Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: IE zero-day used in Chinese cyber assault on 34 firms

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

____/ Mark Kent on Monday 18 Jan 2010 16:28 : \____

> 
> 
> Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx> espoused:
>>
>>
>>
>> ____/ nessuno on Thursday 14 Jan 2010 23:17 : \____
>>
>>> On Jan 14, 6:10 pm, bbgruff <bbgr...@xxxxxxxxxxx> wrote:
>>>> "Hackers who breached the defenses of Google, Adobe Systems and at least 32
>>>> other companies used a potent vulnerability in all versions of Internet
>>>> Explorer to carry out the attacks, researchers from McAfee said Thursday."
>>>>
>>>> "The previously unknown flaw in the IE browser was just one of the vectors
>>>> used in the attacks, McAfee CTO George Kurtz wrote in a blog post. Using a
>>>> sophisticated spear-phishing campaign, the perpetrators barraged employees
>>>> from at least 34 companies in the defense, finance and high technology
>>>> industries with a "cocktail of zero-day vulnerabilities," that installed
>>>> backdoors on their computers."
>>>>
>>>> "Our investigation has shown that Internet explorer is vulnerable on all of
>>>> Microsoft's most recent operating system releases, including Windows 7."
>>>>
>>>> http://www.theregister.co.uk/2010/01/14/cyber_assault_followup/
>>>>
>>>> I suppose it could have happened to any browser.....?
>>> 
>>> Big surprise.
>>
>> It's also the "click attachment to execute" mentality Windows encourages.
>> Some attacks were targeted.
>>
> 
> This suggests that corporates really ought to consider, from a security
> viewpoint, the Airbus approach to systems, particularly where security
> is such an issue.
> 
> If all corporates were to insist on, say, 3 different browser types all
> concurrently in-use, then it's amazingly unlikely that the same flaw
> would be replicable so readily.
> 
> If they were to go a step further forward, and insist on 3 different
> operating system code-bases, then this would further reduce the
> likelyhood of repeatable flaws.

Diversity is crucial for survival. There are many cases of famine in
history* where limiting the diversity of crops led to mass-scale starvation
(viruses and bugs, not in the computer sense).

Monoculture in agriculture is one massive risk in GMO.

> Whilst there are now 9 possible combinations, at least this has reduced
> the threat to almost 10% of what it was at the beginning of my post,
> which is pretty good for a relatively inexpensive and utterly dramatic
> improvement in security.
> 
> If these were to be run on, say, 3 different processing platforms, such
> as ARM, x86 and Cell, then we're now at 27 possibilities.

But the machines inside the companies are interconnected. It's like a
submarine with chambers...

> Perhaps, once these 27 combinations have been in play for some time,
> companies might then analyse the number of genuine threats to each of
> their platform combinations, and/or the expense associated with each
> platform combination in order to keep it clean, then the worst 3 could
> be removed, and perhaps replaced with some other alternative.  This
> process could continue until a reasonable level of security has been
> achieved.

Agreed. Linux has well over 10 Web browsers (a repo away), all of which are potent.

____
*IIRC, there was one even in Ireland not so long ago, with a million deaths.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAktWYQIACgkQU4xAY3RXLo64CwCeKogV5N5tABUgYcmyaoGYQ1xf
I7wAoKXIublUVLw3kY/W6MsO5x+vjMeJ
=BGwd
-----END PGP SIGNATURE-----

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index