lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <463975.158231228075369428.JavaMail.juha-matti.laurio@netti.fi>
Date: Sun, 30 Nov 2008 22:02:48 +0200 (EET)
From: Juha-Matti Laurio <juha-matti.laurio@...ti.fi>
To: Mike C <mike.cartall@...il.com>, 
	Some Guy Posting To Full Disclosure <fd.leach@...glemail.com>
Cc: Full Disclosure <full-disclosure@...ts.grok.org.uk>
Subject: Re: Project Chroma: A color code for the state of
 cyber security

And IBM Internet Security Systems has its AlertCon
https://webapp.iss.net/gtoc/index.html

Fortinet (in fact FortiGuard Center) uses colors too:
http://www.fortinet.com/

Both of these are known for years.

Juha-Matti

Some Guy Posting To Full Disclosure [fd.leach@...glemail.com] kirjoitti: 
> I'd just like to point out that Symantec has something similar.
> See here: <http://www.symantec.com/security_response/threatconlearn.jsp>
> 
> It's not applied in such a useful way as you suggest - but in case you
> wanted to know.
> 
> On 11/29/08, Mike C <mike.cartall@...il.com> wrote:
> > Hi,
> >
> > It is time to take an example from Homeland Security and define codes
> > of color for cyber-warfare threat levels. I propose the following:
> >
> > Green level: There is negligible threat to online security.
> > Yellow level : There is a minimal level of threat, and this must be
> > monitored and contained.
> > Orange level: This level of threat indicates there are parties who are
> > actively engaging in cyber-warfare. Caution is required when online.
> > Red level: This level indicates a full blown cyber-war. It indicates
> > very high probability of all communications being intercepted.
> >
> > While homeland security's implementation does not seem to have a real
> > world merit, such a threat level would certainly be very useful in the
> > online security realm. Please disseminate this announcement of the
> > project Chroma levels for online security. The immediate mission of
> > the project is to be picked up by the antivirus and security tools
> > vendors, so as to add the color codes to their products and provide
> > users with a tangible measure of their online security.
> >
> > Current status: Threat level Yellow.
> >
> > --
> > MC
> > Security Researcher
> > Lead, Project Chroma.
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
> 
> 
> -- 
> I'm your best best friend.
> 
> Usually I like it when you contradict me, it might help me learn. Just
> don't be so angry.
> 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ