Thursday, April 03, 2008

The Real "Security 2.0"?

Yes! YES! Y-E-S! You guessed right - a blogging frenzy; I am baaack from my vacation/speaking in first cold then warm places and I have a "backblog" of fun items.

First is "Why Hacking Changed" from The Hacker Webzine. Please read it; and see thru all the drama.

Some quotes:

"Old school hacking is dead, network hacking is dead, firewalls are useless and AV software is a mere redundant software package that underlines your frustration and ignorance about contemporary hacking."

"If you can define hacking today, it no longer means telnetting into servers or blowing whistles, but exploiting the application layer. With the application layer, I also mean the scripting language beneath it, since it interacts with the applications that it's running and share memory, and thereby the hardware it's running on."

and

"We can even prove that we can own your network with only seven characters typed into your query string: 1' OR 1=1 is far more dangerous than any shellcode I've ever seen in my life."

"What works today works also tomorrow. And what will work in two or 5 years from now is software and application hacking."

Dr Anton Chuvakin