One of the first mailing lists in her field cyber security, dedicated to the communication of vulnerabilities, the BugTraq announced that it is terminating mode at the end of the month, on January 31, 2021.
The site played a key role in shaping the security industry in cyberspace in its early days.
BugTraq, founded by Scott Chasin on 5 November 1993, was the first central gate where the researchers security could expose vulnerabilities they discovered.
However, the list has been in the gray area of the law for many years, as researchers published vulnerabilities which the companies in which they were discovered refused to repair.
Today, it makes sense for a security researcher to publish details about a corrected or uncorrected error, but then, these details were often controversial, and sometimes had many legal consequences.
However, with the passage of time and the change in mentality and legislation, BugTraq became the first place where many important vulnerabilities were announced at a time when researchers could not easily have personal websites and blogs.
BugTraq was also the model for many more gateways to reveal security vulnerabilities.
BugTraq changed hands several times, from Chasin to Brown University and then on SecurityFocus, which was acquired by Symantec. In 2019, the countdown for the gate began, when the Broadcom acquired Symantec. Three months later, in February 2020, the site stopped adding new ones content, remaining mostly empty.
Such as they said the last conservators of the list: “Currently, resources for the BugTraq mailing list are not a priority and this will be the last message in the list".
Many of today's experts in cyber security, who either started or were active in the mailing list since its release, expressed their sadness for the event.
"So many great stories were first reported on BugTraq and FullDisclosure [similar mailing list]"He said Ryan Naraine, security researcher and ex director of security strategy at Intel.
«It's the place the Litchfields made their name in the early days. I remember David Litchfield constantly announcing Oracle tools and research. It was the connecting link between what was emerging as the security industry».