Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Absolute Sownage (A concise history of recent Sony hacks)

From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Sat, 11 Jun 2011 23:48:14 +1200
Georgi to Valdis:


if you eliminate 95% of the holes, it may be
*effectively* secure, simply because it isn't worth the attacker's time to
fight for the other 5%


wtf?

if someone has working exploit, the probability of breaking is 100% no matter what the constant 95% is claimed to be.

about fighting for 5%: malware like nimbda and code red appear counterexamples - 
i suppose they automatically fought for 100% and got what they could get (quite above your 5%).


So, you're both (kinda) right.

Nowadays the big, noisy, obvious, "own the net" type "outbreak" of 
yesteryear is not the model of choice for your typical cyber-thug (you 
know, those running virtually all malware these days)..

In fact, _avoiding_ exactly that is pretty much top of their list of 
desiderata.

Sure, once upon a time, making a big, fast, splash and owning as much 
of the net as possible (usually for as trivial a result as possible), 
was de rigeur.  It was pretty much _required_ you operated that way so 
as to keep ahead of the "anti-bad-guys" updating their defenses to 
detect, block or otherwise mitigate you.

But just as VBA macro viruses were, once (yes, kids, go read your 
history books!) "the thing", so is "owning the net, big, fast and 
noisy" no longer the model of choice...



Regards,

Nick FitzGerald


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: