[funsec] [Full-disclosure] The Economist, cyber war issue

Tomas L. Byrnes tomb at byrneit.net
Tue Jul 6 21:36:07 CDT 2010

Wow, such grandiloquism!

> -----Original Message-----
> From: coderman [mailto:coderman at gmail.com]
> Sent: Tuesday, July 06, 2010 7:04 PM
> To: Tomas L. Byrnes
> Cc: Joel Esler; Gadi Evron; funsec at linuxbox.org; full-
> disclosure at lists.grok.org.uk
> Subject: Re: [Full-disclosure] [funsec] The Economist, cyber war issue
> On Tue, Jul 6, 2010 at 3:58 PM, Tomas L. Byrnes <tomb at byrneit.net>
> wrote:
> > ...
> > So the solution is to take what is currently an NP-complete problem
> for
> > individual nodes: string matching and behavioral analysis; and turn
> it
> > into a bounded problem across all participating nodes
> that method is only applicable to a small and less useful set of
> measurements / modeling of critical infrastructure. 
[Tomas L. Byrnes] 
I strongly disagree. Since the vector of source attack against most CI
is from the "great unwashed" protecting the "great unwashed" from being
turned into zombies, or at least, if they are zombies, from being
controlled, is a major public benefit.

there is rarely
> need to consider the minutiae of so many small details. (though
> NSA/DIA would argue otherwise ;)
[Tomas L. Byrnes] 
You assume that they are concerned, as opposed to merely grab
everything, and apply signal processing to find the signal in the noise.

> for the majority of targeting you need only concern yourself with the
> larger path / node aggregation points to discern the few points /
> paths of interest. the few points referring to power and other law
> distributions applicable to critical infrastructure network topology
> across every industry.

[Tomas L. Byrnes] 
There's even a patent app on it, owned by AT&T: USPTO app 20060031575

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

More information about the funsec mailing list