The book argues that computer security has evolved from a technical discipline to a strategic
concept. The world’s growing dependence on a powerful but vulnerable Internet – combined
with the disruptive capabilities of cyber attackers – now threatens national and international

Strategic challenges require strategic solutions. The author examines four nation-state approaches to cyber attack mitigation:
•  Internet Protocol version 6 (IPv6)
•  Sun Tzu’s Art of War
•  Cyber attack deterrence
•  Cyber arms control

The four threat mitigation strategies fall into several categories. IPv6 is a technical solution.
Art of War is military. The third and fourth strategies are hybrid: deterrence is a mix of military and political considerations; arms control is a political/technical approach.

The Decision Making Trial and Evaluation Laboratory (DEMATEL) is used to place the key
research concepts into an influence matrix. DEMATEL analysis demonstrates that IPv6 is
currently the most likely of the four examined strategies to improve a nation’s cyber defence

There are two primary reasons why IPv6 scores well in this research. First, as a technology,
IPv6 is more resistant to outside influence than the other proposed strategies, particularly
deterrence and arms control, which should make it a more reliable investment. Second, IPv6
addresses the most significant advantage of cyber attackers today – anonymity.

Download the book as a PDF or as an ePUB.

About the Author
Kenneth Geers, PhD, CISSP, Naval Criminal Investigative Service (NCIS), is a Scientist and the
U.S. Representative to the NATO CCD COE in Tallinn, Estonia.

PDF=Problematic Document Format

Posted March 31st, 2010. Filed under Security Stuff

This is a special PDF hack: I managed to make a PoC PDF to execute an embedded executable without exploiting any vulnerability!

I use a launch action triggered by the opening of my PoC PDF. With Adobe Reader, the user gets a warning asking for approval to launch the action, but I can (partially) control the message displayed by the dialog. Foxit Reader displays no warning at all, the action gets executed without user interaction.

Din ce in ce mai multe stiri despre PDF si problemele lui , din ce in ce mai multi se intrec in a gasi ceva nou.
Cam asa arata un post de a lui Didier Stevens .Gasiti pe blog-ul lui video + more info
Link : http://blog.didierstevens.com/2010/03/29/escape-from-pdf/

Powered by HaxTor | CopyWrong © 2011