Velocity Reviews

Velocity Reviews (http://www.velocityreviews.com/forums/index.php)
-   Computer Security (http://www.velocityreviews.com/forums/f38-computer-security.html)
-   -   attractiveness of targets (http://www.velocityreviews.com/forums/t307342-attractiveness-of-targets.html)

academic_investigation@yahoo.com 12-07-2005 05:38 PM

attractiveness of targets
 
Hi. We are from a research university in the US and are conducting
research on computer system security breaches. We are following up on
a previous post and would appreciate your thoughts. (Thanks to those
who replied to the previous similar post.)

Our main question is what exactly makes one organization more
attractive than another when an attacker is selecting "victims"? There
may be many different motivations for an attack and we are interested
in
understanding the various dimensions that make an organization
attractive. We would appreciate any thoughts any of you have about
this. Feel free to reply to the newsgroup or to my email directly at
academic_investigation@yahoo.com.

Morris


Unruh 12-07-2005 07:20 PM

Re: attractiveness of targets
 
academic_investigation@yahoo.com writes:

>Hi. We are from a research university in the US and are conducting
>research on computer system security breaches. We are following up on
>a previous post and would appreciate your thoughts. (Thanks to those
>who replied to the previous similar post.)


Which university? Which department? Have you passed this research by your
committee evaluating Research on Human Subjects?

Ie, I do not believe you.


>Our main question is what exactly makes one organization more
>attractive than another when an attacker is selecting "victims"? There
>may be many different motivations for an attack and we are interested
>in
>understanding the various dimensions that make an organization
>attractive. We would appreciate any thoughts any of you have about
>this. Feel free to reply to the newsgroup or to my email directly at
>academic_investigation@yahoo.com.



Why would you want a bunch of people's arrant guesses? Make up your own
guesses.


Jim Watt 12-08-2005 12:02 AM

Re: attractiveness of targets
 
On 7 Dec 2005 19:20:33 GMT, Unruh <unruh-spam@physics.ubc.ca> wrote:

>academic_investigation@yahoo.com writes:
>
>>Hi. We are from a research university in the US and are conducting
>>research on computer system security breaches. We are following up on
>>a previous post and would appreciate your thoughts. (Thanks to those
>>who replied to the previous similar post.)

>
>Which university? Which department? Have you passed this research by your
>committee evaluating Research on Human Subjects?
>
>Ie, I do not believe you.


you really are a cynical person, there again so am I and it did sound
bullshit and nobody genuine would use an email like that ...


--
Jim Watt
http://www.gibnet.com

theonesteve 12-08-2005 12:04 AM

Re: attractiveness of targets
 
Unless...instead of guesses, this guy is harvesting email addresses for
spam usage...


Winged 12-08-2005 01:16 AM

Re: attractiveness of targets
 
academic_investigation@yahoo.com wrote:
> Hi. We are from a research university in the US and are conducting
> research on computer system security breaches. We are following up on
> a previous post and would appreciate your thoughts. (Thanks to those
> who replied to the previous similar post.)
>
> Our main question is what exactly makes one organization more
> attractive than another when an attacker is selecting "victims"? There
> may be many different motivations for an attack and we are interested
> in
> understanding the various dimensions that make an organization
> attractive. We would appreciate any thoughts any of you have about
> this. Feel free to reply to the newsgroup or to my email directly at
> academic_investigation@yahoo.com.
>
> Morris
>


Morris,

Easy,

The organization that doesn't patch regularly, has minimal security, no
monitoring, and no control over user activities. Why? Because they are
easy. Those who are alert and actively protecting their systems are hard...

Winged

David H. Lipman 12-08-2005 01:40 AM

Re: attractiveness of targets
 
From: "Winged" <Winged@nofollow.com>

| Morris,
|
| Easy,
|
| The organization that doesn't patch regularly, has minimal security, no
| monitoring, and no control over user activities. Why? Because they are
| easy. Those who are alert and actively protecting their systems are hard...
|
| Winged

Why do crooks steal from banks ?

That's where the money is at.

With some, obstacles will attempted to be overcome even if it is hard because the target has
the prize the hacker seeks.


--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Donnie 12-08-2005 02:47 AM

Re: attractiveness of targets
 


> you really are a cynical person, there again so am I and it did sound
> bullshit and nobody genuine would use an email like that ...


> Jim Watt
> http://www.gibnet.com

##################################
If you think their email is strange, what about their dialup connection?
donnie



theonesteve 12-08-2005 04:17 PM

Re: attractiveness of targets
 
I could see a university's research department having a dialup-only
connection for some jerk who's announced he wants to research how
hackers choose their targets. However, that email address is way too
phishy. If it truly were a research project at a US university, the
person would have an email account on that university's server (ending
in .edu, if nothing else). The wording of the message is a tip-off,
too...Americans don't usually identify themselves as US citizens unless
asked to...we assume that everyone knows we're in the US :) Not only
that, but who cares if the researcher is at an American university or
at a school in another country? The research ends up being about the
same.


Unruh 12-08-2005 04:39 PM

Re: attractiveness of targets
 
"theonesteve" <theonesteve@gmail.com> writes:

>I could see a university's research department having a dialup-only
>connection for some jerk who's announced he wants to research how
>hackers choose their targets. However, that email address is way too
>phishy. If it truly were a research project at a US university, the
>person would have an email account on that university's server (ending
>in .edu, if nothing else). The wording of the message is a tip-off,
>too...Americans don't usually identify themselves as US citizens unless
>asked to...we assume that everyone knows we're in the US :) Not only
>that, but who cares if the researcher is at an American university or
>at a school in another country? The research ends up being about the
>same.


And anyone working at a university on a survey like this must pass the
surevey by their committee on research on human subjects, and the report of
that committee on the experiment must be made available to those human
subjects-- and participants in a survey are human subjects.



Winged 12-09-2005 03:25 AM

Re: attractiveness of targets
 
David H. Lipman wrote:
> From: "Winged" <Winged@nofollow.com>
>
> | Morris,
> |
> | Easy,
> |
> | The organization that doesn't patch regularly, has minimal security, no
> | monitoring, and no control over user activities. Why? Because they are
> | easy. Those who are alert and actively protecting their systems are hard...
> |
> | Winged
>
> Why do crooks steal from banks ?
>
> That's where the money is at.
>
> With some, obstacles will attempted to be overcome even if it is hard because the target has
> the prize the hacker seeks.
>
>

Good Point! One I remembered I missed after I posted.

Winged


All times are GMT. The time now is 08:43 PM.

Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.