Notatypewriter's Blog

Umm… what?

Posts Tagged ‘advanced persistent threat

Second to last place is not good enough anymore

leave a comment »

They say that if you’re running from a hungry bear, you only need to be the second slowest person in the group.

I’m taking a Secure Programming course and my professor said basically the same thing: that you only need to be marginally better than the worst guy to discourage many attacks. To put this into context, he was talking about using canaries to detect heap overflows. This would make your program slightly harder to exploit and you would hope an unskilled attacker would just move on.

Then, I was reading about how Google is redirecting it’s .cn site to .hk to route around censorship and I was thinking about how we got here. Basically, Google claimed it was the target of a sophisticated hacking effort coming from the Chinese mainland, and at the very least tacitly approved by the PRC government.

Putting these two thoughts together, I’ve come to the conclusion that I don’t think my professor’s advice holds anymore in the era of the Advanced Persistent Threat (APT)*. Read the rest of this entry »

Written by notatypewriter

2010 March 22 at 8:26 pm

%d bloggers like this: