From: Moxie Marlinspike (moxiethoughtcrime.org)
Date: Fri Jan 15 2010 - 15:25:09 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Agreed. The spin on this has been great. From what I can tell:

1) Google's China office has been thoroughly compromised by insiders,
such that they really have no choice but to shut it down. Their PR
department is absolutely and terrifyingly amazing, though. So instead
of just closing it in defeat, they take "a stance for freedom," forcing
the government to shut them down instead. Fucking brilliant!

2) Based on the rumors and quotes in the media/blog world, the attack
vectors were what everyone has been talking about for years, and were
somewhat sloppily orchestrated at that. Folks in the security industry
realized that this is a chance to take their hype to all-new fertile
grounds of hype-fare, though, and so suddenly "spearfishing" is "totally
unprecedented" and "sophisticated to a level never before seen."

The result is that:

1) Google is a hero. There is no pause to question the pernicious nature
of the data they're collecting in the first place, and the revelation
that they had automated "lawful" intercept systems in place (which were
possibly compromised themselves) is glossed over.

2) The security industry can continue coming to the rescue with "new
solutions." There is no pause to question whether the "secure systems"
the industry offers are even possible, given the ease of this breach and
the ever-growing value of what's at stake.

I've been very impressed with how neatly this has come together so far.

- moxie

--
http://www.thoughtcrime.org

Charles Miller wrote:
> I think the interesting thing about "sophisticated" attacks, is that
> if they are actually sophisticated, the victims never know it
> happened. And if the victim's DO figure out it happened, at least
> they shouldn't be able to find your 0-day sitting in their inbox for
> analysis. Total amateur hour (not that it probably wouldn't have
> pwned me).
>
> Charlie
>
> On Jan 15, 2010, at 12:39 PM, dave wrote:
>
> I think we're seeing a sudden change in how large companies (or simply
> companies with a high level of perceived threat[1]) deal with software
> security. Perhaps the era of IDS and AV and scanners has come to an
> abrupt end? We can only hope.
>
> Everyone says an attack is "sophisticated" whenever any 0day is
> involved. But that should be the baseline. Or rather, it IS the
> baseline
> and everyone seems to just be finding out.
>
> One of the things Immunity has been including in our services but is
> now
> offering seperately is a client-side 0day penetration test against a
> single host using CANVAS technology. You get your penetration verified
> during phone consultation. And you receive real-time analyst
> interpretation of results, plus delivery of log data at the end. For
> more information you can contact markimmunityinc.com.
>
>
>
> Thanks,
> Dave Aitel
> Immunity, Inc.
>
> [1]http://news.cnet.com/8301-27080_3-10434551-245.html
_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave

> _______________________________________________
> Dailydave mailing list
> Dailydavelists.immunitysec.com
> http://lists.immunitysec.com/mailman/listinfo/dailydave

_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]