(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Archive for June 19th, 2012

“Active Defense” The New Digital Wild West Justice

with 3 comments

Bringing A Knife To A Gun Fight

So, companies are starting to consider what is being called “Active Defense” against would be attackers online. Given what I know about the places I have seen over the years as a consultant, I would have to say that this would be the net effect of bringing a knife to a gunfight. Why you ask? Well, because as we have seen generally, and are being told all of the time by numerous people, we, generally, do not have very good defenses in many companies never mind the wherewithal to “strike back at” anyone that might be knocking on your digital door. This my friends, is one of the worst ideas in all of human kinds existence.

No doubt it will be the norm soon though, with a vendor on every stoop selling the next whizbang “blackice” to get those pesky APT’s

Wheeee, I can’t wait! Look, why not just fix the stuff you have and work on keeping it secure and not letting the bad men in first shall we? What? That’s not sexy enough? You say it’s not proactive? You need to see blood once you have been hacked?

Oy vey…

Earps, Clantons, And The Duck Of Death

I can see it now, it’s going to be akin to Old West gangs on the internets. The Duck of Death will be out gun-slinging, calling out all those weaker sorts in his clipped British accent.

“Come now sir, you really think that firewall will stop me? Don’t you know who I am? I am the Duke of Death”

This will just get out of hand and incredibly stupid. Sure, you can say that you are just going to maybe tarpit those attackers to prevent them from getting in quickly, but, you have to know that there will be (already are) services where blackhat types will hack back against those who “dun you wrong”

*spits into spitoon*

“Yup, I can git a cyber posse together and we can capture those there cyber varmints that done you harm lil missy”

This won’t end well…

Seriously? We Can’t Even Secure Our Shit

On a more serious note though, how many companies are really in a position to even think that they are near being secure? What we have developing here is just a reactionary “for hire” model of blackhats, and really, who’s to say that this company you are hiring isn’t going to rat you out in the end anyway? Or, for that matter, that their super blinky light appliance really will do what they claim and.. Well… What? Attack who? God, don’t even get me going on attribution here! I mean, really, c’mon, I have been all over this, who’s to say that Pharmacombinate A actually hacked your secret sauce in the first place? Especially if you have poor defensed already and no real way to tell if you are right.

Oh, and do you have a proactive and knowledgeable security team anyway? Do they have control over the environment (as much as anyone can) to respond not only to an incident, but also the aftermath? Are they in fact going to push the button on countermeasures? Will it be automated and perhaps cut off business operations because someone forgot to enter an IP address into a firewall or “hack back” appliance? What if it’s a client or business partner under that same scenario? Are you going to hack them? Block their traffic and thus go back to the issue of stopping work flow?

Nope, this is an idea that will just end in heartburn and law suits I suspect….

Bad Ideas, Like Cockroaches, Proliferate Quickly

Oh well, I am sure there are plenty of vendors out there printing up color glossies for the rubes to  buy. Others are making appliances with blinky lights and maybe even sound effects


Oh there will be douchery, and lots of it I suspect. Say, how long does snake oil take to ferment anyway?



Written by Krypt3ia

2012/06/19 at 20:32

Tweeting Cyberwar and Other Ridiculous Ideas

leave a comment »

The “Benefits” of Cyber War?

Something has been sticking in my craw lately and, like a grain of sand in the gullet of an oyster, it has finally matured into a pearl of… Well, not wisdom as much as bilious hate, but I do hope that it does enlighten some and denounce others for their vulgar stupidity. As you can see from the image above, the grain of sand that started this came from our pal Richard Bejtlich over at Mandiant. I have often found his diatribes to be products of the “echo chamber of secrets” that he lives in, but now it seems that his pathology is beacon-ing straight out of his nether regions and leaking onto his Twitter feed…and it seems he is fresh out of depends undergarments.

The quote on the “benefits” of cyber-war is completely out of whack and I would like to point you all in the direction of the fallacy of his train of thought. Richard, it’s not about how many are alive today because we used a stalling tactic cum sabotage against their nuclear program, it’s about us actually doing this and opening Pandora’s box on ALL of us because we did so without really thinking about it. THAT’s the issue you fail to grasp and it is something that you and many more like you in the “establishment” fail to get. So, no, we did not bomb the facility, but neither did we forestall the Iranian efforts to the point of dissuading them from carrying on, nor actually conceive of the idea that they would redouble their efforts post the attack. We poked the badger and now it’s pissed AND has the same weapon we used on them to RE-USE against us.


Of course, I am not advocating the idea that this type of activity should just be verboten and that we should eschew such things. No, I agree in the use of the technology and the ends that we had in mind. No, what I disagree with now is that it’s being used as a cudgel in an election cycle and has turned into a FUD parade bigger than any ever seen before. It seems that the movers and shakers out there in Washington got new toys that they just had to play with and then brag about, at least that’s my perception. Of course then they have their rah rah guys like ol’ Tao here saying something to the effect that it’s a clean and precise warfare.

No, it’s not.

Tell That To The Iranian Physicists and Their Families

So Rich, how many lives were saved? How many were lost here should be the question. I can remember at least 3 Iranian scientists who went kaboom during and after the Stuxnet attacks. I also know I have heard of other people, including CIA assets that are missing and presumed killed who may also have had something to do with the operation in Natanz. So, it’s not really a clean warfare is it? In fact, lets expand on this and think about the FUD factors being talked about in the Congress and in general where “Cyber-War” is concerned. The fear is that when the shit goes down because someone inserted a worm into say the grid, then people start dying. Sure, they would likely be people in hospitals who are really sick, aka the sick and the aged, but hey, those are just collateral damages right?

No war is clean, no war is precise, and as we are seeing from all accounts even with drones, there will ALWAYS be collateral damage. So don’t blow sunshine up our collective asses on this one Richard. The fact is, this one could be really bad for many people if the situations are right and, by my estimation, will always have some portion of actual deaths attached to them because of blowback. Of course, all of this talk depends on whether or not you buy into the idea of this activity actually being “war’ in the traditional sense of the word. Like I said before, we are not even sure what “cyber-war” is nor have we really created rules and doctrine around it. So, let’s not go and minimize the issue by saying “gee, look how many lives we saved by not bombing the shit out of them!” The effects of the sabotage politically as well as what reprisals Iran might be thinking about or acting upon are not fully realized yet so it’s a bit early to start the spin there Rich.

Monkeys With Digital Guns

I have said this before and I am saying it again, we are just monkeys with digital guns. Fools with tools really. I am afraid of the level of hubris here and frankly feel that it’s almost time to just become a Luddite. At least Luddites won’t be compromised by their toasters because China made malware to p0wn us all. I really feel like Taylor, standing before the wreckage of the Statue of Liberty, yelling as Nova looks on like “Holy WTF?”


How about we all take a step back and ponder what we have done? Lets look at the repercussions as well as the current state of our own systems before we move ahead at full steam?

What? The Pentagon is advertising for black hats?


Well, guess time will tell what the first “great cyberwar” will bring. Could be a lot of nothing.. Could be some indigestion… Could be a collective fart… Much like the fart that I consider the tweet that started this whole diatribe. Start digging your trenches kids, the digital mustard gas is next.


Written by Krypt3ia

2012/06/19 at 15:18