Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Not even the NSA can get it right
From: Dan Margolis <lists.fd.dmargoli () af0 net>
Date: Wed, 25 May 2005 12:58:37 -0400

On Wed, May 25, 2005 at 11:43:32AM -0400, Valdis.Kletnieks () vt edu wrote:
On Wed, 25 May 2005 07:14:12 CDT, "milw0rm Inc." said:
lol are you guys joking?  They wouldn't allow an xss bug on their
website on purpose come on now.

You're not devious enough.  Remember that the *best* place to put a
honeypot is right out there in plain sight where it's likely to attract
attention.   So now they've grepped their Apache logs, and they've
added several dozen people to their "suspected script kiddie" list.

(Remember - the NSA probably knows more about proper airgapping than anybody.
All *those* webservers have on them is non-sensitive content, so you can't
actually *get* anything really interesting to happen - in the NSA view of the
world, "public website gets defaced" isn't particularly interesting or
noteworthy).

Right, but why is XSS interesting? Why would they *want* a "suspected
script kiddie" list? Honeypots are good for learning about what sorts of
attacks are in the wild, *not* for learning who the attackers are. In
fact, it seems the common approach to security largely ignores any
notion of proactive law enforcement, and rightly so--you can't arrest
all the script kiddies, but you can write your software to be more
secure (or, to paraphrase Larry Lessig, _code_ is a much more effective
form of control in cyberspace than _law_ is, most of the time). 

Granted, we don't know everything the NSA does, but I see little to gain
from a public XSS hole, however insignificant. Occam's razor, folks; why
should I buy into such a twisted conspiracy theory? 
-- 
Dan
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault