funsec mailing list archives
Re: 2011 Security Predictions?
From: "Hubbard, Dan" <dhubbard () websense com>
Date: Sun, 5 Dec 2010 15:53:48 -0800
Some of my more serious ones from my ramble at ISOI this year... * Security researchers will continue some transition to non-security companies as they build up research expertise to protect crown jewels * Security research will be more focussed in key areas that are relevant to customers, their company, or sector. eg. more research into specific attacks versus Trojan du jour * Renewed focus on threat models * Security companies build out non-security capabilities in order to get users co-operate. EG: how do you convince iPAD owners to install config profiles and apps ? * Security companies will continue to try and figure out freemium models and content-plays but will struggle with the privacy issues and irony of it all * Blah Blah Blah, Social, Mobile, Cloud, blah blah blah * More "bad" apps will be released for iPhone, Facebook, and Android New catch phrases for 2011....you heard them hear first :). * "Fail whale is the new reboot" * "Red is the new white" * "Securidigm"... this is the year of a new security paradigm * "Tivot" ...the act of pivot'ing ones technology to match a business pivot * "Social Pharg"... a clique within the social graph ...see pharg... * Chowdsourcing...crowdsourcing from / in China My Xmas list that are getting close to reality... * zero startup time / reboots * 20 hours of battery life * good mobile reception * more quality cons and less quantity * online streaming con's with good quality ________________________________________ From: funsec-bounces () linuxbox org [funsec-bounces () linuxbox org] On Behalf Of Valdis.Kletnieks () vt edu [Valdis.Kletnieks () vt edu] Sent: Friday, December 03, 2010 9:14 AM To: Shawn Merdinger Cc: funsec Subject: Re: [funsec] 2011 Security Predictions? On Thu, 02 Dec 2010 14:12:22 EST, Shawn Merdinger said:
Hide your kids, hide your wife -- it's the time of year when we start seeing articles on their crystal ball security predictions. I'm wondering what folks on the list expect for 2011? Thoughts?
IPv6 will finally *really* take off, as the imminent exhaustion of IPv4 space leaves the malware vendors less address space to hijack. Somebody will use fast-flux DNS and a botnet to deploy a truly enterprise-grade ultra-fast DNS hosting service - you're always guaranteed an authoritative answer from a host no more than 2 network hops from you. The first customers will be the people who recently had their domains taken down by the FBI. Somebody else will use a botnet to deploy an enterprise-grade 6to4 relay service. Again, you'll be guaranteed a gateway at most 2 hops away. The FTC will deploy their proposed do-not-track registry. Companies will then use the 'do-not-track' marker as a tracking marker. All of the above will each lead to at least one unintended consequence I haven't thought of yet, and at least 3 industry pundits going "How could anybody possibly have predicted this would happen?". (And if any of this actually happens - I hereby either claim ownership of the idea, or claim I heard it in an IRC channel, whichever is more beneficial to me :) Protected by Websense Hosted Email Security -- www.websense.com _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- 2011 Security Predictions? Shawn Merdinger (Dec 02)
- Re: 2011 Security Predictions? Nick FitzGerald (Dec 02)
- Re: 2011 Security Predictions? Larry Seltzer (Dec 02)
- Re: 2011 Security Predictions? Amrit Williams (Dec 02)
- Re: 2011 Security Predictions? David Harley (Dec 05)
- Re: 2011 Security Predictions? Hubbard, Dan (Dec 05)
- Re: 2011 Security Predictions? Larry Seltzer (Dec 02)
- Re: 2011 Security Predictions? Nick FitzGerald (Dec 02)
- Re: 2011 Security Predictions? Hubbard, Dan (Dec 05)