[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Project Chroma: A color code for the state ofcyber security

To: "Mike C" <mike.cartall@xxxxxxxxx>, "Full Disclosure" <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] Project Chroma: A color code for the state ofcyber security
From: "Tomas L. Byrnes" <tomb@xxxxxxxxxxx>
Date: Sun, 30 Nov 2008 09:28:15 -0800

The SANS Internet Storm Center has been doing this for ages.

It has the advantage of being data driven, using the DShield reports as
a primary sensor mechanism.

http://isc.sans.org/



>-----Original Message-----
>From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx
[mailto:full-disclosure-
>bounces@xxxxxxxxxxxxxxxxx] On Behalf Of Mike C
>Sent: Saturday, November 29, 2008 9:35 PM
>To: Full Disclosure
>Subject: [Full-disclosure] Project Chroma: A color code for the state
>ofcyber security
>
>Hi,
>
>It is time to take an example from Homeland Security and define codes
>of color for cyber-warfare threat levels. I propose the following:
>
>Green level: There is negligible threat to online security.
>Yellow level : There is a minimal level of threat, and this must be
>monitored and contained.
>Orange level: This level of threat indicates there are parties who are
>actively engaging in cyber-warfare. Caution is required when online.
>Red level: This level indicates a full blown cyber-war. It indicates
>very high probability of all communications being intercepted.
>
>While homeland security's implementation does not seem to have a real
>world merit, such a threat level would certainly be very useful in the
>online security realm. Please disseminate this announcement of the
>project Chroma levels for online security. The immediate mission of
>the project is to be picked up by the antivirus and security tools
>vendors, so as to add the color codes to their products and provide
>users with a tangible measure of their online security.
>
>Current status: Threat level Yellow.
>
>--
>MC
>Security Researcher
>Lead, Project Chroma.
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Project Chroma: A color code for the state ofcyber security
  - From: n3td3v
- Re: [Full-disclosure] Project Chroma: A color code for the state ofcyber security
  - From: Mike C

Prev by Date: Re: [Full-disclosure] Indian allegations alarm Pakistan
Next by Date: Re: [Full-disclosure] Project Chroma: A color code for the state ofcyber security
Previous by thread: Re: [Full-disclosure] Indian allegations alarm Pakistan
Next by thread: Re: [Full-disclosure] Project Chroma: A color code for the state ofcyber security
Index(es):
- Date
- Thread