funsec mailing list archives
Chinese attacks
From: Gadi Evron <ge () linuxbox org>
Date: Fri, 15 Jan 2010 12:23:13 +0200
On 1/15/10 11:40 AM, Paul Ferguson wrote:
I think it is dangerous, from a defense perspective, to say "This is responsible for that" when there are clearly several different things happening here -- instead of looking for quick explanation, everyone should step back and observe that there are several critical paths to compromise at work here.
1. Unlike GhostNet, which showed an interesting attack but jumped to conclusions without evidence that it was China behind them -- based on Ethos alone I'd like to think that when Google says China did it, they know. Although being a commercial company with their own agenda, I am saving final judgement. 2. The 0day disclosed here shows a higher level of sophistication, as well as m.o which has been shown to be used by China in the past. 3. If this was China, which some recent talk seems to make ambiguous, but still likely; they would have more than just one weapon in their arsenal. Gadi, -- Gadi Evron, ge () linuxbox org. Blog: http://gevron.livejournal.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- MSIE 6/7/8 unpatched vulnerability confirmed Juha-Matti Laurio (Jan 15)
- Re: MSIE 6/7/8 unpatched vulnerability confirmed Paul Ferguson (Jan 15)
- Chinese attacks Gadi Evron (Jan 15)
- <Possible follow-ups>
- Re: MSIE 6/7/8 unpatched vulnerability confirmed Juha-Matti Laurio (Jan 15)
- Re: MSIE 6/7/8 unpatched vulnerability confirmed Larry Seltzer (Jan 15)
- Re: MSIE 6/7/8 unpatched vulnerability confirmed Juha-Matti Laurio (Jan 15)
- Re: MSIE 6/7/8 unpatched vulnerability confirmed Juha-Matti Laurio (Jan 20)
- Re: MSIE 6/7/8 unpatched vulnerability confirmed Juha-Matti Laurio (Jan 20)
- Re: MSIE 6/7/8 unpatched vulnerability confirmed Paul Ferguson (Jan 20)
- Re: MSIE 6/7/8 unpatched vulnerability confirmed Larry Seltzer (Jan 20)
- Re: MSIE 6/7/8 unpatched vulnerability confirmed Paul Ferguson (Jan 20)
- Re: MSIE 6/7/8 unpatched vulnerability confirmed Juha-Matti Laurio (Jan 21)
- Re: MSIE 6/7/8 unpatched vulnerability confirmed Paul Ferguson (Jan 15)