funsec mailing list archives
Re: dumb. Comcast pop-ups
From: "Larry Seltzer" <larry () larryseltzer com>
Date: Mon, 12 Oct 2009 09:33:27 -0400
A spam-spewing bot sticks out like a sore thumb, but a compromised
system which is not making itself so readily visible may go undetected indefinitely.
Given what we've observed during this decade about botnet operators, I
think they are *easily* smart enough to hold huge numbers of systems in reserve. First you complain about false positives, now you switch the subject to false negatives? Yes, the method Comcast is probably using probably only identifies the conspicuous ones. Just because it doesn't find them all is no reason not to find these ones.
Of course there isn't. But do you really think that people clever
enough to rewrite bank statements on the fly will have any technical difficulty at all deploying the code to block those pop-ups? Right, and when that happens and when it becomes a serious impediment then they'll have to deal with it. There's an awful lot of malware out there right now that doesn't do it.
More broadly: one of the reasons we find ourselves where we do is that
we think too much about what the adversary IS doing instead of what the adversary COULD be doing. It's a failure of imagination. It's why they're so far ahead of us and pulling further away every day. What do you actually expect Comcast to do by themselves, while still serving a broad market of clueless average users? They're in a tough spot and broad condescension like this doesn't contribute anything to the debate. Larry Seltzer Contributing Editor, PC Magazine larry_seltzer () ziffdavis com http://blogs.pcmag.com/securitywatch/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: dumb. Comcast pop-ups, (continued)
- Re: dumb. Comcast pop-ups Michael Collins (Oct 11)
- Re: dumb. Comcast pop-ups Larry Seltzer (Oct 10)
- Re: dumb. Comcast pop-ups der Mouse (Oct 10)
- Re: dumb. Comcast pop-ups Dave Dennis (Oct 10)
- Re: dumb. Comcast pop-ups der Mouse (Oct 10)
- Re: dumb. Comcast pop-ups Rich Kulawiec (Oct 11)
- Re: dumb. Comcast pop-ups Paul Vixie (Oct 11)
- Re: dumb. Comcast pop-ups Valdis . Kletnieks (Oct 11)
- Re: dumb. Comcast pop-ups Rich Kulawiec (Oct 12)
- Re: dumb. Comcast pop-ups Larry Seltzer (Oct 12)
- Re: dumb. Comcast pop-ups Rich Kulawiec (Oct 16)