On 1/15/10 11:40 AM, Paul Ferguson wrote:
> I think it is dangerous, from a defense perspective, to say "This is
> responsible for that" when there are clearly several different things
> happening here -- instead of looking for quick explanation, everyone should
> step back and observe that there are several critical paths to compromise
> at work here.
1. Unlike GhostNet, which showed an interesting attack but jumped to
conclusions without evidence that it was China behind them -- based on
Ethos alone I'd like to think that when Google says China did it, they
know. Although being a commercial company with their own agenda, I am
saving final judgement.
2. The 0day disclosed here shows a higher level of sophistication, as
well as m.o which has been shown to be used by China in the past.
3. If this was China, which some recent talk seems to make ambiguous,
but still likely; they would have more than just one weapon in their
arsenal.
Gadi,
--
Gadi Evron,
[email protected].
Blog: http://gevron.livejournal.com/
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
