Tuesday, August 02, 2005

Evolutionary security?

Posted to Techdirt:

What if they developed security software that was programmed to increased its security and complexity with every attempt to break into it? What if Cisco had did this and that they could go throught the Streisand effect and actually end up with a more formidable product intentionally? Maybe with every break-in, the code would change and build upon itself from the last attempt? This almost sounds as if it should exist already...

Sounds neat, but goes against how exploits are developed.

Let's say that I want to take over Cisco 7200 class transit routers, one of the most common peers in the current BGP cloud. Do I start launching random attacks against live Internet routers at randomly selected universities?


What I do is go out on eBay and dovebid and pick up a a few variants of the Cisco router I'm targeting, plug them into my 100% isolated from the Internet test lab, and start my cheap imported Russian hackers pounding away at them.

So after a few weeks I have a tried and true exploit, without overtly committing any crime, and without giving Cisco or any researcher with a sniffer on the backbone any sign of what I am developing.

The term "0day" is generally used to refer to such an exploit only when it has been developed to fruition without even the underlying vulnerability being exploited having been revealed to the vendor nor the public.