Dailydave mailing list archives
Attribution
From: dave <dave () immunityinc com>
Date: Wed, 14 Apr 2010 12:20:24 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In an interesting presentation I saw recently someone mentioned that Attribution is hard in cyberspace (f.e. [1]), which generally is discussed in the context of "Deterrence"[2]. I really like the term "cyberspace", although I know people hate it. First of all cyberspace is not "the Internet". It's (imho) a collection of networks, information systems, databases, phone networks, people's heads, and other "information entities" that together make up the world's set of data and data processing. They call it "Information Operations" for a reason, but the term "InformationSpace" is terrible. Plus, William Gibson is a genius, so Cyberspace it is. Secondly if you are doing your information operations correctly, then Attribution is a solved problem. You can even use it as a metric: "Percent of incoming attacks that I can tie to a known actor == amount I have 'dominance over the information battlespace'". Aka, Attribution is a simple metric for 'Am I winning?'. If you have no attribution, you are not winning. Dave Aitel Immunity, Inc. [1] http://www.nap.edu/openbook.php?record_id=11925&page=113 [2] http://www.networkworld.com/news/2010/040710-think-tank-in-estonia-ponders.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkvF60gACgkQtehAhL0gheoPYwCfXqcikgKlZ8pumPlYVAG7Jq5c WcAAnjCbY9K4iLfk2XVK7m3+81GauKVH =HRBy -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Attribution dave (Apr 14)
- Re: Attribution Shane (Apr 14)
- Re: Attribution Jordan Frank (Apr 15)
- Re: Attribution Josh Saxe (Apr 15)
- Re: Attribution dan (Apr 15)
- Re: Attribution Yvan Boily (Apr 15)
- Re: Attribution Shane (Apr 14)