Interesting People mailing list archives
Re The Kronos indictment: Is it a crime to create and sell malware? - The Washington Post
From: "Dave Farber" <farber () gmail com>
Date: Fri, 4 Aug 2017 18:53:26 -0400
Begin forwarded message:
From: Ross Stapleton-Gray <ross.stapletongray () gmail com> Date: August 4, 2017 at 5:14:13 PM EDT To: DAVID FARBER <dave () farber net> Subject: Re: [IP] The Kronos indictment: Is it a crime to create and sell malware? - The Washington Post On Fri, Aug 4, 2017 at 1:49 PM, Dave Farber <farber () gmail com> wrote:https://www.washingtonpost.com/news/volokh-conspiracy/wp/2017/08/03/the-kronos-indictment-it-a-crime-to-create-and-sell-malware/?utm_term=.2f9652f201ddTo add to this discussion, DARPA just announced a new program, called Harnessing Autonomy for Countering Cyberadversary Systems (HACCS)... a proposers day for the program was already held at the end of July, but the formal presolicitation is just out: https://www.fbo.gov/spg/ODA/DARPA/CMO/HR001117S0051/listing.html The premise is that botnets are a huge problem (yes), and that addressing them means not just mitigating their impact when it hits the DoD's systems (gotta do that, securing DoD systems against infiltration, but also addressing the impact of DDoS at the DoD perimeter), but also doing something to address compromised systems "out there," beyond DoD space, and even when those systems' owners can't be bothered to do it themselves (wait, uh...). So the HACCS approach would be to identify and fingerprint botnets, and then insert "non-disruptive autonomous agents" into "botnet-conscripted or otherwise compromised networks," where those agents could then make use of known "n-day" exploits to take out the botted hosts or command and control elements. So, the performers under HACCS will absolutely be engineering malware; in theory it's for the "white hat" side of the cyberconflict spectrum, but the techniques and technologies developed would be as readily applicable to all other aspects of cyberwar/espionage, and there are lots of legal and ethical issues layered atop all of this. The presolicitation absolutely stresses issues of having agents be "verifiably safe and reliable," but that's kind of like ensuring that your sniper team is "safe and reliable"... they will hit what they aim at, sure, and probably not take out other parties, until you assign them to take out those various other targets, on the authority of your [justification redacted]. If anyone ends up interested in submitting to the HACCS solicitation, I'd be interested in hearing from you, in part because I wear a "making cybersecurity research data more accessible to researchers" hat, and the program will presumably depend on data, and will produce it, e.g., in creating simulation environments (which will almost certainly involve acquiring *other* malware....). Ross Ross Stapleton-Gray, Ph.D. Stapleton-Gray & Associates, Inc. Albany, CA
------------------------------------------- Archives: https://www.listbox.com/member/archive/247/=now RSS Feed: https://www.listbox.com/member/archive/rss/247/18849915-ae8fa580 Modify Your Subscription: https://www.listbox.com/member/?member_id=18849915&id_secret=18849915-aa268125 Unsubscribe Now: https://www.listbox.com/unsubscribe/?member_id=18849915&id_secret=18849915-32545cb4&post_id=20170804185334:BC272816-7967-11E7-8291-E5A31BFD82E8 Powered by Listbox: http://www.listbox.com
Current thread:
- Re The Kronos indictment: Is it a crime to create and sell malware? - The Washington Post Dave Farber (Aug 04)