Re: What the f*** is going on?

[Michal Zalewski <lcamtuf () coredump cx>]

> all apologies, that was not my intent in the least-- referencing the public portion of the aurora stuff, which is 
> part of the myth I thought you were referencing.

Sure. The moment the discussion strays toward these topics, I am
obviously not at liberty to discuss them freely.

In general, I simply think that framing the problems that the industry
is facing in terms of dealing with a new, sophisticated adversary is
kind of meaningless and destructive, even if the risk is fundamentally
true. The idea that AV + IDS + a prepackaged PCI / SOX / BS7799 audit
was a legitimate response to the threats faced 5-10 years ago is about
as misguided as the notion that $2M botnet monitoring or an IV drip of
0-day vulns will do the trick this time around.

(Even if you need offensive capabilities - and most parties don't -
nurturing a free market of 0-days sold to the highest bidder for
exorbitant fees does not seem like a particularly good long-term
plan.)

/mz

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/