Re: Data-Stealing Trojan Disclosure Frustrates Researchers, V endors, and L aw Enforcement

["Paul Ferguson" <fergdawg () netzero net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Interesting.

Well, incidents like these are sure to stoke the discussion yet
again. :-)

- - ferg



- -- Rick Wesson <wessorh () ar com> wrote:

I talked to the reporter ( Jim Finkle ) he didn't know most of the
common security acronyms and at one point asked "...what DOS - Disk
Operating System had to do with any of this stuff."

He had just started on Enterprise Security 2 weeks ago because Reuters
didn't have enough articles on this stuff.

I like what Previx did and WTF, if this information is public why not
point it out.. If reporting on it causes harm, pull you pants back up.

- -rick




Paul Ferguson wrote:
> Via InformationWeek.
>
> [snip]
>
> There are two questions in the realm of IT security that simply won't go
> away: Can cybercrooks successfully attack at will, and are those who
> report the details of these attacks causing more harm than good?
>
> The revelation earlier this week by a security vendor and research firm
> that a Trojan-horse may have stolen sensitive information from hundreds
> of businesses and government entities has revived this heated debate.
>
> [snip]
>
> More:
> http://www.informationweek.com/software/showArticle.jhtml?articleID=20100
> 18 60
>
> Background:
> http://www.reuters.com/article/internetNews/idUSN1638118020070717
>
> - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.2 (Build 2014)

wj8DBQFGnVYdq1pz9mNUZTMRAolsAJ9htePvqnASTRSZNsOxZaszIDOuWACfaVfa
tNfq22MUXLQzyUraCQbEeaI=
=mRO/
-----END PGP SIGNATURE-----


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.