Next Bad Thing(tm) to be announced at CCC
Last Updated: 2008-12-29 23:10:12 UTC
by Toby Kohlenberg (Version: 1)
There's currently a lot of discussion on a couple different forums about Alex Sotirov's and Jake Appelbaum's talk scheduled for Tuesday at the CCC. While their description (http://events.ccc.de/congress/2008/Fahrplan/events/3023.en.html) leaves something to be desired, you can find additional discussion on the BreakingPoint Systems' blog: http://www.breakingpointsystems.com/community/blog/Attacking-Critical-Internet-Infrastructure
A quote from HD's blog entry:
"First things first; the reason for secrecy. Their research combined a known weakness in one area with a massive resource investment in another to show that a third party was vulnerable to a practical attack that affects the security of all Internet users. Security researchers often release code and technical documentation to demonstrate a flaw, but in this case, they went a step further and used the attack in the real world to obtain proof that it works. This process required interaction with a third party that will likely do whatever they can to save face once the details become public."
There is a lot of speculation but I'm inclined to just say we're all looking forward to hearing the details and when we have more verified information we'll post it and let y'all know.