Re: Cyberwar talk video

[Carl-Johan Bostorp <Carl-Johan.Bostorp () cybercom com>]

Hi,

Since no one else bites, I will ;)

Basically my perception of what you're presenting is that it's a discussion starter and a reminder that the subjects 
are not so black or white as they have been appearing. Some properties of cyber appear a certain way in the current 
context, but that doesn't mean they always will under all circumstances. Some of it comes down to choosing priorities. 
There's a lot of economic forces at play that skews the playing field one way, but that COULD change if e.g. intrusions 
would be more frequently discovered, software makers were held accountable to a higher degree or some other legislation 
would kick in.

I'm sure you already read a lot of material on this subject before, so just to make a few points to get the discussion 
going...


*         "Carrier class expenses" - A bit of an exaggeration, yeah? But your point is that there are some "hidden" 
costs that are certainly in another league than e.g. the cost of buying a single 0-day.

*         'Everybody knows who did it''. Yes, you're right that it's not hard to figure out a prime *suspect*, but I 
hope you don't argue that you want the courts to rule on such weak evidence? Would you want to start a war on weak 
evidence then? Still, the evidence could be enough to take *some* action.

*         The kinetic vs. non-kinetic is of course also a grey scale. Yes, taking out computer systems can have a 
strong impact in the physical world. Media, politicians and even some infosec-people focus too much on SCADA because 
the effects are easy to understand. Effects are likely to manifest in the physical world even when the attack is on a 
countries ATMs, a warehouse or something like that. But when it comes down to it, a bomb is often a better option if 
you want immediate, hard-to-restore physical effects and care less about getting caught. When e.g. Project Cyber Dawn 
starts talking about Gadaffi planting a back door in the oil refineries to later remote control them, it just seem 
ridiculous to me.

In general, I think your presentation is a gold mine for discussion, not just on cyber war, but on the attack vs. 
defense side too. Just having the time difference between Phrack and MS Trustworthy Computing pointed out triggers a 
lot of thought.

/CJ

From: dailydave-bounces () lists immunityinc com [mailto:dailydave-bounces () lists immunityinc com] On Behalf Of Dave 
Aitel
Sent: den 25 augusti 2011 21:58
To: dailydave () lists immunityinc com
Subject: [Dailydave] Cyberwar talk video

So while I did get pneumonia[1] at BlackHat, and hence was not able to prepare this talk as much as I'd like, I 
recovered enough to actually GIVE it and find a blackhats.com comic to include in it. I tried to channel Lewis 
C.K.<http://www.louisck.net/videos/> when giving the talk, but one can only ask so much: 
http://www.usenix.org/events/sec11/stream/aitel/index.html

Mostly I just wanted to post this here to start a thread (potentially) since I know at least D. Guido has basically a 
book to respond with, and potentially other people want to  chip in with heckling. :>

-dave

_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave