As a follow up to this thread
, I believe there is extremely strong evidence to suspect
the list of keywords released by the DHS in response to an FOIA request is fraudulent and not the real list. (For the newcommers, this is a supposed
list of words the DHS sniffs for on social networks and elsewhere to detect "threats".)
Look at the bottom section entitled "Cyber Security":
Anyone even remotely knowledgeable about networking, cyber security or computer science would immediately recognize this list as having been written
by someone who obviously knew nothing about cyber security at all, but simply googled around collecting enough terms that sound like they could be the
right terms to try to pass this off as a real list of keywords.
Some glaring errors include the use of "mysql injection" which refers to a specific brand of sql datbase, rather than the more general "sql
injection", incorrectly calling a DDOS attack a "dedicated denial of service attack" (it actually stands for distributed
denial of service
attack), the use of completely obsolete terms like "phreaking" which was a common theme in the 80's movie War Games but no longer has any relevance
to today's technology, and the word "conficker" which refers to an obsolete computer worm that came around a few years ago and has now been
eradicated. They even have the name of a magazine, 2600, on the word list.
There is no way, if the DHS actually employs real cyber security professionals, that they would sniff these terms as a way to detect threats. They
would be looking for names of specific tools like Nikto or Wiresharck, etc and/or would be searching for exploit terminology that is relevant to
threats to large industrial or corporate database platforms (MySQL NOT being one of them as that is mainly used for small personal web sites). They
fail to list a number of obvious types of exploits such as Xpath injection, LDAP injection, remote buffer overflow, all of which should be flagged for
before such dubious terms as "phreaking" and "mysql injection".
What clearly happened here is the DHS knew they had to release something
to respond to the FOIA request so they scribbled some terms onto a
list they thought they could pass off as the real thing, and the person writing the list was not computer literate in the slightest. They googled some
phrases like "hacking" or read a wikipedia article and collected a list of terms, not knowing what they mean, and added them to the list. Show this
to any security expert and they will say the exact same thing I promise you.