Dailydave mailing list archives
Re: time for my lil opinion poll
From: dan () geer org
Date: Thu, 26 Apr 2007 01:24:43 -0400
On 4/25/07, Arun Koshy <arunkoshy () gmail com> wrote: -+------------------------------------------------- | A friend from the vuln research arena ( sorry .. no names etc ) told | me in a convo a few hours ago that this does not work : | | http://en.wikipedia.org/wiki/Information_Leak_Prevention Disclaimer: I work for Verdasys, one of the firms listed on http://en.wikipedia.org/wiki/Information_Leak_Prevention "Does not work" is a little like "Bad dog" -- could you be a little more specific? Content inspection? Crap, in my view, as it only works when the opponent does not know or care that you are watching (Pig Latin is enough crypto to defeat). Specific blocks of this and that, e.g., the electronic equivalent of sealing the USB port with a glue gun? Well, sure, but how many ways to steal data are there... What we (Verdasys) sell is, in blunt terms, a commercial version of the Orange Book "Reference Monitor" implemented as a data-surveillance rootkit. Compared to the others, ours is an Oxy-Acetylene torch to their paper match. Before I go on, do we really want to have the full tilt debate? --dan, exhausted and on lousy wireless in a cheap motel _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- time for my lil opinion poll Arun Koshy (Apr 25)
- Re: time for my lil opinion poll Chris Anley (Apr 25)
- Re: time for my lil opinion poll Florian Weimer (Apr 25)
- Re: time for my lil opinion poll Ali, Saqib (Apr 25)
- Re: time for my lil opinion poll Darren Spruell (Apr 25)
- Re: time for my lil opinion poll dan (Apr 26)
- Re: time for my lil opinion poll Bamm Visscher (Apr 25)
- Re: time for my lil opinion poll Security Guy (Apr 25)
- Re: time for my lil opinion poll Chris Anley (Apr 25)