Dailydave mailing list archives
Re: A change
From: delchi delchi <delchi () gmail com>
Date: Wed, 20 Jan 2010 18:59:21 -0500
Sophistication is in the eye of the beholder. In the case of the media and malicious activity , the word " sophisticated " is often used to describe things that the author has no bloody clue about, but must make it sound either interesting or like they know something about it. Ether way the overall goal is to sell papers. " Yeah yeah computers and hacking and they typed some stuff and missiles launched. Sophisticated attack. Very technical. " To some people watching me track the spread of a worm using wireshark is on par with loaves and fishes. How many times have you been called a guru or geek god for doing nothing more amazing than correcting the flashing 12 on a VCR ( yeah I'm that old ). Like any other skill, those in possession of the knowledge or ability look at it as just another day of work, the people who know nothing stand in awe with their wallets open, and everyone goes home happy. This can be said for infosec warriors, auto mechanics, lasic surgeons, and a host of other jobs. At the end of the day, we analyze it , make countermeasures, check for retroactive activity, and then have a beer and forget about it. Unless it's Friday, then it's Jack & coke. Several of them. On Fri, Jan 15, 2010 at 2:40 PM, Charles Miller <cmiller () securityevaluators com> wrote:
I think the interesting thing about "sophisticated" attacks, is that if they are actually sophisticated, the victims never know it happened. And if the victim's DO figure out it happened, at least they shouldn't be able to find your 0-day sitting in their inbox for analysis. Total amateur hour (not that it probably wouldn't have pwned me). Charlie On Jan 15, 2010, at 12:39 PM, dave wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I think we're seeing a sudden change in how large companies (or simply companies with a high level of perceived threat[1]) deal with software security. Perhaps the era of IDS and AV and scanners has come to an abrupt end? We can only hope. Everyone says an attack is "sophisticated" whenever any 0day is involved. But that should be the baseline. Or rather, it IS the baseline and everyone seems to just be finding out. One of the things Immunity has been including in our services but is now offering seperately is a client-side 0day penetration test against a single host using CANVAS technology. You get your penetration verified during phone consultation. And you receive real-time analyst interpretation of results, plus delivery of log data at the end. For more information you can contact mark () immunityinc com. Thanks, Dave Aitel Immunity, Inc. [1]http://news.cnet.com/8301-27080_3-10434551-245.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAktQtl4ACgkQtehAhL0gherpYgCfcmGb9odb00W5XC9GgXbHHzXf KjUAn32K/UblyoI4dA9iIC6ktbqNfa+i =EWHt -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
-- "You gotta pick your battles, and if a man wants to shove porcupine quills up his urethra, well there's not much point in stopping him." -- A.P. Delchi _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- A change dave (Jan 15)
- Re: A change Charles Miller (Jan 15)
- Re: A change Moxie Marlinspike (Jan 15)
- Re: A change Parity (Jan 19)
- Re: A change Rich Smith (Jan 18)
- Re: A change delchi delchi (Jan 20)
- Re: A change Moxie Marlinspike (Jan 15)
- Re: A change Nelson Brito (Jan 18)
- Re: A change val smith (Jan 19)
- Re: A change Matthew Wollenweber (Jan 20)
- Re: A change Marius (Jan 20)
- Re: A change Jim Manico (Jan 20)
- Re: A change Menerick, John (Jan 24)
- Re: A change Ben Nagy (Jan 26)
- Re: A change Rodrigo Rubira Branco (BSDaemon) (Jan 27)
- Re: A change Nick FitzGerald (Jan 27)
- Re: A change Lurene Grenier (Jan 27)
- Re: A change Charles Miller (Jan 15)