Slashdot Mirror

← Back to Stories (view on slashdot.org)

Starting an International Cybersecurity Conversation

Posted by kdawson on from the let's-talk-you-go-first dept.

crimeandpunishment writes "Every government in the world is dealing with cybercrime, but they're all doing it on their own. In the context of 'cyberwar' saber-rattling on all sides, getting governments to share information is a challenge. But an international security conference this week in Dallas is aimed at doing just that — even if only on an informal basis."

5 of 51 comments (clear)

  1. Re:OpenBSD could eliminate "cybercrime". by YrWrstNtmr · · Score: 5, Insightful

    "Cybercrime" could be outright eliminated if OpenBSD was more widely used.

    You
    Are
    High

    yes, OpenBSD is more secure than windows/OSX.whatever. But a lot of 'cybercrime' happens as a result of userspace. Social engineering. Fraudulent emails. You will need to fix the users.

    Also, what do you do about the desktop? You can go on all you want about OpenOffice, etc, but a decade ago when Company X went with Office 97 or 2000...those alternatives did not exist. So now they have 10+ years of corporate crap and tribal knowledge built around the MS Office ecosystem, which cannot change quickly. No matter how much you want it to, it cannot/will not change easily.

    Technical problem? Ok, make [your fave distro] integrate as easily as Office/Exchange/Outlook/SharePoint. Not parts of it....all of it.

  2. I guess... who cares? by Moraelin · · Score: 4, Insightful

    All the talk about "cyberwar" is good and fine, but in the end it seems to me like it's already had a name: "security". In the end, there's very little difference between hardening a machine so chinese government blackhats don't get in, and hardening it so script kiddie asshats don't get in. Unlinke SF movies, there is no way to just type "retrieve password" on some terminal with big letters and get in a system that had no unpatched vulnerabilities to start with.

    In the end, a buffer overflow is a buffer overflow, and an XSS exploit is still an XSS exploit, and files accessible by guessing the URL are still files accessible by guessing the URL. And so on. If that exploit is, well, actually exploited by a Russian government blackhat it's "cyberwar", if the exact same exploit is used by an asshat kiddie, it's just being pwned.

    And it seems to me like security experts were already going to conferences and otherwise communicating with each other. Exactly what's the loss if they don't explicitly represent some government?

    --
    A polar bear is a cartesian bear after a coordinate transform.
  3. Re:Imaginary problem by TubeSteak · · Score: 4, Informative

    You didn't RTFA did you.

    Underscoring the threats: recent attacks on Google Inc. that caused the Internet search leader to move its search engine out of mainland China, and the revelation last year that spies hacked into the U.S. electric grid and left behind computer programs that would let them disrupt service.

    There's one concrete example of cyberwarfare.
    I'm not even going to bother with the rest of your post.
    There's just too much ignorance and "it hasn't happened yet, so it won't" thinking.

    --
    [Fuck Beta]
    o0t!
  4. PEBKC by Agarax · · Score: 4, Insightful

    The problem exists between keyboard and chair.

    An OS is only as secure as the person who uses it.

    Anything else is fanboyism.

    --
    Remember folks, slashdot doesn't have a -1 "disagree" moderation!
  5. Fake Conference? by An+anonymous+Frank · · Score: 4, Funny

    This just totally feels like those fake conferences that were posted about recently, where people would book hotel/voucher packages online only to find out the conference itself did not even exist!

    Wouldn't that be sweet irony?