mailing list archives
From: Dave Aitel <dave () immunityinc com>
Date: Mon, 08 Dec 2008 08:05:05 -0500
-----BEGIN PGP SIGNED MESSAGE-----
So I'm in Denver, which is lovely - all mountains and soft-speaking
midwesterners who snowboard an amount that can only be called
obsequious. But Saturday, before I went, I sat on the beach and read
this article by our very own John Markoff just below the fold in the
New York Times.
And there is more of it. Microsoft has monitored a 43 percent jump in
malware removed from Windows computers just in the last half year.
The United States government has begun to recognize the extent of the
problem. In January, President Bush signed National Security
Presidential Directive 54, establishing a national cybersecurity
initiative. The plan, which may cost more than $30 billion over seven
years, is directed at securing the federal government’s own computers
as well as the systems that run the nation’s critical infrastructure,
like oil and gas networks and electric power and water systems.
“This is always an arm race, as long as it gets into your machine
faster than the update to detect it, the bad guys win,” said Mr. Schneier.
Faster, smashter. When I see 30 billion dollars, I can tell you what
you're going to get, as a taxpayer, for your money: Patch management,
IDS, Anti-Virus, scanners of all shapes and sizes. Audits. Big rooms
full of large screens correlating information that has absolutely no
relevance to security. You can't correlate what you can't see. You
can't patch what you don't know about.
Mr. Markoff is trying to tell us that the defenders are losing the
battle. But if they are, it's because they *chose* to. Hackers use
0day and always have. The defenders are off making millions selling
things that don't work against 0day.
I guess what I'm trying to say here is that at this point the
attackers are just "reasonably competent". When it comes to offensive
information security, we ain't seen nothing yet.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
Dailydave mailing list
Dailydave () lists immunitysec com
- Faster, smashter. Dave Aitel (Dec 08)