Slideshare.net (beta)

Home My Slidespace Upload Community Tags Widgets

Latest | Most Viewed | Most Embedded | Featured | Most Favorited | Most Downloaded | Slidecasts

 
Post: 
Myspace Hi5 Friendster Xanga LiveJournal Facebook Blogger Tagged Typepad Freewebs BlackPlanet gigya icons
Download file



All comments

Add a comment on Slide 1

If you have a SlideShare account, login to comment; else you can comment as a guest


Showing 1-50 of 0 (more)

Coding Is Maneuver

From jstogdill, 7 months ago

Presented at first annual USAF Cyber Symposium, November 2007

970 views  |  0 comments  |  0 favorites  |  13 downloads  |  2 embeds (Stats)
Share this slideshow
Download file
 

Tags

cyberwar

 
 

Groups/Events

Not added to any group/event

 
 

Privacy InfoNew!

This slideshow is Public

 
Embed in your blog
Embed (wordpress.com)
custom

Slideshow Statistics
Total Views: 970
on Slideshare: 938
from embeds: 32* * Views from embeds since 21 Aug, 07

Most viewed embeds:

Slideshow transcript

Slide 1: Coding is Maneuver And a few other very rapidly delivered thoughts and axioms on Cyber Warfare Jim Stogdill CTO, Gestalt jstogdill@gestalt-llc.com www.limnthis.com

Slide 2: 1. Coding is Maneuver It needs to turn when you push the stick

Slide 3: From a blog post that seemed to resonate

Slide 4: In Physical Domain You Have: Air + Physics + S.H. Physical Assets

Slide 5: But, in Cyber... • The Domain is Code • The “platforms” are code • And “the stick” inputs are often code You can’t make up for crappy code with supremely performing physical assets in a domain without any.

Slide 6: What kind of code? • Coding an exploit for a newly discovered vulnerability • Adding a new attack vector to an existing tool • Creating on-the-fly visualizations for newly discovered or suspected attack vectors • Defending an exploit (patching in real time) • Modifying an attack tool to mask it’s OS • ...

Slide 7: So, in the Cyber Domain, technological agility will matter even more, because there will be no compensating physical assets.

Slide 8: 2. Cyber SA is Different But it should be related to the geo-spatial battlespace

Slide 9: How do this...

Slide 10: this...

Slide 11: and this...

Slide 12: relate to this?

Slide 13: If you were the JFACC, wouldn’t you want to know?

Slide 15: For the public Internet, are you prepared to use things like Quova and Plazer (commercial / public) to find out where network devices are?

Slide 16: Are you building a “Cyber MIDB” that can cleanly integrate with the one with physical targets? (you’ll want your COI talking to the C2 COI)

Slide 17: 3. Culture Matters, you can’t do this on an island & it’s not your Internet

Slide 18: Would you hire this guy?

Slide 19: Do you have a problem with these?

Slide 20: Do you think callsigns should be: Goose Maverick Viper

Slide 21: Instead of: r0m1 & Sp3w

Slide 22: don’t let cultural “signals” get in the way

Slide 23: SOF has a very different culture for important reasons, maybe Cyber will evolve one too.

Slide 24: Get out in the world, participate in Communities of Practice

Slide 25: Attend stuff like this:

Slide 26: And this:

Slide 27: Subscribe to this:

Slide 28: And figure out how to get this guy engaged and believing in what you are doing and he’ll join your Civil Cyber Patrol

Slide 29: Otherwise, you are so gonna get

Slide 30: 4. You’ll Have to Use Open Source Or, Coding is Still Maneuver

Slide 31: To use this

Slide 32: And this

Slide 33: And, of course, this (You don’t want to have the only hackers on the planet whose attack can be identified coming from Solaris!)

Slide 34: Finally, all that other stuff could theoretically be bought, but...

Slide 35: Participate to get stuff you can’t otherwise get, to gather intelligence on what everyone else is doing, and make sure you can change your source code fast when you need to.

Slide 36: And, to wrap up, a few questions to ponder...

Slide 37: Does 8th AF heritage imply global strike on public public / sovereign networks?

Slide 38: If so, Are you learning by doing; playing Cowboy’s and Cossacks? If you aren’t bumping into them, you ain’t learning.

Slide 39: During Bosnian intervention redux flying missions out of Aviano... Do you know what you would do if Serb- sympathizing Russian hackers “Estonia’d” Italy? Would you be prepared to help your ally?

Slide 40: Are we thinking about cyber power the way they thought about air power?

Slide 41: With as many as a million machines in botnets, who owns them? Are some state owned? Can the exploits be exploited without having to build them?

Slide 42: If you had to guess, whose cyber force do you think has more American educated pHD’s in uniform? US Cyber Command or Chinese PLA?

Slide 43: Are you considering how to incorporate Social Engineering into your attack vectors?

Slide 44: And... Why not call it the EOC (effects operations center)? -and- Will there ever be a JFCCC?

Slide 45: Oh, just one more thought experiment... If this were Cyber’s1948 and we were standing up the USCF, how would we organize it to focus on all of the missions? TCF? SCF? CMC?

Slide 46: Thanks! Jim Stogdill jstogdill@gestalt-llc.com www.limnthis.com

© 2008 SlideShare Inc. All Rights Reserved.
Amisha-ss is serving you.