When you're off in an undisclosed location with limited connectivity,
much like Dick Cheney, you have a lot of time to think. It's not like
the world has been standing still: Zynamics was sold to Google, the HB
Gary/Anonymous/Wikileaks thing rolls on, and the French government
caught someone owning them, for once.
These things are all linked in many amazing ways!
1. 0day can happen to anyone. Always remember TBob's fantastic quote
("You can hack me, but you should remember I'm probably better at that
sort of thing than you are"). It's completely impossible to write a
secure application in PHP. Deploying mod_php is the Internet equivalent
of a "BIKERS SUCK" bumper sticker, as HBGary found out.
2. The problem Anonymous solves is analysis of large datasets (which is
also the problem the "Wiki" in Wikileaks was trying to solve). Hacking
ends up as equivalent to the problem of analysis of large sets of data
once you're reasonably competent at the basics. Analysis of all the
world's "data at rest" is a lot harder than analysis of the world's data
"in transit". Hence, the group with the biggest Google wins any serious
cyber-war. Having Zynamics on board is going to make it more likely that
Google itself will be in control of its own computer, which is, as
Halvar's post points out, one of a small handful in the world with the
ability to process sets of real data.
3. Nobody cares about the 0day Ars Technica and Anonymous have posted
about (via HBGary). I didn't see a single post from anyone saying "Hey,
we should see if our Windows 2003 boxes are owned. Someone clearly has
working 0day." Or the VMWare ESXi bug, or any of that list of Endgame.us
bugs. Basically nobody changes their behavior in the slightest at the
sign of immediate threats.
Boom!
-dave
_______________________________________________
Dailydave mailing list
[email protected]
https://lists.immunityinc.com/mailman/listinfo/dailydave
