Economics, Physics, Psychology And How They Relate To Technical Aspects Of Counter Intelligence/Counter Espionage Within Information Security presented at Blackhat USA 2005

by Peiter ( Mudge ) Zatko,

Tags: Security Exploitation

Summary : The computer and network security fields
have made little progress in the past decade. The rhetoric that the
field is in an arms race; attacks are becoming more complicated and thus
defenses are always in a keep-up situation makes little sense when 10
year old root kits, BGP and DNS attacks that have been widely publicized
for years, and plain-text communications streams are still being taken
advantage of. This talk looks at the environment without being skewed by
currently marketed solutions. It then presents corollaries for
environments in different disciplines, such as economics and physics,
talks to certain psychological situations that prohibit researchers and
organizations from being able to correctly address the problems, maps
these solutions into Counter Intelligence and Counter Espionage models
and finally applies them to low level network and systems
communications. This presentation involves audience participation to
point out ways of breaking the helplessness cycle (for the defensive
side) or to better target areas for exploitation (for the offensive
side).