If we can today implement perfect security boundaries such that persistence is no longer of any value, then great, we should do that. But I don't believe that's the current reality, and until then, I'm a proponent of defense-in-depth of which non-persistence is a part.
I think I can come up with contrived scenarios to justify any mitigation, no matter how ridiculous. I think it makes sense to have realistic, non-contrived stories to justify these things, wouldn't you agree?
-
-
I didn't say the APT _only_ has proximal exploits, nor that they're _only_ interested in data that doesn't yet exist, nor that they _can't_ pivot. Maybe they don't want to burn a remote 0-day; maybe their _primary_ objective is specific future data on this device.
-
And yes, defenders and mitigation developers need to prioritize their defenses. My entire point is that non-persistence shouldn't be ignored as a defensive measure.
- 5 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.