Death of antivirus software imminent

Allen netsecurity at sound-by-design.com
Fri Jan 18 13:52:44 EST 2008 


Alex Alten wrote:

[snip]

> These are trite responses.  Of course not.  My point is
> that if the criminals are lazy enough to use a standard
> security protocol then they can't expect us not to put
> something in place to decrypt that traffic at will if necessary.

[snip]

> Look, the criminals have to design their security system with
> severe disadvantages; they don't own the machines they
> attack/take over so they can't control its software/hardware
> contents easily, they can't screw around too much with the IP
> protocol headers or they lose communications with them, and
> they don't have physical access to the slave/owned machines.
> 
> And, last I heard, they must obey Kerckhoff's law, despite
> using prayers to Allah for key exchanges.
> 
> Given all this, I'm not saying its easy to do, but it should be
> quite possible to crack open some or all of their encrypted
> comms and/or trace back to the original source attack
> machines.

However, we do know that "criminals" are not always lazy. The 
trite comment often said is that if they used the same level of 
effort in a legal enterprise they would have done quite well.

The other proof that they are not lazy is looking at the 
evolution of the sophistication of malware like Storm and 
Nugache. It takes some serious effort to overcome the real 
handicaps that you point out as well as the ratio of the power 
and numbers that are hunting to put them out of business to their 
own numbers.

In many ways it is similar to a guerrilla war where many of the 
advantages are actually held by the tiny band of insurgents, who, 
greatly outnumbered and out-gunned, can in fact change history. 
The Swiss know this and train their military based on this.

Do not be surprised if the dissidents of all stripes use 
improvisation based on malware and other tools like onion routing 
to further their causes and evade suppression.

BTW, while I do not think all dissidents are righteous or 
fighting for righteous causes this does negate the general idea. 
A hammer is a hammer. Good or evil is independent of the tools, 
it depends on what one is pounding, nails or heads.

Best,

Allen

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list