A rule of thumb is that you have security by obscurity - Est's Blog

A rule of thumb is that you have security by obscurity

摘录一些

Jack Voth, Algenol’s information technology chief, stumbled on something odd: a telnet connection to its videoconference camera from an Internet Protocol address in China

Hacking attacks come from many countries, he says, but most are efforts to steal credit-card information. Chinese hackers, by contrast, tend to target trade secrets and unique technology.

Algenol executives did not know that Aliyun was the cloud computing part of Alibaba, and they never tried to make contact.

Alibaba said that two former Algenol employees had signed up for an Alibaba marketing e-mail. Once they left Algenol and the marketing e-mails bounced back, Alibaba said that its own security system checked on the accounts and that Algenol mistook those inquiries as attacks.

Voth, however, is not convinced. He disputed Alibaba’s explanation about the marketing e-mails to employees who left Algenol four years ago, and said that to mistake an Alibaba security response for an attack would mean that there was a flaw with the widely used firewall language called Snort, which is updated constantly.

He said that since Jan. 1, each of 539 IP addresses has attacked Algenol computers 5,000 times or more.

The largest numbers of hacking probes came from the United States, China, Taiwan and Russia, he added. The single IP address that has attacked Algenol the most is a German address; the top Chinese IP address attacking Algenol ranked 10th.

Voth said the fight to protect Algenol’s computer system would be a long one. “A rule of thumb is that you have security by obscurity,” Voth said. “We’d rather have a low profile. But clearly the bad guys have our addresses.”

尼玛这报道真心无敌了。几个想法:

  1. 地球上媒体都一个德行,真jb恶心。

  2. 商标和责任的对外宣传,国内还有非常,特别,很长的路要走。Aliyun对外云服务老外压根就不明白,也懒得联系。

  3. 外行做安全的特点就是:特别傻逼而且特别自信。

via

Comments