[121321] in North American Network Operators' Group
Re: Anyone see a game changer here?
daemon@ATHENA.MIT.EDU (Jon Lewis)
Fri Jan 15 10:38:22 2010
Date: Fri, 15 Jan 2010 10:37:30 -0500 (EST)
From: Jon Lewis <jlewis@lewis.org>
To: Bruce Williams <williams.bruce@gmail.com>
In-Reply-To: <775e001a1001150607m178c58cdscff8587adccb895f@mail.gmail.com>
Cc: Nanog <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Fri, 15 Jan 2010, Bruce Williams wrote:
> "The alleged attacks from China are troubling on many fronts. On
> Thursday, security firm McAfee released a report saying the program
> used to target U.S. firms involved a so-called "zero day"
> vulnerability -- one that was to this point unknown to the security
> community, and thus indefensible by anti-virus software. The flaw
...
> "These highly customized attacks known as advanced persistent threats
> were primarily seen by governments and the mere mention of them
> strikes fear in any cyberwarrior,� wrote McAfee's George Kurtz in a
He makes it sound like nobody's ever discovered 0-day sploits in use in
the wild / had 0-day sploits used against them. The term 0-day has been
around for quite some time for a reason.
I don't see anything new here other than the insinuation that the Chinese
government might have been behind their use.
Does anyone really believe that the use of targeted 0-day exploits to gain
unauthorized access to information hasn't been at least considered if not
used by spies working for other [than China] countries?
----------------------------------------------------------------------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
