lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 16 Jan 2009 13:57:19 -0200
From: M.B.Jr. <marcio.barbado@...il.com>
To: "andrew. wallace" <andrew.wallace@...ketmail.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Cyber War or just Cyber Protest?

Dear "you-know-who",


On Wed, Jan 14, 2009 at 5:14 PM, andrew. wallace
<andrew.wallace@...ketmail.com> wrote:
>
> If "cyber war" is just web site defacement then I don't think we ever
> need to take "cyber war" too seriously.


Starting -- all of a sudden, with wrong and fallacious premises cannot
obviously lead to solid conclusions.
Defacements constitute compromised information integrity, and that is serious.


>
> It seems to me that "cyber war" just means protesters protesting and
> no actual cyber war is there, as a cyber war would mean two sides
> fighting, although two sides aren't fighting in "cyber" its all
> one-way script kid web defacement, not real war in any sense.
>
> Two sides fighting, a government and some other entity and the
> internet stuck in the middle, now that would mean "cyber war", there
> has been no cyber war and is unlikely to be one.
>
> If people are marching in London today in the streets against the
> Israel-Gaza conflict is that called "war"? Of course not, so why are
> the media so quick to call protesting on-line, a war? [1]
>
> What it really is, is folks protesting... a cyber protest, not a war.
>
> Why are we using the wrong words to describe stuff? It's not even the
> media, it was Gary Warner on a web log. [2]
>
> [1] http://news.bbc.co.uk/1/hi/uk/7809656.stm
>
> [2] http://garwarner.blogspot.com/2008/12/muslim-hackers-declare-cyberwar-on.html
>
> We as a community should be cautious about using the wrong words to
> describe stuff, because the media take influence from us guys on
> mailing lists and blogs and at security conferences, so its important
> we use "cyber protest" when script kids deface some web sites.
>
> To put the right angle on this, it's unlikely to be new people doing
> the defacements, its likely to be script kids who were defacers
> anyway, and just change their political message to go with *whatever
> the current climate is*.
>
> Tomorrow the same folks will be defacing with a new message, they
> don't care *really* about the message, defacers will find any reason
> to deface.
>
> It's unlikely the Israel-Gaza conflict defacers were only sprung into
> action because of what is going on in the world, they would be
> defacing anyway and looking for any excuse to do so.
>
> Let's be careful from now on I don't like to see the wrong buzzwords
> used and i'm sure Gadi doesn't either.
>
> If Hamas cyber attacked Israel and Israel had a cyber response, then
> that would be cyber war. This is not cyber war folks, this is a cyber
> protest those kids are doing, they are unlikely to be connected with
> anything thats going on and were web defacers anyway with a different
> defacement message the day before.
>
> Please I hope we as security experts know the difference.
>
> I wrote this Email just incase because i'm sick of certain buzzwords
> like cyber war when there isn't a cyber war.
>
> When the day comes that a government and another entity is two-way
> cyber fighting and say for instance critical national infrastructure
> is affected then you can talk about cyber war, until then please
> describe web site defacers as "cyber protest".
>
> A cyber war is two-way fighting, one-way fighting is not a war!
>
> And to clarify, a bunch of kids defacing a web site and you applying a
> patch afterwards is not classed as two-way fighting and cannot be
> considered "cyber war" either.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/



--
Marcio Barbado, Jr.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ