lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 5 Jan 2009 21:02:01 +0000
From: n3td3v <xploitable@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Full-Disclosure wouldn't let me post this message

---------- Forwarded message ----------
From:  <full-disclosure-bounces@...ts.grok.org.uk>
Date: Sat, Jan 3, 2009 at 6:59 PM
Subject: Your message to Full-Disclosure awaits moderator approval
To: xploitable@...il.com


Your mail to 'Full-Disclosure' with the subject

   Israel-Gaza conflict: Cyber War or just Cyber Protest?

Is being held until the list moderator can review it for approval.

The reason it is being held:

   Message has a suspicious header

---------- Forwarded message ----------
From: n3td3v <xploitable@...il.com>
Date: Sat, Jan 3, 2009 at 6:59 PM
Subject: Israel-Gaza conflict: Cyber War or just Cyber Protest?
To: full-disclosure@...ts.grok.org.uk


If "cyber war" is just web site defacement then I don't think we ever
need to take "cyber war" too seriously.

It seems to me that "cyber war" just means protesters protesting and
no actual cyber war is there, as a cyber war would mean two sides
fighting, although two sides aren't fighting in "cyber" its all
one-way script kid web defacement, not real war in any sense.

Two sides fighting, a government and some other entity and the
internet stuck in the middle, now that would mean "cyber war", there
has been no cyber war and is unlikely to be one.

If people are marching in London today in the streets against the
Israel-Gaza conflict is that called "war"? Of course not, so why are
the media so quick to call protesting on-line, a war? [1]

What it really is, is folks protesting... a cyber protest, not a war.

Why are we using the wrong words to describe stuff? It's not even the
media, it was Gary Warner on a web log. [2]

[1] http://news.bbc.co.uk/1/hi/uk/7809656.stm

[2] http://garwarner.blogspot.com/2008/12/muslim-hackers-declare-cyberwar-on.html

We as a community should be cautious about using the wrong words to
describe stuff, because the media take influence from us guys on
mailing lists and blogs and at security conferences, so its important
we use "cyber protest" when script kids deface some web sites.

To put the right angle on this, it's unlikely to be new people doing
the defacements, its likely to be script kids who were defacers
anyway, and just change their political message to go with *whatever
the current climate is*.

Tomorrow the same folks will be defacing with a new message, they
don't care *really* about the message, defacers will find any reason
to deface.

It's unlikely the Israel-Gaza conflict defacers were only sprung into
action because of what is going on in the world, they would be
defacing anyway and looking for any excuse to do so.

Let's be careful from now on I don't like to see the wrong buzzwords
used and i'm sure Gadi doesn't either.

If Hamas cyber attacked Israel and Israel had a cyber response, then
that would be cyber war. This is not cyber war folks, this is a cyber
protest those kids are doing, they are unlikely to be connected with
anything thats going on and were web defacers anyway with a different
defacement message the day before.

Please I hope we as security experts know the difference.

I wrote this Email just incase because i'm sick of certain buzzwords
like cyber war when there isn't a cyber war.

When the day comes that a government and another entity is two-way
cyber fighting and say for instance critical national infrastructure
is affected then you can talk about cyber war, until then please
describe web site defacers as "cyber protest".

A cyber war is two-way fighting, one-way fighting is not a war!

And to clarify, a bunch of kids defacing a web site and you applying a
patch afterwards is not classed as two-way fighting and cannot be
considered "cyber war" either.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ