Re: 2011 Security Predictions?

["Hubbard, Dan" <dhubbard () websense com>]

Some of my more serious ones from my ramble at ISOI this year...

* Security researchers will continue some transition to non-security companies as they build up research expertise to 
protect crown jewels
* Security research will be more focussed in key areas that are relevant to customers, their company, or sector. eg. 
more research into specific attacks versus Trojan du jour
* Renewed focus on threat models
* Security companies build out non-security capabilities in order to get users co-operate. EG: how do you convince iPAD 
owners to install config profiles and apps ?
* Security companies will continue to try and figure out freemium models and content-plays but will struggle with the 
privacy issues and irony of it all
* Blah Blah Blah, Social, Mobile, Cloud, blah blah blah
* More "bad" apps will be released for iPhone, Facebook, and Android

New catch phrases for 2011....you heard them hear first :).

* "Fail whale is the new reboot"
* "Red is the new white"
* "Securidigm"... this is the year of a new security paradigm
* "Tivot" ...the act of pivot'ing ones technology to match a business pivot
* "Social Pharg"... a clique within the social graph ...see pharg...
* Chowdsourcing...crowdsourcing from / in China

My Xmas list that are getting close to reality...

* zero startup time / reboots
* 20 hours of battery life 
* good mobile reception 
* more quality cons and less quantity
* online streaming con's with good quality








________________________________________
From: funsec-bounces () linuxbox org [funsec-bounces () linuxbox org] On Behalf Of Valdis.Kletnieks () vt edu 
[Valdis.Kletnieks () vt edu]
Sent: Friday, December 03, 2010 9:14 AM
To: Shawn Merdinger
Cc: funsec
Subject: Re: [funsec] 2011 Security Predictions?

On Thu, 02 Dec 2010 14:12:22 EST, Shawn Merdinger said:
> Hide your kids, hide your wife -- it's the time of year when we start
> seeing articles on their crystal ball security predictions.
>
> I'm wondering what folks on the list expect for 2011?   Thoughts?

IPv6 will finally *really* take off, as the imminent exhaustion of IPv4 space
leaves the malware vendors less address space to hijack.

Somebody will use fast-flux DNS and a botnet to deploy a truly enterprise-grade
ultra-fast DNS hosting service - you're always guaranteed an authoritative
answer from a host no more than 2 network hops from you.  The first customers
will be the people who recently had their domains taken down by the FBI.

Somebody else will use a botnet to deploy an enterprise-grade 6to4 relay
service.  Again, you'll be guaranteed a gateway at most 2 hops away.

The FTC will deploy their proposed do-not-track registry.  Companies will then
use the 'do-not-track' marker as a tracking marker.

All of the above will each lead to at least one unintended consequence I
haven't thought of yet, and at least 3 industry pundits going "How could
anybody possibly have predicted this would happen?".

(And if any of this actually happens - I hereby either claim ownership of the
idea, or claim I heard it in an IRC channel, whichever is more beneficial to me :)



 Protected by Websense Hosted Email Security -- www.websense.com 

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.