Paul Hoffman
Mon, 21 May 2007 08:32:22 -0700
At 6:34 PM +0000 5/20/07, John Levine wrote:
>I've heard nothing formal, but my strong understanding is a lot of USgovernment machines, at least if we're talking workstations on non-classified nets, are in fact "0wn3d" at this point.Well, here's an anecdote: at last year's CEAS conference, Rob Thomas of Team Cymru gave the keynote on the underground economy, with a most horrifying set of both live demos and selected snapshots of the online bazaars where online warez are traded, everything from zombie farms to spamware to stolen credit cards. One of the more amusing was a guy who offered a zombie in some part of the government that you'd hope would be moderately secure, NASA or someplace like that, at a higher than normal price. The immediate response was ridicule, bots on government nets are a dime a dozen, and aren't worth any more than any other bot.
Oh, goodie. I get to the same source to show the opposite. At Rob's talk at the AOTA summit, he talked about someone offering some botted machines in a particular US government subnet at a normal prices and someone quickly over-bid by a suspiciously high amount. The assumption is that it was for the possible data on those machines.
--Paul Hoffman, Director --VPN Consortium --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]