Dailydave mailing list archives
Re: We got owned by the Chinese and didn't even get a "lessons learned"
From: Joanna Rutkowska <joanna () invisiblethings org>
Date: Wed, 24 May 2006 15:24:09 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dave Aitel wrote: /.../
So essentially, the only part of network security that protected you against this was a human component. Some random dude got suspicious and picked it up. Perhaps this was the thousandth time it was used. It certainly wasn't the first.
This is so true. And let's think what would happened if they used some more sophisticated communication channel? And what if they used slightly more advanced stealth technology to hide the backdoor? And what if they sent only few malicious word files instead of thousands? Would anybody ever noticed them? How smart (or luckily) our 'random dude' would have to be in that case? How can we be sure that it hadn't happened long before? So, I'm quite curious what kind of (mature) products we have today to detect advanced malware on Windows/x86-32 platform? Only please do not mention hidden files, registry and process detectors (and not even try thinking about signature detectors)... Anybody? (this is not a rhetorical question, I really am curious!) cheers, joanna. -----BEGIN PGP SIGNATURE----- iD8DBQFEdF54ORdkotfEW84RAmCDAKCBpfw5QUbu0RfegN79FQqf6Vtm7ACeNISw 1Uj8B81hkcv6fysjU3aFP3M= =NuOD -----END PGP SIGNATURE-----
Current thread:
- We got owned by the Chinese and didn't even get a "lessons learned" Dave Aitel (May 24)
- Re: We got owned by the Chinese and didn't even get a "lessons learned" Joanna Rutkowska (May 24)
- Re: We got owned by the Chinese and didn't even get a "lessons learned" Nicolas RUFF (May 24)
- Re: We got owned by the Chinese and didn't even get a "lessons learned" Joanna Rutkowska (May 24)
- Re: We got owned by the Chinese and didn't even get a "lessons learned" val smith (May 24)
- Re: We got owned by the Chinese and didn't even get a "lessons learned" Nicolas RUFF (May 25)
- Re: We got owned by the Chinese and didn't even get a "lessons learned" mark (May 25)
- Re: We got owned by the Chinese and didn't even get a "lessons learned" Nicolas RUFF (May 24)
- Re: We got owned by the Chinese and didn't even get a "lessons learned" Joanna Rutkowska (May 24)
- Re: We got owned by the Chinese and didn't even get a "lessons learned" Martin Johns (May 24)
- Re: We got owned by the Chinese and didn't even get a "lessons learned" Etaoin Shrdlu (May 24)
- Re: We got owned by the Chinese and didn't even get a "lessons learned" Andrew Simmons (May 24)
- Re: We got owned by the Chinese and didn't even get a"lessons learned" Halvar Flake (May 24)