Dailydave mailing list archives
Re: Blackhat Windows 2004 Report
From: ken_i_m () fatair net
Date: Mon, 2 Feb 2004 17:03:32 -0700
Thanks for the great report. On Mon, Feb 02, 2004 at 12:51:40PM -0500, Dave Aitel (dave () immunitysec com) wrote:
...I still think that when you compare the computer security space to a person's immune system, you're making a lot of implicit assumptions that a good hacker won't make. I know this goes against the grain for a lot of people, but I think a good example is the "house" metaphor, which seems to gain new life with every new class of CISSPs. Physical metaphors, if they give us new insights into computer security, carry a high price tag of implicit assumptions and built-in weaknesses. This talk had some really interesting approaches to defeat worms. The defeating worms problem is a lot easier than the defeating multi-stage attackers problem.
I would really like to hear (get links to) more about this. I understand how an analogy sets up implicit inferences[1]. Thus, the mapping of any analogy is going to have gaps between it and reality. The part I am vague on it the nature of those gaps. You mention "multi-stage". In "Intrusion Dections with Snort", Koziol spends a little time discussing how Snort has a weakness to a series of packets which set it up so that subsequent packets go undetected. Is this the type of attack you are referring to? [1] Going back to the 70s I have been reading stuff by E.O. Wilson, Dawkins, Dennet, Pinker, Calvin, Diamond and tons of topic related works. I recently discovered a gem of a book that brings many of these pieces together into a single work. Religion Explained by Pascal Boyer. If one does not follow the latest theory of cognitive systems in the human brain this book will get you there fast. The folk theory of psychology summed up in Descartes' "I think, therefore, I am" has been revealed to have huge blindspots (or gaps) as to how the human mind really works. Boyer (who has original research to his credit) presents an easy to read application of theory to the ages old question, "why do humans have religion". In the process, he explains why we do a lot of other things as well. Highly recommended even if you do keep up in this field. -- Ken Dyke "Bits at the speed of light" _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Blackhat Windows 2004 Report Dave Aitel (Feb 02)
- Re: Blackhat Windows 2004 Report Rodney Thayer (Feb 02)
- Re: Blackhat Windows 2004 Report Dave Aitel (Feb 02)
- Re: Blackhat Windows 2004 Report ken_i_m (Feb 02)
- Re: Blackhat Windows 2004 Report Rodney Thayer (Feb 02)