• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: [Fed-Talk] Death of signatures
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Fed-Talk] Death of signatures

  • Subject: Re: [Fed-Talk] Death of signatures
  • From: "O'Donnell, Dan" <email@hidden>
  • Date: Tue, 14 Feb 2012 21:39:25 +0000
  • Thread-topic: [Fed-Talk] Death of signatures
Dan Geer asserts that the problem is much bigger than simply signature-based detection failing. He says the current infosec paradigm doesn't scale.

Manifesto is from last week: http://geer.tinho.net/geer.suitsandspooks.8ii12.txt


From: Todd Heberlein <email@hidden>
Date: Sun, 12 Feb 2012 13:20:54 -0800
To: "email@hidden" <email@hidden>
Subject: [Fed-Talk] Death of signatures

In my recent MacIT talk at MacWorld I led off with lots of examples of how signature-based intrusion detection is failing. It turns out the DoD & Congress agree, and the 2012 Defense Authorization Act specifically calls out for new detection approaches.

Of course, this means that system and security administrators (the cyber ground forces, so to speak) need to be ready to verify and analyze previously unknown attacks. I wonder if the DoD will budget for continuous training for the cyber ground forces?  (Not to mention giving them salaries to retain them)

Todd


SEC. 953. STRATEGY TO ACQUIRE CAPABILITIES TO DETECT PREVIOUSLY UNKNOWN CYBER ATTACKS.

(a) IN GENERAL.—The Secretary of Defense shall develop and implement a plan to augment the cybersecurity strategy of the Department of Defense through the acquisition of advanced capabilities to discover and isolate penetrations and attacks that were previously unknown and for which signatures have not been developed for incorporation into computer intrusion detection and prevention systems and anti-virus software systems.


__________________________________________________________________________

This email message is for the sole use of the intended recipient(s) and
may contain confidential information. Any unauthorized review, use,
disclosure or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply email and destroy all copies
of the original message.

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: [Fed-Talk] Death of signatures
      • From: Todd Heberlein <email@hidden>
References: 
 >[Fed-Talk] Death of signatures (From: Todd Heberlein <email@hidden>)

  • Prev by Date: Re: [Fed-Talk] A serious security issue with iOS (iPad and iPhone)
  • Next by Date: Re: [Fed-Talk] Death of signatures
  • Previous by thread: Re: [Fed-Talk] Death of signatures
  • Next by thread: Re: [Fed-Talk] Death of signatures
  • Index(es):
    • Date
    • Thread