Changes

From Security Weekly Wiki
Jump to navigationJump to search
1 byte removed ,  15:41, 29 September 2016
#This week Jack goes barking mad about "Active Defense", "Hacking Back", and Related Stupidity.
##[http://www.recode.net/2016/9/23/13032420/yahoo-breach-hackers-preemptive-cybersecurity This article says the Yahoo breach proves that we should "act preemptively" to combat breaches.] Yeah, at a company that ignores its security team that will work very well.
##[http://ethics.calpoly.edu/hackingback.htm Here's a PDF on the ethics of hacking back] which takes the position that all active defense is "hacking back" and misses the mark in several other ways. BUT, there are a few decent thoughts hidding hiding in the derp.
##[http://www.cnas.org/sites/default/files/publications-pdf/CNAS_ActiveCyberDefense_Lachow_0.pdf An older PDF of a policy brief on "Active Cyber Defense"] which is pretty decent, in spite of using the phrase "CEZ, Cyber Engagement Zone".
##[https://tuftsdev.github.io/DefenseAgainstTheDarkArts/notes/4858-1066-strike.pdf A short 2004 article (PDF) from Jennifer Granick on "strike back"] which shows just how far we have not come in addressing this in any meaningful way.
477

edits

Navigation menu