RE: People on Google Security blog don't understand cyber terrorism

["Murda" <murdamcloud () bigpond com>]

The word terrorism seems to have been appropriated by so many people about
so many things. For instance, Max Keiser who is a financial analyst is
calling Goldman Sachs 'Financial Terrorists' because of the very real damage
some of their practices may have caused. It is definitely one of those words
that is bandied about for effect rather than for insight.
I doubt that people are 'terrorised' in quite the same manner about
'attacks' that take place via communication or power networks(the
internet/phone/grid) etc as they are by a bomb going off when you are trying
to get on a bus or a train. Normal operations are severely disrupted.
Especially if you are dead. However, if I wished to indulge in catastrophic
thinking then I could easily imagine a time and place whereby power to a
hospital is cut resulting in death/mayhem etc. Small risk but big impact.
These small risk/big impact things may happen more often than we calculate
for because we have very little in terms of methods for calculating
accurately for them. 
The aims of the so called cyber terrorists may well be as illogical and
unreasonable as their real life counterparts but they will no doubt find
that their goals (ever shifting and nebulous as they are) will not be
facilitated by carrying out more and more attacks.
Why? Because terrorism never seems to actually work to deliver the goals
that the terrorists think that they want.
http://maxabrahms.com/pdfs/DC_250-1846.pdf
Max Abrahams has a great piece on reasons why.
Not strictly related to the terror being waged across the internets by these
irresponsible disclosure-driven fiendish fiends but still relevant in some
manner.

Now please don't get us started on Cyber 'Warriors'. 


-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of Dan Lynch
Sent: Saturday, July 24, 2010 3:05 AM
To: 'andrew.wallace'; security-basics () securityfocus com
Subject: RE: People on Google Security blog don't understand cyber terrorism

"Terrorism", Andrew? 

Terrorism is a political statement made by murdering your neighbors with a
bomb. You may not agree with full disclosure practices, but to attach a term
like terrorism to it is melodramatic hyperbole. It detracts from your
credibility and only serves to distract from any point you wish to make.

Let's reserve the emotionally loaded terms for real tragedies, and restore
some moderation to the discussion. 



Dan Lynch, CISSP
Information Technology Analyst
County of Placer
Auburn, CA


> -----Original Message-----
> From: listbounce () securityfocus com 
> [mailto:listbounce () securityfocus com] On Behalf Of andrew.wallace
> Sent: Thursday, July 22, 2010 8:50 PM
> To: security-basics () securityfocus com
> Subject: People on Google Security blog don't understand 
> cyber terrorism
>
> It seems a lot of people on the Google Security blog don't 
> even know what cyber 
> terrorism is.
>
> It is the act of posting a disclosure to change company or 
> government policy, by 
> way of cyber attacks created by the disclosure.
>
> http://googleonlinesecurity.blogspot.com/2010/07/rebooting-res
> ponsible-disclosure-focus.html
>
>
> ---
>
> Andrew Wallace
>
> http://sites.google.com/site/n3td3v/
>
>
>
>       
>
>
> --------------------------------------------------------------
> ----------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who 
> needs an SSL certificate.  We look at how SSL works, how it 
> benefits your company and how your customers can tell if a 
> site is secure. You will find out how to test, purchase, 
> install and use a thawte Digital Certificate on your Apache 
> web server. Throughout, best practices for set-up are 
> highlighted to help you ensure efficient ongoing management 
> of your encryption keys and digital certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;
> e13b6be442f727d1
> --------------------------------------------------------------
> ----------
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL
certificate.  We look at how SSL works, how it benefits your company and how
your customers can tell if a site is secure. You will find out how to test,
purchase, install and use a thawte Digital Certificate on your Apache web
server. Throughout, best practices for set-up are highlighted to help you
ensure efficient ongoing management of your encryption keys and digital
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727
d1
------------------------------------------------------------------------


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------