Re: whitehouse cyber strategy review

[Dan Kaminsky <dan () doxpara com>]

On Sun, Nov 15, 2009 at 12:52 PM,  <chris () blask org> wrote:
> --- On Sun, 11/15/09, Dan Kaminsky <dan () doxpara com> wrote:
>
> > Stuff on Windows is attacked because its popular.
> > That's really all.
>
> I don't believe any system is "secure" if you can't continue to prove it from moment to moment and I care a lot less 
> about intrinsic weaknesses if you can see when they are exploited.
>
> Therefore, if I was going to push for any sort of technical mandate to address the issue at hand, it would be 
> comprehensive log management.  With tools like Splunk and OSSIM (which has gotten really good in recent years) 
> available it has become within reasonable reach of anyone moderately serious about security to monitor WTF is going 
> on in their networks.  More importantly, it is now clear that over the next 5-10 years this will become the nexus of 
> security operations it has indicated it will over the last 5-10.
>
> Of course I am incredibly biased, which is why no-one responsible for securing the entire US gov't infrastructure 
> should just listen to me or any one of us alone, but should rather hold the kind of mind-numbingly iterative 
> conversations that the document that started this thread represent to make such decisions.
>
> -chris

Non-rhetorical question:

What do we think the infection discovery rate is, and do we think it
has increased or decreased in recent years?

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.