Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Threat Models (was Re: IE
From: Valdis.Kletnieks () vt edu
Date: Tue, 20 Jul 2004 16:21:29 -0400

On Tue, 20 Jul 2004 21:41:30 +0200, Full-Disclosure said:
Please im trying to hack, test, read, be 'up to date' & learn from the 
full-disclosure-lists. Not learning or be teached economics, politics, 
religion, ethics or beliefs, ( then ill go to MS ;-)

Keep in mind that except for the stereotypical "script kiddie", all of these
factors *do* enter into security.  It's all about threat models.

Would there be as many viruses if many hadn't been funded by spammers/criminals
who wanted a trojan delivery system?  Probably not - but you won't get a *real*
solution to the problem without understanding the economics driving the market
for virus writers.  Why are the writers taking that money, where are the
employers getting the money, and what benefit does each group find in it?

Many sites *do* have to worry about politically or idealogically driven
attacks.  Do you have to worry about attacks by radical Amish?  Probably not,
since their belief system won't let them use our technology against us.  Do you
have to worry about radical Mideastern fundamentalists?  Quite possibly, as
they don't have qualms about using our tech against us.  It's the rare site
that has *no* enemies at all - so it's a good idea to know who your enemies
are, and have at least an estimate of how far they'd go. (Standard police work
101 - "Did the deceased have any enemies, and would they have bashed the
deceased's head in with a candlestick?" ;)

It's nice to discuss theoretical issues of attacks and defenses on a lab network.
Unfortunately, most of us have systems that are in the Real World, and as such,
we need to worry about such things.  

Attachment: _bin

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]