Comment Re:Counter-argument (Score 1) 128
Having reread your BH presentation, and read the white paper (which I, frankly, somehow didn't find at the time) I have to say: you're right and I'm wrong! I do have a caveat, but first: some public self-flagellation.
I honestly don't recall how I could have missed the final few slides of your presentation, where you indeed answer the questions that I posed in my SF article, i.e. you set limits on what should be done. I have to say that my paper was way too harsh considering that fact.
If it seemed like I was suggesting that your idea was to create a self-propagating countermeasure, then I am sorry for that. I can see now how you might think that from my sloppy wording, but that was not my intent, and I was aware that you were not suggesting that.
I did read the Blackhat presentation, but I was unable to attend Blackhat because the company I worked for at the time couldn't pay the high fees.
As far as not having read the book yet, I did say that up front--the only reason I decided to comment before reading the book was because (a) your BH presentation was cited as inspiration for the book and (b) Slashdot posts have a limited life, and commenting much later would have been pretty much useless. Since I have now embarassed myself more than you, I am sure you'll forgive me for speaking hastily.
However, while your proposed method is indeed more "moral" than I suggested (amounting only to a host-specific network DoS rather than the more malicious options I listed), I think you still end up blurring the lines of acceptable behavior in a way that can be utilized by malicious parties. It makes it difficult to differentiate between those attacks which are authorized/acceptable and those which are not. Having a policy that _any_ unauthorized use is illegal is much simpler to enforce.
In any case, I did indeed overlook some essential points of your argument when writing the SF article, and I'm sorry for that. That was inexcusably sloppy of me.
I honestly don't recall how I could have missed the final few slides of your presentation, where you indeed answer the questions that I posed in my SF article, i.e. you set limits on what should be done. I have to say that my paper was way too harsh considering that fact.
If it seemed like I was suggesting that your idea was to create a self-propagating countermeasure, then I am sorry for that. I can see now how you might think that from my sloppy wording, but that was not my intent, and I was aware that you were not suggesting that.
I did read the Blackhat presentation, but I was unable to attend Blackhat because the company I worked for at the time couldn't pay the high fees.
As far as not having read the book yet, I did say that up front--the only reason I decided to comment before reading the book was because (a) your BH presentation was cited as inspiration for the book and (b) Slashdot posts have a limited life, and commenting much later would have been pretty much useless. Since I have now embarassed myself more than you, I am sure you'll forgive me for speaking hastily.
However, while your proposed method is indeed more "moral" than I suggested (amounting only to a host-specific network DoS rather than the more malicious options I listed), I think you still end up blurring the lines of acceptable behavior in a way that can be utilized by malicious parties. It makes it difficult to differentiate between those attacks which are authorized/acceptable and those which are not. Having a policy that _any_ unauthorized use is illegal is much simpler to enforce.
In any case, I did indeed overlook some essential points of your argument when writing the SF article, and I'm sorry for that. That was inexcusably sloppy of me.
