[SCADASEC] Major Linux security hole found
Clint Bodungen
clint at cidgcorp.com
Tue Feb 12 17:17:52 CST 2008
I agree. You will never eliminate all possibility of a malicious insider
until we learn to read minds or can do what they do in "Minority Report."
:P
Paul Williams from Gray Hat Research is damn close. If you've never seen
his presentations you need to. The man is an amazing criminal profiler who
specializes in catching insiders. He's predicted insider attacks down to
the day just by looking at resumes and photographs of suspects (of course
there is more to it than that but that's what it boils down to).
Clint
-----Original Message-----
From: scadasec-bounces at news.infracritical.com
[mailto:scadasec-bounces at news.infracritical.com] On Behalf Of ljknews
Sent: Tuesday, February 12, 2008 4:46 PM
To: scadasec at news.infracritical.com
Subject: Re: [SCADASEC] Major Linux security hole found
At 4:19 PM -0600 2/12/08, Clint Bodungen wrote:
> I *was*, in fact, only speaking of a remote/outside attack. I purposely
> left out the insider aspect because if you already have an insider on a
> critical system capable of executing a privilege escalation exploit,
you're
> already screwed. An insider with mal-intent, and even less skill, can
still
> do much worse than execute a stupid privilege escalation attack.
Any organization confident that they have eliminated all
possibility of having a malicious insider should get out
of whatever business they are in and switch over to doing
personnel consulting for vulnerable organizations, including
those US government agencies who have had top secret data
deliberately compromised by insiders.
Perhaps most egregious was the Walker case where a US Navy
insider gave/soldcrypto keying data. I am sure they would
love to have a solution to absolutely avoid insider attacks.
--
Larry Kilgallen
_______________________________________________
To unsubscribe from this mailing list, please visit:
http://news.infracritical.com/mailman/listinfo/scadasec
To review our privacy statement, please visit:
http://www.infracritical.com/privacy.html
scadasec at news.infracritical.com
http://news.infracritical.com/mailman/listinfo/scadasec
More information about the scadasec
mailing list