Tuesday, March 15, 2011

Adobe still the best ad for cyber privateering

Once again, a zero-day hole in Adobe products demonstrates:
  1. My assertion that Adobe could use the threat of reprisal cyber attack to mitigate use of their products for malware exploits.
  2. The most stealthy exploits will use zero-day holes (I wrote at length about Stealth principle #14 of The Perfect Virus).
Let's face reality. Suppose we re-architect the entire Internet to eliminate flaws in TCP/IP security. Suppose anonymity is impossible to achieve in this brave new world. There's still nothing to prevent an agent provocateur or disgruntled insider from planting a virus in his company's trusted cloud service. Yes, the source of the virus would eventually be isolated. The company itself would have to do a mea culpa and probably take a big hit in both public trust and increased insurance premiums.

In short, a world without legal and bonded cyber privateers would still be a very insecure place. I see no alternatives for security enforcement. Again Australia, think about the power of a first-mover advantage. Translating the following "motto" into Latin might give it sufficient gravitas, but it's certainly much more compelling in English:
Light up a barbie for a hacker and you keep him warm for an afternoon. But throw him on the barbie and you keep him warm for a lifetime.

No comments:

Post a Comment

Implementation suggestions for THE MORGAN DOCTRINE are most welcome. What are the "Got'chas!"? What questions would some future Cyber Privateering Czar have to answer about this in a Senate confirmation hearing?