Search Mailing List Archives
[liberationtech] In his own words: Confessions of a cyber warrior
mk at dee.su
Wed Jul 10 15:46:15 PDT 2013
On Wed, Jul 10, 2013 at 4:43 PM, Jacob Appelbaum <jacob at appelbaum.net> wrote:
> I couldn't disagree more. This sounds consistent with the current arms
> race and also relates directly to the 0day markets that have been active
> for many many years. Remember though: buying 0day bugs or exploits for
> 0day is just one part of a much larger picture.
The interview is either a hoax or an exaggerated “hunting story”, for
two primary reasons: number of employees, and number of exploits.
Militiaries have a huge problem recruiting cyber ops specialists at
present, and most of the recruited are not even remotely good. At the
moment, the whole of USA has just 4 colleges certified by NSA to teach
offensive security (CAE-CO) . USCYBERCOM has “close to 750
employees” . For the level of skill described, all of US military
might have, I don't know, 50 senior specialists? Why would this guy
work via a staffing company, in a team of 5000, in an unmarked
building? What's there to protect by obscuring their work? They need
to reside inside some TEMPEST-resistant installation at a military
base, especially if they work with classified equipment, etc. The
number of 0-days and rate of their production don't make sense either.
Unless 0-days are purchased exclusively in order to deny them to the
enemy (which doesn't seem to be the case), the exploits wouldn't cost
hundreds of thousands of USD each.
Liberté Linux: http://dee.su/liberte
More information about the liberationtech