From Security Weekly WikiJump to navigationJump to search
, 15:40, 29 September 2016
== Jack's Stories ==
#This week Jack goes barking mad about "Active Defense", "Hacking Back", and Related Stupidity.
#[http://www.recode.net/2016/9/23/13032420/yahoo-breach-hackers-preemptive-cybersecurity This article says the Yahoo breach proves that we should "act preemptively" to combat breaches.] Yeah, at a company that ignores its security team that will work very well.
#[http://ethics.calpoly.edu/hackingback.htm Here's a PDF on the ethics of hacking back] which takes the position that all active defense is "hacking back" and misses the mark in several other ways. BUT, there are a few decent thoughts hidding in the derp.
#[http://www.cnas.org/sites/default/files/publications-pdf/CNAS_ActiveCyberDefense_Lachow_0.pdf An older PDF of a policy brief on "Active Cyber Defense"] which is pretty decent, in spite of using the phrase "CEZ, Cyber Engagement Zone".