tag:blogger.com,1999:blog-4088979.post1105941032887344290..comments2023-10-16T06:06:25.012-04:00Comments on TaoSecurity Blog: APT Drives Up Bomber CostRichard Bejtlichhttp://www.blogger.com/profile/13512184196416665417noreply@blogger.comBlogger6125tag:blogger.com,1999:blog-4088979.post-79726812137374230712011-04-20T12:16:36.950-04:002011-04-20T12:16:36.950-04:00"it demonstrates a real-world cost due to ong..."it demonstrates a real-world cost due to ongoing computer intrusions perpetrated by the APT."<br /><br />Read "Skunk Works" by Ben Rich. This same procedure, now called SAP, was in play in the 50s and 60s during development of the SR-71 and the original stealth fighter. Rich talks about how insanely inefficient it was. Get up for coffee or to hit the head? Everything on your desk needs to be cleared and locked up.<br /><br />There was no Chinese APT at the time, biggest threat was Russian satellites. It still rendered designers encumbered by too many Ps and Qs. I'd venture 20% is conservative.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-23037715359689838552011-04-20T10:43:39.172-04:002011-04-20T10:43:39.172-04:00thats cheap compared to the Irish bank bailout we ...thats cheap compared to the Irish bank bailout we have here :-pAnonymoushttps://www.blogger.com/profile/12032209464134345359noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-44961866851901784282011-04-20T09:13:02.073-04:002011-04-20T09:13:02.073-04:00SAP is just another security clearance level, simi...SAP is just another security clearance level, similar to TS/SCI. There's a cost for any level of security clearance. This isn't big news, and it has little if anything to do with computer/information security by itself. Just as getting a TS/SCI clearance has little if anything to do with computer/information security. It's about ensuring the people staffing the project are trustworthy and not subject to compromise, blackmail, etc.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-76971844050026631152011-04-20T07:56:26.693-04:002011-04-20T07:56:26.693-04:00First the $8B is based as if each of the 100 cost ...First the $8B is based as if each of the 100 cost the same. After the first the base security would already be in place and would incur little if any additional cost. <br />Second most of the cost is likely NOT related to computer intrusions. Security costs would involve physical security, clearances, access controls, etc, etc.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-60764158568336554682011-04-13T21:02:18.720-04:002011-04-13T21:02:18.720-04:00"it demonstrates a real-world cost due to ong..."it demonstrates a real-world cost due to ongoing computer intrusions perpetrated by the APT."<br /><br />SAP status would be applied based on the damage caused if the program is compromised. The risk of computer intrusion is probably in the minority of the reasoning here.Mitchellhttp://www.cisspzone.com/noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-9158710660841424442011-04-12T12:52:42.000-04:002011-04-12T12:52:42.000-04:00"The cost of one modern bomber is this...&quo..."The cost of one modern bomber is this...".<br /><br />It gives me the creeps, how smart and how much ahead Theo was.Anonymousnoreply@blogger.com