Right, it sounds like we agree on that. How about this - don't you think we can do better than randomly interrupting persistent attacks, if we're choosing security boundaries to get supported?
Right, so because this happens to "many" people, do you have a citation? An APT that only has proximal exploits, is only interested in data that doesn't exist yet, and won't exist for at least a month, and a good reason why they cannot simply pivot to something else.
-
-
I think I can come up with contrived scenarios to justify any mitigation, no matter how ridiculous. I think it makes sense to have realistic, non-contrived stories to justify these things, wouldn't you agree?
-
I didn't say the APT _only_ has proximal exploits, nor that they're _only_ interested in data that doesn't yet exist, nor that they _can't_ pivot. Maybe they don't want to burn a remote 0-day; maybe their _primary_ objective is specific future data on this device.
- 6 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.