boards also offer search.
You can't be serious. http://insecure.org/search.html?q=THOMAS%20H.%20PTACEK
Then there's notmuch and a gazillon other ways to search your own mail. Not to mention just using gmail if you want to stick with the web interface. Granted, you can't search mail you haven't got. So either get a few mbox-archives from a mirror, or you can only find email you've read (or received). It's still hard to see how this is worse than most web forums.
> Maybe message boards should replace lists (at least, big public lists)
I will consent that big unmoderated lists can be a bit of a clusterfuck, and that email list doesn't scale that far. But neither does forums. Have a look at http://www.xda-developers.com. While it's a mostly pleasant place, trying catch up on one of those 20+page threads is painful compared to having it in a mailbox with proper threading and the ability to collapse sub-threads.
On a meta-note, I wonder why I can't down-vote this post (not that it would make a dent in neither your karma, nor this posts points ;-). Are there more benefits to the 100k karma club than to the 1k club? (Not saying it shouldn't be so, I just wasn't aware of any such difference).
Btw, anyone have a copy of the archive? Last time I checked, I couldn't find it online.
> However, I always assumed that the turning
point would be a sweeping request for large-scale deletion of
information that some vendor or other had taken exception to.
I never imagined that request might come from a researcher within the
'community' itself (and I use that word loosely in modern times). But
today, having spent a fair amount of time dealing with complaints from
a particular individual (who shall remain nameless) I realised that
I'm done. The list has had its fair share of trolling, flooding,
furry porn, fake exploits and DoS attacks over the years, but none of
those things really affected the integrity of the list itself.
However, taking a virtual hatchet to the list archives on the whim of
an individual just doesn't feel right. That 'one of our own' would
undermine the efforts of the last 12 years is really the straw that
broke the camel's back.