Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Fwd: n3td3v has a fan
From: "DUDE DUDERINO" <ihasshovel () gmail com>
Date: Wed, 9 Apr 2008 13:15:53 -0400

I really need to learn how to reply for the list and not just the person
posting, sorry for the duplicate, bud.

---------- Forwarded message ----------
From: DUDE DUDERINO <ihasshovel () gmail com>
Date: Wed, Apr 9, 2008 at 1:14 PM
Subject: Re: [Full-disclosure] n3td3v has a fan
To: n3td3v <xploitable () gmail com>


I applaud your contribution to the discussion of comptuer security.  But
really, posting a reply to a news blog isn't telling anyone anything, you're
just chiming in your own comments.  I would love to see CNet News publish
your wrods, but I don't think that will happen.  I could comment on a wide
number of things, but that doesn't make me an expert.  I see your point, but
you don't really offer a solution.  That's like standing on a corner with a
sign that says something like "you're going to hell," but not trying to save
us.  In the end, aside from being a comment on a news blog, and promoting
your name, what purpose did that comment have?  Any monkey with half a brain
could realize that computers that aren't on the internet are still
susceptible to attack.  It's just that your chances of attack are increased
(albeit minimally) with the volume of people who have access to it (more
people = people on the internet).  How do we protect against the threat you
were making everyone aware of?

I smell FUD...


On Wed, Apr 9, 2008 at 12:49 PM, n3td3v <xploitable () gmail com> wrote:

On Wed, Apr 9, 2008 at 8:06 AM,  <malix () hush com> wrote:
First, learn the proper use of the English language before choosing
to mouth off with it.

People think english and spelling matters, but its what you say that
counts not the way you say it.

This is a concept many have failed to grasp in recent times.

For instance, I went on Cnet News last night and told them about
offline machines:

Connected to the internet?: reader comment from n3td3v

Posted on: April 8, 2008, 8:10 PM PDT
Story: Breaking into a power station in 3 easy steps

Computers don't need to be connected to the internet to get infected
with the latest and greatest zero-day, someone, a rogue employee
downloads code from the internet or makes his own, then uploads it to
his memory key, then walks into power station, plugs it in with the
intent to infect and hey presto, your infrastructure gets compromised.
Valuable lesson: _ALL_ your computers need to be patched against the
latest zero-day threats, not just online ones BUT offline systems too.
Even computers which will NEVER have an internet connection _still_
need to be patched. The threat from rogue employees and the inside job
is far greater than an internet facing computer. Is anyone listening?
I've been repeating this for years, the internet isn't the threat, the
real number one threat to cyber security is the inside job. Got the
message yet? The national infrastructure terrorists want to attack is
*permanently offline* and the terrorists know this, but what they also
know is those offline systems are *permanently unpatched* because the
administrators think the bugs being released by security researchers
on-the-internet won't touch offline-machines, think again. The
terrorists aren't trying to hit your internet facing stuff, they are
far more interested in going after your offline machines, as these are
the most important ones. All the best, n3td3v.


http://www.news.com/5208-10784_3-0.html?forumID=2&threadID=36712&messageID=396611

[/snip]

Now it may look like the above isn't written correctly, but I think I
got my point across pretty well.
Weather the english, grammar, spell checker police take it seriously
is another matter. ;)

My online friend who worked in the US Navy for 6 years in cyber
security said I should have wrote it like this:

---------- Forwarded message ----------
From: Chris Mills <E-mail Removed>
Date: Wed, Apr 9, 2008 at 5:07 AM
Subject: Try this
To: xploitable () gmail com

Computers don't need to be connected to the internet to get infected
with the latest and greatest zero-day malware.

Insiders are one of the greatest threats to any enterprise: business
or government.

Consider This:
An employee with any amount of access can download code from the
internet or make his or her own. With a simple copy to his USB memory
key, he then walks into power station, plugs it in with the intent to
cause harm. An unpatched, offline system IS vulnerable.

Valuable lesson:
All your computer systems are vulnerable. They all need to be patched
against the latest threats, just as you would patch your internet
connected devices.
Even computers which will never  have an internet connection still
need to be patched. The threat from rogue employees and the inside job
is far greater than an internet facing computer. This has been seen
over and over in news articles and threat reports published by the top
security companies.
The national infrastructure terrorists want to attack is permanently
offline and the terrorists know this, but what they also know is those
offline systems are permanently unpatched because the administrators
think the bugs being released by security researchers on the internet
won't touch offline-machines. This is a dangerous assumption on the
part of security administrators. The terrorists aren't trying to hit
internet facing devices, they are far more interested in going after
offline machines which control far more important devices. This is
their gold mine.

All the best, n3td3v.

[/snip]

But I don't agree with him because its not got the same punch and passion.

Regards,

n3td3v

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault