Agreed. Now all you need to do is convince the people who need to solve the problem that you have a pointer for them to use without a label?? The market (probably because of the marketing types) is discussing and wanting solutions for "the APT problem." To see how embedded this language is in the current discourse, look no further than the RSA SecureID problem "explanation" that is being proffered in lieu of a real technical explanation of what happened.
Welcome to commercial security. gem On 3/26/11 9:52 AM, "Haroon Meer" <har...@thinkst.com> wrote: >Heya Gary (all) > >On Sat, Mar 26, 2011 at 3:32 PM, Gary McGraw <g...@cigital.com> wrote: >> I agree that the APT term is overused by the marketing types. In this >> case you can translate it as malware that infects a server or an ad >> network and is "served up" to unwitting victims in a drive by download.> > >Malware distributors look for good distribution channels, and the >ad-server provides one. >While it is a Threat, it's no more Advanced than we have seen before. >It isn't more "Persistant" than Stoned [1] was on a disk. > >> What would you call it haroon? > >In truth, i would avoid giving it a new name. >Drive by download: Yes. APT: No > >/mh > >[1] http://en.wikipedia.org/wiki/Stoned_(computer_virus) > >-- >Haroon Meer | Thinkst Applied Research >http://thinkst.com/pgp/haroon.txt >Tel: +27 83 786 6637 _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________