yeah, but that doesn't tell me how the attack too place, from a technical standpoint. :)
J On Wed, Jan 13, 2010 at 1:54 PM, Paul Ferguson <[email protected]>wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Wed, Jan 13, 2010 at 10:28 AM, Joel Esler <[email protected]> wrote: > > > Did anyone else think that there are two parts to that Google attack? > > Spearphishing, and it just seemed like there was another part, the part > > involving other companies? > > > > This is the most plausible explanation I have heard: > > "The US flaw-hunting specialist said that the attack was an attempt to > steal source code on an industrial scale and was, in many cases, probably > successful. If correct, this might explain why Google has by its own > normally quite restrained standards gone ballistic to the extent of > threatening to quit China." > > http://news.techworld.com/security/3210137/google-hack-hit-33-other-compani > es/ > > Having been in contact with the "US flaw-hunting specialist" mentioned > above, this lines up pretty accurately. > > - - ferg > > -----BEGIN PGP SIGNATURE----- > Version: PGP Desktop 9.5.3 (Build 5003) > > wj8DBQFLThbIq1pz9mNUZTMRAuhgAKCWLouyBUfgESnOyGu/XiwX09xWfQCfTcb1 > XIr5O5SfYPvAwtErNZAoGlk= > =I9ps > -----END PGP SIGNATURE----- > > > > -- > "Fergie", a.k.a. Paul Ferguson > Engineering Architecture for the Internet > fergdawgster(at)gmail.com > ferg's tech blog: http://fergdawg.blogspot.com/ > -- Joel Esler
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
