At 6:34 PM + 5/20/07, John Levine wrote:
I've heard nothing formal, but my strong understanding is a lot of US
government machines, at least if we're talking workstations on
non-classified nets, are in fact 0wn3d at this point.
Well, here's an anecdote: at last year's CEAS conference,
A while ago, I did a rough calculation that made
me state that 15-30% of all machines are no longer
under the sole control of their owner. In the
intervening months, I got some hate mail on this,
but in those same intervening months Vint Cerf
said 40%, Microsoft said 2/3rds, and IDC said
Ivan Krstić wrote:
I think it's anything but surprising. There's only so much you can do to
significantly improve systems security if you're unwilling to break
backwards compatibility -- many of the fundamental premises of desktop
security are fatally flawed, chief among them the idea that all
I've heard nothing formal, but my strong understanding is a lot of US
government machines, at least if we're talking workstations on
non-classified nets, are in fact 0wn3d at this point.
Well, here's an anecdote: at last year's CEAS conference, Rob Thomas
of Team Cymru gave the keynote on the
Trei, Peter [EMAIL PROTECTED] writes:
1. Do you have any particular evidence that any significant
number of US .gov machines are bots? They may well be, just
I haven't heard this.
I've heard nothing formal, but my strong understanding is a lot of US
government machines, at least if we're
On Sat, May 19, 2007 at 05:01:03PM -0400, Perry E. Metzger wrote:
|
| Trei, Peter [EMAIL PROTECTED] writes:
| 1. Do you have any particular evidence that any significant
| number of US .gov machines are bots? They may well be, just
| I haven't heard this.
|
| I've heard nothing formal, but
Perry E. Metzger wrote:
What is interesting to me is that, even though things have nearly
gotten as bad as they could possibly get, we still have seen very
little real effort made to improve systems security (at least in
comparison with what is necessary to make a big dent).
I think it's
Adam Shostack [EMAIL PROTECTED] writes:
On Sat, May 19, 2007 at 05:01:03PM -0400, Perry E. Metzger wrote:
|
| Trei, Peter [EMAIL PROTECTED] writes:
| 1. Do you have any particular evidence that any significant
| number of US .gov machines are bots? They may well be, just
| I haven't