Dailydave mailing list archives
Faster, smashter.
From: Dave Aitel <dave () immunityinc com>
Date: Mon, 08 Dec 2008 08:05:05 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 So I'm in Denver, which is lovely - all mountains and soft-speaking midwesterners who snowboard an amount that can only be called obsequious. But Saturday, before I went, I sat on the beach and read this article by our very own John Markoff just below the fold in the New York Times. http://www.nytimes.com/2008/12/06/technology/internet/06security.html?_r=1 """ ... And there is more of it. Microsoft has monitored a 43 percent jump in malware removed from Windows computers just in the last half year. ... The United States government has begun to recognize the extent of the problem. In January, President Bush signed National Security Presidential Directive 54, establishing a national cybersecurity initiative. The plan, which may cost more than $30 billion over seven years, is directed at securing the federal government’s own computers as well as the systems that run the nation’s critical infrastructure, like oil and gas networks and electric power and water systems. ... “This is always an arm race, as long as it gets into your machine faster than the update to detect it, the bad guys win,” said Mr. Schneier. ""' Faster, smashter. When I see 30 billion dollars, I can tell you what you're going to get, as a taxpayer, for your money: Patch management, IDS, Anti-Virus, scanners of all shapes and sizes. Audits. Big rooms full of large screens correlating information that has absolutely no relevance to security. You can't correlate what you can't see. You can't patch what you don't know about. Mr. Markoff is trying to tell us that the defenders are losing the battle. But if they are, it's because they *chose* to. Hackers use 0day and always have. The defenders are off making millions selling things that don't work against 0day. I guess what I'm trying to say here is that at this point the attackers are just "reasonably competent". When it comes to offensive information security, we ain't seen nothing yet. - -dave -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJPRuBtehAhL0gheoRAmvjAJ9sCzpHZjSsNbmWTVAZYrJmTuED+wCeNmNv Pvr/b158e3Yj8meZQcmM9K0= =D+Gf -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Faster, smashter. Dave Aitel (Dec 08)
- Re: Faster, smashter. Fisher, Dennis (Dec 08)
- Re: Faster, smashter. Dragos Ruiu (Dec 08)
- Re: Faster, smashter. Halvar Flake (Dec 09)
- Re: Faster, smashter. Dave Aitel (Dec 09)
- Re: Faster, smashter. Rafal @ IsHackingYou.com (Dec 09)
- Re: Faster, smashter. dan (Dec 09)
- Re: Faster, smashter. Marc Maiffret (Dec 10)
- Re: Faster, smashter. Dragos Ruiu (Dec 08)
- Re: Faster, smashter. Halvar Flake (Dec 09)
- Re: Faster, smashter. security curmudgeon (Dec 09)
- Re: Faster, smashter. Jon Passki (Dec 09)
- Re: Faster, smashter. Fisher, Dennis (Dec 08)