--- calin.chiorean@secdisk.net wrote: From: "calin.chiorean" <calin.chiorean@secdisk.net> :: This all seems to be noobie stuff. There's nothing technically cool :: to see here
You mean the report or the activity?
The activity.
You seem "upset" that they are using M$ only(target and source).
I'm not upset. I'm pointing out what Steven Bellovin said in just a few words: "This strongly suggests that it's not their A-team..." This is a technical mailing list where cutting edge stuff is discussed. The compromise was not using cutting edge stuff and, so, is a big <yawn> for this list. The report was mainly for reporters. That's why they had the omg sound byte bullet points at the top. It's also why they had to explain several low level things in detail. <snip>
Maybe it was meant to be found.
That is a definite possibility. scott
Scott Weeks wrote:
--- calin.chiorean@secdisk.net wrote:
You seem "upset" that they are using M$ only(target and source). I'm not upset. I'm pointing out what Steven Bellovin said in just a few words: "This strongly suggests that it's not their A-team..."
This is a technical mailing list where cutting edge stuff is discussed. The compromise was not using cutting edge stuff and, so, is a big <yawn> for this list.
Not to be pedantic, but I thought the list was about network operations - and as much (or more) about practice, than about "cutting edge stuff." (Well maybe a little pedantic.) From an operational point of view, unless I'm an exceptionally high-value target, I'm more likely to be threatened by the B-team (or C-team), than the A-team (recognizing, of course, that what the A-team is doing today, is what the script kiddies will be doing tomorrow). Miles Fidelman -- In theory, there is no difference between theory and practice. In practice, there is. .... Yogi Berra
On 2/21/2013 12:17 PM, Scott Weeks wrote:
I'm not upset. I'm pointing out what Steven Bellovin said in just a few words: "This strongly suggests that it's not their A-team..."
The A-team doesn't get caught and detailed. The purpose of the other teams is to detect easy targets, handle easy jobs, and create lots of noise for the A-team to hide in. Hacking has always had a lot in common with magic. Misdirection is a useful tool. Jack
And so their bush league by itself was responsible for all the penetrations that mandiant says they did? Which shows that they don't have to be particularly smart, just a bit smarter than their average spear phish or other attack's victim. On Friday, February 22, 2013, Jack Bates wrote:
On 2/21/2013 12:17 PM, Scott Weeks wrote:
I'm not upset. I'm pointing out what Steven Bellovin said in just a few words: "This strongly suggests that it's not their A-team..."
The A-team doesn't get caught and detailed. The purpose of the other teams is to detect easy targets, handle easy jobs, and create lots of noise for the A-team to hide in. Hacking has always had a lot in common with magic. Misdirection is a useful tool.
Jack
-- --srs (iPad)
On Fri, 22 Feb 2013 06:11:21 +0530, Suresh Ramasubramanian said:
And so their bush league by itself was responsible for all the penetrations that mandiant says they did? Which shows that they don't have to be particularly smart, just a bit smarter than their average spear phish or other attack's victim.
As I said - that's the scary part. :)
----- Original Message ----- From: <Valdis.Kletnieks@vt.edu> To: "Suresh Ramasubramanian" <ops.lists@gmail.com> Cc: <nanog@nanog.org> Sent: Thursday, February 21, 2013 5:54 PM Subject: Re: NYT covers China cyberthreat And since it's Wacky Friday somewhere: http://arstechnica.com/security/2013/02/how-anonymous-accidentally-helped-ex...
On Thu, Feb 21, 2013 at 3:58 PM, Jack Bates <jbates@brightok.net> wrote:
The A-team doesn't get caught and detailed
no, the A-team has BA Baraccus... he pities the fool who gets caught and detailed... the last thing BA detailed was his black van.
On 21 February 2013 21:58, Jack Bates <jbates@brightok.net> wrote: ...
The A-team doesn't get caught and detailed. The purpose of the other teams is to detect easy targets, handle easy jobs, and create lots of noise for the A-team to hide in. Hacking has always had a lot in common with magic. Misdirection is a useful tool.
Jack
Or theres only a B-team, and the china government is as corrupted and infective as the USA one. -- -- ℱin del ℳensaje.
participants (8)
-
.
-
Christopher Morrow
-
Jack Bates
-
Michael Painter
-
Miles Fidelman
-
Scott Weeks
-
Suresh Ramasubramanian
-
Valdis.Kletnieks@vt.edu