Posted May 6, 07:44 AM by ben
I sit through several presentations a month. It’s part of my job, and some of the presentations can even be insightful. But lets talk about threats. This is something most people like to touch on; certainly it’s a topic that can be on the more exotic side. Cloak and dagger, espionage (e-espionage? i-espionage?) and all that.
Some advice to separate you from your competitors:
Do not talk about RBN (or other such organizations) and then reference “people living in their mother’s basement”.
On second thought, do not mention pimply kids or mothers basements no matter what your discussing.
It marginalizes the threat into a pigeon-holed ideal of what the threat was in 1989. Nowadays, The guy may still be in the basement but he simply an agent of a larger threat. It’s irrelevant where he lives, but the fact that he spends 40-60 hours a week on herding his bot or owning websites and generally being a symptom of a bigger problem.
Get out of the old mindset, you’re hurting the real issue here if you keep floating back and forth between threat models.
additional reading: Evolving Threats by Corman.
// :: /
Commenting is closed for this article.
This work by http://electricfork.com is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.
I lead an information security ops and response team. This site is a collection of interesting notes and brainstorms on the protecting from, detecting of, and responding to badness. You can read more about me or my site here.
You can subscribe to my blog via rss 
, or if you're looking for older items check out my archive of previous posts.
I organize a small infosec meetup in baltimore called charmsec. If you are looking for charmsec details you probably want to go here.
RSS