interesting-people message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]

Subject: [IP] more on Cybersecurity: they just don't get it...



Begin forwarded message:

From: Ross Stapleton-Gray <amicus@well.com>
Date: July 26, 2004 5:06:32 PM PDT
To: dave@farber.net, johnmacsgroup@yahoogroups.com
Cc: Declan McCullagh <declan@well.com>, Peter Neumann <neumann@csl.sri.com> Subject: [johnmacsgroup] Re: [IP] Cybersecurity: they just don't get it... 
Reply-To: johnmacsgroup@yahoogroups.com

At 04:44 PM 7/26/2004, wes_morgan@US.IBM.COM wrote:

I now know that they're using 802.11b, and I know the name at least one
system handling the webcam feeds, and (with a bit of reconaissance) I can 
probably determine the position of at least one camera.

So much for cybersecurity; I can't believe that the Feds even let that
stuff on the air, much less that they did so without obfuscating critical 
information.

*sigh*  What were they thinking


I would guess that the single greatest impact of any of this would be in
the public at large thinking, "Ah, they're using modern technology to
monitor things at the convention... looks like they're prepared!"  Given
that this is so much more an era of perceptions than of reality, you could 
chalk this (exposure of security systems on CNN) down as "doing their
(primary) job."
And there are a variety of other potential wrinkles. It could be that this was entirely scripted, and the intent is to dangle a tempting vulnerability 
in hopes of attracting attention... that 802.11b network *is* exposed,
*but* part of a honeynet; that one camera, and others looking like it, are 
either dummies, or secondary to the *real* cameras, which are all
hard-wired, and not looking all that much like the ones they highlighted on 
CNN...

I suspect, like the pre-selection of all the candidates rendering the
actual purpose of a convention into that of an infomercial, that this layer 
of physical security won't really matter all that much.

I'd worry about other things, e.g., "smart target" hacking, where [pick
your terrorist bogeyman] cons one or more of the protesting groups into
becoming martyrs to the cause of socio-economic terrorism, and summons a
"flash mob" of jubilant and radicalized techno-youth to convene on the spot 
where they've previously deposited the explosives-laden backpack...

Ross



-----

Ross Stapleton-Gray, Ph.D., CISSP
Stapleton-Gray & Associates, Inc.
http://www.stapleton-gray.com




------------------------ Yahoo! Groups Sponsor --------------------~-->
Make a clean sweep of pop-up ads. Yahoo! Companion Toolbar.
Now with Pop-Up Blocker. Get it for free!
http://us.click.yahoo.com/L5YrjA/eSIIAA/yQLSAA/XgSolB/TM
--------------------------------------------------------------------~->


Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/johnmacsgroup/

<*> To unsubscribe from this group, send an email to:
    johnmacsgroup-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/


-------------------------------------
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]

Powered by eList eXpress LLC