Barry Irwin
SensePost
I like it when people agree with me, especially when it is Prof. Eugene Spafford.
In my entry titled 'The Titans still Reign' I said:
The 'horn blowing' around these attacks is completely opposite to what we have seen with other compromises where it took a (American only) law to get any sort of disclosure out of companies. Could it be that some sort of pariah state is looking to garner sympathy for an attack (the truth of the compromise is not relevant in this theory).
Today, Prof Spafford said something similar:
It remains to be seen why so many stories are popping up now. It’s possible that there has been a recent surge in activity, or perhaps some recent change has made it more visible to various parties involved. However, that kind of behavior is normally kept under wraps. That several stories are leaking out, with similar elements, suggests that there may be some kind of political positioning also going on — the stories are being released to create leverage in some other situation.
Additionally, he agrees that we can't be sure this is the Chinese government's doing:
[W]e can be reasonably sure that not all the events being discovered are actually government sanctioned; that not all the actors are being accurately identified; and probably only a fraction of the incidents are actually being discovered.
What we can reasonably conclude from this, is that people should just read my blog instead of waiting 10 days for someone famous to say the same thing ;) Also, Bejtlich has some nice posts (1, 2, 3, 4, 5, 6, 7) on the matter.
Schneier on Security: Friday Squid Blogging: Preserving Giant Squid
0 Trackbacks