In addition to all the cycles we spent in our weekly research meeting trying to come up with cool t-shirt ideas featuring APT1, we also spent a bunch of time talking about the real impact of the Mandiant report, and how hacking for the Chinese is just different than what the US (and most other governments) do.
In the least surprising news of the day, the guy who sold his start-up, Zenprise, to Citrix, concluded that selling standalone MDM was a tough sell.
I spent half an hour yesterday morning shoveling snow from the walkways around my house. Most of you reading this will think “so what”, as you see snow on an all-too-regular basis. For me, living in Phoenix, snow is something that happens once every 30 years or so. So for the first time in my life I got a snow day – and it was fun. Only 2 inches, but still, a totally alien experience here on the surface of the sun. Better still, the dogs loved it:
One of the responses that keeps coming up as everyone discusses Mandiant’s report on APT1 is, “yeah, but China isn’t the only threat, and even the U.S. engages in offensive hacking”.
We are in the middle of what may be the single most disruptive transition in the practice of information security. Not one of technology, threats, or practices, but of politics. It is occurring in the hallways of capitals and the planning rooms of militaries, instead of in boardrooms of enterprises and startups in California and Massachusetts. This transition will define our priorities for the coming decades, as well as the winners and losers of the future.
5 years. It doesn’t seem that long. It seems like yesterday I was on the phone screaming at the office manager of my (previous) dentist. He told the Boss something and then backtracked on it, and I had to write a check to fix the problem. I had just dropped my dental insurance and that little optional procedure wasn’t going to be covered as he had said it would. I told them to pound sand, which was a good move – I settled for perhaps 30% of the cost 18 months later, before it went to…
Brent Simmons brought up a great issue regarding the Twitter hack and the way OAuth works. Twitter’s notification to users:
IAM projects are complex, encompassing most IT infrastructure, and can take years to fully implement and roll out. So trying to do everything at once is a recipe for failure. So we turn our discussion to how to deploy IAM without biting off more than you can chew. We will discuss how to approach building an architectural schema for your particular organization, based on the cloud service and deployment models you have selected. Then we will create different implementation roadmaps depending your…
Now that we have posted our RSA Conference Guide, we can get back to lampooning the annual ritual of trying to get folks to scan their badges on the show floor. Great perspective here from Ranum on the bad behavior you’ll see next week, all in the name of lead generation. I’m not sure if I should be howling or repulsed by this idea:
Unless you have been living in a cave, you know that earlier today Mandiant released a report with specific intelligence on the group they designate as APT1. No one has ever released this level of detail about state-sponsored Chinese hackers. Actually, “state-employed” is probably a better term. This is the kind of public report that could have political implications, and we will be discussing it for a long time.