funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Chinese attacks

From: Gadi Evron <ge () linuxbox org>
Date: Fri, 15 Jan 2010 12:23:13 +0200
On 1/15/10 11:40 AM, Paul Ferguson wrote:

I think it is dangerous, from a defense perspective, to say "This is
responsible for that" when there are clearly several different things
happening here -- instead of looking for quick explanation, everyone should
step back and observe that there are several critical paths to compromise
at work here.


1. Unlike GhostNet, which showed an interesting attack but jumped to 
conclusions without evidence that it was China behind them -- based on 
Ethos alone I'd like to think that when Google says China did it, they 
know. Although being a commercial company with their own agenda, I am 
saving final judgement.

2. The 0day disclosed here shows a higher level of sophistication, as 
well as m.o which has been shown to be used by China in the past.

3. If this was China, which some recent talk seems to make ambiguous, 
but still likely; they would have more than just one weapon in their 
arsenal.

        Gadi,


-- 
Gadi Evron,
ge () linuxbox org.

Blog: http://gevron.livejournal.com/
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: