Slashdot Mirror
Cyber-Attacks?
Galahad2 writes "The Washington Post has a lengthy article about the Bush administration's fears of an Al Qaeda cyber attack on the nation's infrastructure. Though we have all seen this sort of attack as a possiblity for a long time, I'm having a hard time believing that Al Qaeda is capable of anything along these lines." You're not the only one. The article does cite an example of the only known infrastructure attack, a case in Australia where a consultant used his inside knowledge of a local sewage treatment system to dump raw sewage, hoping for a contract to solve the problem he created.
I thought that was a cyber attack during that war. Examples of terrorism would be numerous.
raw sewage being dumped by a hax0r sounds like home except it's most-hated corp. #2 next to mssoft....ibp/tyson foods.
Tienes #1 baby!
Of course, once all computer systems are run on Microsoft's forthcoming Palladium system then such attacks will be completely impossible. Obviously the correct response to this potential threat is to outlaw any OS that does not have Palladium security.
If a similar law were passed here then would that make it illegal to attack an enemy's computerized systems as well? Say if the CIA tried to cripple an Al-Qaeda sympathizer's system. Further would that make it illegal for an RIAA-style attempt to perform DoS attacks on services or sites offering music that the RIAA insists are protected?
So that's why I've been getting these .ag spams...
I have been pwned because my
I'm having a hard time believing that Al Qaeda is capable of anything along these lines.
I had a hard time believing the events on September 11th even whilst they were happening!
They have to resort to flying planes into buildings as weapons, and you expect them to be able to what? Use a computer?
http://www.angryburrito.com/ The best, completely unfinished software review site ever.
Those are from Antigua.
With an araboc version of Mozilla.
Religious fundamentalist group which believes knowledge of technology comes from the devil, launches cyber attack.
Prior to September 11th, 2001, it was inconceivable that anyone would be capable of using airplanes as guided missiles and then fly them into buildings. Look where we are now.
You're only as smart as your brain.
hoping for a contract to solve the problem he created.
Isn't this exactly what happened with y2k ? Consultants talked up a problem in the hope of being paid to "fix" it.
It's not so unique
Excellent!
laughing my beard off
Flak 1: "Hey, we're really getting pasted over the fact that we "knew about" 9-11 and didn't warn anyone." ... oh you'll think of something! Ted, start posting stories on Slashdot; those hackers suck up every meme that's going..."
Solemn pause as the room thinks. Scratching of heads, etc.
Flak 2: "I know, let's warn everyone about every possible type of attack, so that if and when the next one occurs we can say..."
Flak 1: "... I told you so?! That's brilliant! Bob, call your guy at the Post and see if you can sell that cyber attack story. Frank, get the Times on the phone, tell them
Scene of chaos as flunkies run in every direction to Flak 1's barked commands.
Something like that, right?
I don't know whether to be more concerned about a potential cyber attack or the fact that the Assistant Secretary of Defense refers to critical infrastructure as "some sophisticated, tricky cyber thing."
Allowing anyone access to this is just asking for trouble. I really don't think it would be hard to keep machines that store sensitive material like this off the internet.
Have you been stalked by Seth today?
A genuine crapflood!
Head is not spelled with a B.
Flak 1: Make sure you clear all this with the Vatican first!
Why are any of the computers controlling national infrastructure on the Internet or available via modem? Anything that important should be completely cut off from the outside world.
Give a man a fire, and he'll be warm for a day, but set him on fire, and he'll be warm for the rest of his life.
What exactly is The Department? Is it a top-secret red-phone bearing governmental entity?
So might this be an all-out DoS attack looking to shut down the spread of the fruits of the decadent, imperialist American culture? Would they try to clog the networks so that people can't share any type of creative endeavour that represents the freedom that all Americans enjoy? Oh wait. That would be these people. My bad. Move along. Nothing to see here. I get those groups trying to subvert freedom at all costs in pursuit of their twisted ideology confused sometimes. (NB: I am not condoning piracy. But you shouldn't let companies engage in the kinds of activities that terrorits might do. :P) Also, is there a new version of Godwin's law relating to calling someone a terrorist?
Best. Comment. Ever. Enjoy!
What kind of fscking imbecile allows critical infrastructure control systems to be connected to the Internet?
This is a complete non-issue. There are no critical systems connected to the Internet. (Any that are need to have their plugs yanked and their admins fired, even if we weren't in the middle of an undeclared war.) This smells to me like a red herring for the Administration to grant itself more sweeping powers of warrantless surveillance and intrusion.
I wonder what Austria's immigration policies are like?
Schwab
Editor, A1-AAA AmeriCaptions
Shaun
Thanks to the War on Drugs, it's easier to buy meth than it is to buy cold medicine!
[eom]
Why do I get the feeling that someone is using this as an opportunity to enforce only a limited set of browsers to access gov't (or any IIS based) web sites? Just a conspiracy^H^H^H^H^H^H^H^H^H^Hthought.
terrorists are at the threshold of using the Internet as a direct instrument of bloodshed.
It's amazing how stupid the media assumes their viewers/readers are. How can the Internet be possibly (read: realisticaly) used as an instrument of bloodshed?
Unbelievable...
There are 10 kinds of people; those who know ternary, those who don't, and those now hunting for a dictionary.
under the title "All your Turds ARE Belong to Us"! I thought slashdot was supposed to reward senstationalism! And that was months ago, unless my sense of time is off.
I'm having a hard time believing that Al Qaeda is capable of anything along these lines.
The poster seems to think that Terrorst == Stupid. Unfortunately this is not so, if all terrorists were stupid they would be easier to catch
Al Quaeda certainly have the possibilities to learn the skills nessesary, if they haven't already. If what I hear is correct then pulling of a DoS attack wouldn't be that hard. How much skill would it take to take control of a few thousand computers with modems, and set them up with a program to repeteadly call 911?
This threat should be taken seriously, but how much should we allow it to change our lives?
The best thing to do would be for the USA to change it's foreign policy to one that doesn't create as many enemies.
- We are the slashdot. Resistance is futile. Prepare to be moderated -
I have to type softly, so he won't hear me...a swarthy bearded man wearing a turban broke into my bedroom and threatened me with a boxcutter if I didn't use my computer to launch a DOS attack against the Pentagon, in the name of Allah...I don't know what he'll do if he finds out I don't have an Internet connection...
It's supposed to be completely automatic, but actually you have to press this button.
'Using the Internet as a direct instrument of bloodshed.' What? Playing Quake?
Why do they do that? Certainly not to improve our life expectancy or security. If we wanted to do that, spending $280 billion on public health and education would save a lot more lives than a missile defense system even in the unlikely event that we were attacked and that the system worked. If we are worried about attacks on our financial system, stopping crooks like Enron and WorldCom executives would be a whole lot less trouble and costly, not to mention less threatening to our civil liberties; Osama sending a Microsoft Word virus out of his cave pales in comparison to what a single felonious US executive can achieve.
No, people create fear in order to gain power. That's true for Afghan terrorists as much as for the US government and the media. Creating fear gives people power and it allows politicians to move billions of dollars to their favorite campaign contributors.
Folks, life is dangerous: live with it. And learn to evaluate risks and spend dollars wisely on prevention. Nearly 50000 people die each year in the US in traffic accidents, more Americans than in the entire Vietnam War. Cars cause even more deaths each year from pollution. Smoking causes 440000 premature deaths each year. Obesity causes about 280000 premature deaths each year. (Data comes mostly from JAMA.) Those are all easily preventable, with better education, reduced stress, and a better transportation infrastructure. Instead, however, we get worked up about obscure threats and spend enormous amounts of money on anti-terrorist measures and military hardware that will almost certainly not protect us anyway.
In the literal meaning of "terrorist"--people who create terror for power--governments and the media are way ahead of any third rate coward in some cave halfway around the world. Hold the people who spread fear accountable the next time you go to the ballot box.
Israeli hackers haved atttacked PLO sites for a while.
Osama Bin Laden must be keeping a few dozen secretaries employed copying down all these brilliant attack ideas the FBI/CIA/etc keep coming up with and telling everyone about. Just look for recruitment firms in Pakistan that have placed a lot of secretaries lately and you've got him.
And the WP journalist responsible for this trash ought to be horsewhipped. As if we need more hysteria about the internet right now.
Anyone who thinks a few religious fanatics hiding in caves somewhere can take the internet down has another think coming. Or, to paraphrase Emperor Palpatine, "The infrastructure is quite safe from your pitiful little band."
-Kasreyn
Kasreyn: Cheerfully playing the part of Devil's Advocate to hairtrigger
I showed him how to sign up for AOL. He's harmless now...
It's supposed to be completely automatic, but actually you have to press this button.
"Palladium"=Drug infested Manhattan raver club in the early 90's. It was shut down by Uncle Sam along with Limelite and Tunnel.
Now I feel really old, a new MS OS makes me remember obscure places I was 10 years ago.
Newsflash from Airstrip One:
ALERT:
The cyber experts at Airstrip One have intercepted plans for an attack against the cyber-infrastructure of the Homeland.
Aren't all mission critical infrastructure stuff like defense, air traffic, power, etc. supposed to have "air-gaps"? Ie, they are physically separate and completely inaccessible from the Internet and other public nets. I thought it was standard security practice, or am I wrong.
It's hard to believe that anyone would put something important accessible online, but then you never know... are people really that dumb???!
There's 10 types of people in this world, those who understand binary and those who don't.
"We found a laptop that has visited a site of an Incorporated Company!"
"Oooooh, scary!"
Heck, even Amazon.fr is a SA, and they also sell books...
Arthur Anderson is a front company for Al Qaeda ? You could say that they sure aided in a major attack on the Internet Infrastructure in the last few days, aided by some inside knowledge.
There's an attack noone ever expected! Terrorists trade in their weapons and become Accountants! No more AK-47, instead it's Form A-74K!
and the destruction of the morally bankrupt, corrupt western civilization, we sure are giving Al Qeda and the Q'Ran-and-ravers kudos for a lot more hightech savvy than they need to infect themselves with to accomplish their goals.
Have you read about how Islam is treating anybody with enough education to frame a question to ask the immams? After they've shot them?
Have you read the clap-trap that their schools, in those countries where they still pretend to have some, are spewing in an effort to reconcile the Western scientific viewpoint, based on letting things describe themselves so that we can understand them, and Islam's mystical religious authoritarian fervor, which is based on Allah this, Allah that and nothing happens without the will of Allah and the Q'Ran is the only book you need and the immams will guide you in its interpretation so you don't need to know how to read. (Very Catholic of them. Watch your sons around that bunch of androsterone loving creeps.)
Given the patterns shown to date and the historic emnity betwen the Q'Ran-and-ravers and our transportation infrastructure, (you don't need to leave your village and the influence of your immam,) we'd probably do better to watch who the country's transportation workers are.
What do they do to spread terror and interfers with our lives? Mall bombers are a very ineffective way to spread terror. They have noticed that our conveyances offer the opportunity to murder and do a lot of harm to many people in a tight space. Now they set bombs off next to busses, hijack planes, crash them into buildings.
River bridges and tunnels are far more vulnerable than airports right now. Truckers and their rigs are the vulnerable underbelly of America.
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
Most of the critical infrastructure stuff is air-gapped from the Net (that is, they are completely separate from it, and not connected, not even indirectly), and rightfully so. So any job would have to be an inside job by a sleeper agent or something.
But it might be easier for terrorists to take out something (physically) like the root DNS servers, or a major point like MAE East/West -- it may not cause the apocalypse, but that will still screw things up majorly for the world... the Internet does have lots of single points of failure, believe it or not.
There's 10 types of people in this world, those who understand binary and those who don't.
I don't believe Osama's buddies would attempt something like this. Somebody else, maybe, but not Al Quaeda. They're much more interested in the 'honor' and the 'glory' of making big, bloody direct attacks. Look at their history of attacks: WTC, Khobar Towers, USS Cole, WTC again, Kenya embassy,... All aimed at directly attacking symbols of US hegemony, with big booms and many dead. Computers is just not like them.
Anthrax, maybe.
superblog.org: all your favourite blogs on o
case in Australia where a consultant used his inside knowledge of a local sewage treatment system to dump raw sewage, hoping for a contract to solve the problem he created.
I believe the name of the contractor in this case was John W Howard. The name of the company was the Federal Commonwealth of Australia. The incident was the 2001 Federal Election. And no, the sewage still hasn't been cleaned up...we're still waiting
I thought that the Internet was banned in Afghanistan... ;-)
The devices are called distributed control systems, or DCS, and supervisory control and data acquisition, or SCADA, systems. The simplest ones collect measurements, throw railway switches, close circuit-breakers or adjust valves in the pipes that carry water, oil and gas. More complicated versions sift incoming data, govern multiple devices and cover a broader area.
What is new and dangerous is that most of these devices are now being connected to the Internet
If this is the case, I suspect we have more to fear from the stupid people who designed such systems than the terrorists themselves. Throw railway switches from the internet? Give me a break! Authors of the article and their "experts", getting a little carried away, maybe?
There have been cyber attacks going on for years. How else can you explain AOL?
Or maybe it was a camel joke. I dunno, it's too damn early.
This is not the sig you're looking for.
What do they think a terrorist organisation could do, that groups of script kiddies with a few botnets couldn't do? Have they really got any idea what sort of DDoS stuff happens every day of the week out there in IP land?
"None are more hopelessly enslaved than those who falsely believe they are free." -- Goethe
I'm having a hard time believing that Al Qaeda is capable of anything along these lines.
So they have towels on their heads, hide in caves and currently live somewhere between Afghanistan and Pakistan - so this makes them stupid, right?
Whatever. Have you forgotten that these people managed to simultaneously hijack FOUR aircraft, in a country with absurdly tight border restrictions, keep the whole thing quiet from an increasingly Orwellian state, run the whole gig on a budget of eighty dollars and five camels AND get away with it? Hmm? Do I see Osama Bin Laden's head mounted on a plaque in the oval office? Quite.
Thing 2 - Sysadmin's are notoriously lazy, particularly Microsoft ones. Count the number of no brainer hacks we've had over the last, say, two years: Default passwords on SQL servers, unpatched IIS installations by their thousands... Not to mention the notoriously bad security record of the vendor itself.
Not that you need to actually attack anything, don't forget that the multi billion dollar Yahoo! empire was reduced to rubble by some kid in fuckwad Arizona calling himself "Mafiaboy". And he bragged about it on IRC, hardly the gold standard in attempting to get away with things.
Fucks' sake, A "cyber attack" is so thoroughly within the reach of Al Queda that the only reason I can suggest that they've not done it is that they've been busy regrouping after their previous hosts, the Taliban, had their arses royally kicked a few months back.
You think they're going to run forever? Grow up America. You're not as smart as you think you are, and you're very much a target. Have a nice day.
Dave
I write a blog now, you should be afraid.
Well... what was that again!!! ..
The mainstream press is a poor source for technology information. They have two modes, wondrement and fearmongering. They alternate between the two and rarely ever get even close to the truth.
Here's a hint: Sources that favor the prefix "cyber", tend to not know what they are talking about. People who do know, tend to shudder every time their eyes are molested by the foul word.
So, to wrap up: cyber = clueless.
Forbes Readers, I hope you enjoyed this informational piece.
Al Qaeda has hired script kiddies to bring down rain down computer destruction. I don't understand why the fuck things not designed to be hooked up to the internet are being hooked up to it.
I ask in all seriousness, why is a railway switch hooked up to the public internet? What good reason is there for eletronic valve controls for fresh or sewage water to be hooked up to the internet? Does a passing shit or dead goldfish need to check its e-mail? I can understand having some sort of network linking a bunch of sensors and whatnot, that makes sense. I do not understand however why that network needs to be on the internet or even publicly accessible. In some cases, like the guy in Australia, the method of intrusion was not the internet or a network of any sorts, just an unsecured method of entry. Having singular systems with unsecured entry point is understandable and pretty forgivable. Not everyone expects some jackass to try to scre with something. A network of systems with unsecured entry is ridiculous.
I remember reading a billion and a half philez back in the day on how to fuck with systems through Tymnet and other networks similar to it. I still don't see why the SCADA system controlling the Hoover damn needs a modem in it, if it does need that modem in it what is up with the lack of intense and thurough handshaking and password challenges?
The internet is an obvious target regardless for you bozos who question militant religious fanatics and their target aquisition. Why attack the WTC? It was a symbol, same with the White House or Pentagon. They're both symbols. The internet is another symbol of Western culture. Who is the internet big with? A hint: it is not a bunch of predominatly Muslim countries but the word does start with W and end with est. It would be yet another symbol to attack if you're in the mindset that the West is the source of all of your ills.
If you're worried about phone lines going down and needing network access get some geeky friend together, get yourselves Ham licenses and form yourself an emergency packet radio network. If you've got laptops and battery powered equipment you'll be fine even if your power goes from al Qaeda script kiddie attack. While it sounds sort of ufnny to some it is a good idea, hams in an area suffering from power outages or down phone systems can be a big help keeping the flow of information flowing. Nothing helps in an emergency situation like the right information getting to the right people at the right time.
I'm a loner Dottie, a Rebel.
What an utter BS. Is this what, another Y2k?
Ask Slashdot: How do you make money out of it?
I have personally felt like Washington has been warning the nation of [FILLINTHEBLANK] Attacks ever since 9/11. So far about the only thing I haven't seen is:
"Washington warned today of possible terrorist attacks against small puppies and possibly one of the two black gerbils at the new Debbie's Petland that opened in the Cape Cod Mall last week."
Haven't they heard of sensory overload?
Actually, programmers from the Indian sub-continent and China are some of the most adept in the world. It's not unlikely that Al Quaeda has access to some programmers/hackers that have been trained in the vicinity. To think that they are backward third-world guys with guns is naive and stupid, and thinking this way is playing their advantage.
The idea that critical systems of a power-plant of any kind would be on-line and accessible via the web or dial-up is so preposterous as to defy reason. The idea is surely suggested by ignorant kooks, and snatched up and carried into daylight by "journalists" who would rather see their name in a byline than verify the information in the stories they rush to press. In short, someone has seen one to many USA Channel Sunday Night Movies.
Having worked on nuclear plant monitoring systems software, I can tell you for a fact that the critical systems not only can not be tripped from off-site, but also can not be accessed from anything but specific, highly secure and redundant systems.
These systems have physical switches that often require two hands to operate. They are designed to prevent insider sabotage, so no wanker with a laptop, sitting in a cave or boardroom half a world a way can do anything. The only action that can be caused by any local anomaly is a controlled, safe shut-down. The only thing that a remote action will result in is a line-item in the logs, period. A plant shutdown may be costly and greatly inconvenient, but hardly lethal, and absolutely not catastrophic. The "terrorists" will have better luck flying a 747 into the Hoover Dam.
The notion that someone with access from outside could trip a plant or cause anything but the generation of a non-critical statistics report to be generated is lunacy. Yes, some aspects of some systems may be monitored from outside, but this is only for informational purposes only.
...scaremongering that equates "hacker" with "terrorist" helps to justify draconian laws regarding "cyberterrorism". It's a lot easier to justify a law using the worst case scenario (saying you want to be able to throw an al-Qaida member in jail for 20 years when he tries to hack into the LA power grid), even when you really want it mostly so that you can throw the book at minor cybervandals and script kiddies.
enough to understand the dangers of the connection and of the mode of connection?
Gimme a break? The bell curve shows that most of them will be mediocre. That's sad but statistically true.
But we've got some hope. Our infestation of script kiddies and the puerile juvenile delight our youth takes in engaging in high-tech sacred-cow-tipping.
Somebody somewhere is getting hammered at by the bazillion script kiddies and his/her systems are behaving like women of negotiable affection when the fleet's in town. But its not somewhere important. An individual firm may go under but it most probably wasn't important either.
The web of commerce is far broader, loser and more resilient than it is vulnerable.
But watch the transportation industries and highway system that are the filaments that hold it all together...
Remember the Golden Gate bridge and the disruption expense and systemic inefficiency caused by the Loma Prieta 'quake...
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
Al Quaeda and cybercrime...
...Sure...
...I guess that when Bush were to decide to personally hijack a missile from Pakistan an to suicide crash it on top of that same country (or any other member of the evil triangle), Al Quaeda would respond forcefully by taking down some of "those American government websites that civilization depens on".
"Yeah, that'll teach 'em", Osama would say!
The usual attack pattern goes:
- Enter the site on a "powered by freebsd" google search reference
- Cause an error ("GET
../.." or a "GET / HTTP/1.0" request) to get the web server name and version.
- If the version is a vulnerable version of Apache, an attack commenses with a different tool.
If everyone hasn't upgraded Apache to a safe version yet, I strongly suggest you do. It's not just a Microsoft hole any more.There is only one problem with an attack on the infrastructure, and it is not the actual attack.
Indeed there would be a days work lost, but any company that has a good tech department / disater recovery plan would be able to sort themselves out within a day, although the backlog of mail might take a little longer. This is not in fact a massive deal.
The biggest problem would come from the fact that all the current anti privacy legislation would have an excellent excuse to go through with the backing of all in congress/parliment (for us in the UK)
AQL - Al-Queda onLine ?
All you need is a few Al Qaeda working at Microsoft, putting backdoors and such into the code. Then you would have security problems galore. Come to think of it, maybe it explains why MS software is already so insecure - they've already infiltrated MS!
AC #5421
Of course the Bush administration will finally have a real reason to blame the Clinton administration for somthing, with Al Gore being the inventor of the Internet and Cyber-everything.
_______
2B1ASK1
FUCKING ALQUEDA!
Bidding up my MMORPG items, and not paying me!
They can blow up a building or two, but the second they start givin me bad ebay feedback, they goin the shit down.
Seriously... Whats alqueda gonna do on the internet? Give spiderman a bad movie review? Maybe order 2 dozen Korans from Amazon.com with a stolen credit card.
Also known as, ask me if I give a fuck.
God spoke to me
I'm sure that many government computers are safely isolated from any public nets, but many of them have the sole purpose of serving information to the Internet, and would be pretty useless if they were isolated! Furthermore, it's not just government installations that are at risk. The 9-11 attacks weren't just aimed at the Pentagon. Or perhaps you forgot about the WTC?
The major US backbones of the Internet itself could be considered part of our national infrastructure. I hope you're not going to ask why the backbones are on the Internet!
I heard that the much anticipated Bin Laden video has him saying "All your base are belong to us"
Has anyone bothered to notice that Osama Bin Laden, The Iatohla Khomeni and Sadam Hussein are on the board of Arthur Andersons.
I am sick of people constantly talking about security as if it doesn't exist and that the average joe's computer using experienced can be enhanced by ridiculous levels of computer control.
With that in mind, I consider this threat to be at about the same level as the crop duster deal--not going to happen. If you wanted to destroy the nation's computer systems, <i>just where would you begin?</i> Modern fantasy novels and movies often revolve around the recurring theme of the bad guys finding a way to somehow destroy everything in the nation in the click of an "OK" button.
If M$ used this fear of security in order to convince (yes, using faulty logic on the ignorant <i>will</i> work) people that Palladium is necessary, it could be a powerful weapon, but I doubt that would happen either. They could not keep the evils of that sort of 'plot' from surfacing to the mainstream, when articles about GNU/Linux appear on such mainstream and IMO biased websites such as ZDNet regularly.
Basically, I'm saying that this threat is stupid, the fear of powerful forces cracking into the US digital infrastructure and destroying the western world is stupid, and the fear that Palladium will destroy GNU/Linux is equally stupid, though I say "Screw you" to M$ for trying.
well, East Timor was hit (allegedly by Indonesia), but the infrastructure involved was exactly massive. A small ISP called Connect - Ireland was hosting .tp for them.
h tml98/issu_020799.html
http://seattletimes.nwsource.com/news/technology/
Computers are connected to the internet.
My god, you can control things over the internet!
No wait, we actually have a few building control systems like that...
Doh! Well we were reviewing this stuff after the SNMP vulnerability issue came out. Damn proprietary systems.
"Learning is not compulsory... neither is survival."
--Dr.W.Edwards Deming
Is the American public so gullible as to believe that because there's a hostile terrorist organization out there crazy enough to commit absolutely horrible atrocities, they could use the Internet to somehow hack into important national systems that have security so good, they could document it and still be impervious, and that that would then necessitate a security system interacting with their computers, checking for security problems (I'm attempting to decypher the cryptic corporate words of Microsoft--if anyone could explain what they really I'd appreciate it), and of course along the way checking for Digital Rights or Intellectual Property violations?
If they are, I can say as an American, that I think we need a more informed population! But, thankfully, if this new Palladium security system really did work and make open source/free software unusable, if ZDNet (the most corporate biased website next to MSN IMO) is running articles about GNU/Linux now, certainly news of Palladiums anti-competitive, sly, and downright malignant intentions would surface, right? And as soon as the masses get sick of Microsoft being their annoying buddy and stop wanting them to make the Internet easier/more robust or giving them 'peace of mind' (WTF is that anyway?), Palladium is screwed.
Ordinary users are already pissed at mandatory activation/unnecessary copy protection/everyone's-a pirate-mentality in * XP products.
Slashdot: Where people pretend to be twice as smart as they really are by behaving like children.
In retaliation, we just make sure that hostile governments' email addresses get added to a few of those spammer "Millions" CDs. That'll fix them!
One line blog. I hear that they're called Twitters now.
They'll first send robotic weapons (via mail) to the victims and instructions on how to plug them to their pc's (the robot arms will have guns hidden in it).. then, they will send instructions (over the wire) to the robo-gun to shoot everyone!
isn't science just great?
I say bring it on. Nothing would convince the powers that be to fix the current, vulnerable system than a good attack on the DNS servers. If it's going to happen, it might as well happen now rather than later.
Though I sincerely doubt that Al Queda will be able to do much damage with their 1987 Data General laptop and 300-baud Acousticoupler modem, I wish them luck anyway.
(Er, and if you think this message was anything other than a harmless gripe, you might just work for a Federal agency.)
Al Qaeda Accountancy Firm AQAF, had outsourcing contracts with these companies.. gotcha!
Ring Ring.
Taliban: Taliban.
FBI: This is the FBI. Surrender, or you will face our technology.
Taliban: We do not fear your weapons. We have anti-aircraft, and anti-tank weapons.
FBI: We know that... But you don't have spam filters.
Click!
Taliban: Spam Filters. What is that?
Youve got Mail !!!
Displaying on screen: Would you like better rates on your home mortgage?
Youve got Mail !!!
Displaying on screen: Order Viagra!! Cal 1800-viagra, and be youthful again.
Youve got Mail !!!
Displaying on screen: Bin laden goat sex!!!
Youve got Mail !!!
Displaying on screen: See britney spears naked.
Youve got Mail !!!
Displaying on screen: Become rich working at home.
Taliban: Thats IT!!! Osumma on his OWN !!!
--------------------------
Is this a sig?
--------------------------
" ...a consultant used his inside knowledge of a local sewage treatment system to dump raw sewage, hoping for a contract to solve the problem he created.
I guess this out-does the old, burning paper bag 'o dog shit on the doorstep trick. :)
"Academicians are more likely to share each other's toothbrush than each other's nomenclature."
Cohen
Anthrax, no way. That has to be some kooky retired redneck general with keys to the lab, or, worse, someone who still works in the lab. The targets (Judith Miller, Sen. Daschle, Tom Brokaw) are hardly folks that would be high on al-Qaeda's list of most heinous infidels.... if anything, they are all more visible to and hated by elements of the American right. Interestingly enough, the attack on Daschle (which was perhaps an attack on all of Congress rather than him personally, who knows) came just as the patriot act was being debated on the Hill. Who would gain from spreading that particular kind of fear at that particular moment? Hardly Osama bin Laden. In fact, in papers found on a computer bought by a reporter in Afghanistan, an al Qaeda operative admits in a memo that "despite their extreme danger, we only became aware of [chemical and biological weapons] when the enemy drew our attention to them by repeatedly expressing concern that they can be produced simply."
(By the way let's not forget that al Qaeda's nuclear weapons plans included an internet spoof from the "Journal of Irreproducible Results"....)
These people may want to kill all Americans, but they are not the most sophisticated bunch, no matter how well orchestrated 9-11 was. That anthrax was home grown, and it was probably someone who still has access to a biodefense lab, and his identity is possibly well known to a number of people around him who find him embarassing and dangerous but protect him anyway because they've known him for so many years.
...is enormously stupid.
Underestimating a terrorist group like Al-Queda is more than enormously stupid. I think they already have quite impressive 'reference work' if you will.
Irak used to train people in top UK universities for their nuclear weapons program. Information and know-how for enriching uranium is more difficult to get than information on how to knock down Cisco router. Equipment for enriching uranium is under strict control. PC:s are not.
.. .
Now why the hell is a computer controlling flood gates connected to the outside world at all? Thats just ask'n for it!
This is French for "joint stock corporation". It's obviously a pun.
A clever terrorist wishing to bog down a site with heavy traffic merely needs to craft the proper story . . . : Microsoft to purchase entertainment industry, take over RIAA and MPAA. Details here . . . and slashdot will take care of the rest.
How about disruption of 911 service? power outages at major nodes of the network in major cities? Mess with traffic lights at key intersections at rush hour? A virus in the computers at the NYSE? Remember the Y2K bug stories - even though hardly anything actually happened, a lot of the scenarios described were not that outlandish, and in fact a lot of near disasters were prevented.
(One in particular was noteworthy - in Los Angeles, a y2k test at a water reclamation plant led to some 4 million gallons of raw sewage spilling into the streets. Had this occurred on New Year's eve, there would have been 150,000 or so in that park for a millennium celebration. Hehe... 150,000 Angelenos covered in shit on New Year's eve....
...that Bob's guy at the Post is already doing a story on it. Bob, be sure to say that Frank's guy at the Times is doing the same.
Well we have "laws" against murder, but the army does that. So I'm sure it's perfectly "legal" for the CIA to try and bring down some 3rd world country. Although I doubt that RIAA attacks on Gnuttella networks would be as well received.
It's ignorance itself to think you know all the answers. -Miles Comer
Go watch the pilot episode of "7 Days" and see a suicide plane loaded with killer gas fly into the side of the whitehouse... they got the idea from sci fi tv!
Not prison camps. MSCE Reeducation Centers.
Nimda struck exactly one week and almost the exact hour from the Sept. 11 tragedy.
I am still convinced Nimda was authored by terrorists to attack American computer infrastructure (it targeted Windows boxes).
I am the network administrator at an electric co-op that uses SCADA in our electrical grid. From my perspective it is quit possible for terrorist to carry out such an attack. Scary part is that I cannot get buy in from management for even the simplest of security measures such as regular password changes or even properly restricting access to physical resources such as server rooms. They even allow users to dial out to the Internet using personal ISPs bypassing my firewall and all network security that I have put into place....
BE AFFRAID, BE VERY AFFRAID.
?
??
I am thinking about becoming a security consultant:
Want to secure your systems? Pull the network cable out of its jack.
That will be $1,000,000.
I am very small, utmostly microscopic.
I love it when europeons accuse Americans of arrogant folly and underestimating their opponents. Just remember: there's a reason that America leads the world -- we earned it -- our unprecedented success didn't fall out the goddamn sky.
One of the most important issues for a terrorist is to generate fear. The more, the better. To hit the world trade centre surly get the public attention. Now lets say you create a powerful virus and called it "AQ_FUCK_USA". It may do a lot of damage. It may cost millions of dollars and cause a lot of people to be angry. But it won't create fear.
Even if you hit a vital structure like power plants or hospitals. Yes it will be an annoyance. Some might die (due to lack of traffic lights, respirators etc...), but it's nothing compared to killing 5000 people (or more in some of the other possible scenarios).
You can't tell the terrorist world; "We just cost the evil USA 2 billion dollars". It doesn't give as much "respect" as saying "We just killed 100 Americans" (or some other western "evil" country).
But I wouldn't feel safe anyway. Someone (maybe AQ) will try it anyway. Why not? But do it make a change whether a script-kiddie or AQ hits us?
-:) Oh no - not again.
www.rednebula.com
When we have Worldcom's CFO...
Think KPNQwest...
retrorocket.o not found, launch anyway?
You used an AYB reference. Not only did it not get submitted, you deserve to be drawn and quartered as well! Hooray!
That is what you get when something, anything is not secured.
Are you going to fight a guy who is car-jacking you. How about from a group.
I am having a hard time believeing so many people have their eyes so closed.
That would be the same famed American arrogance that won your fucking pathetic World Wars, Euro-peon!
So right, and the really funny and tragic thing about this is that 1000 years back, Islam was the cultural light of the world. They had no problem with science, saw it as studying Allah's creation, and a truly proper thing to do. Large parts of the Rennaissance were merely bringing knowledge from the Islamic world into Europe.
Then sometime in the past few hundred years, they began to throw all of that away.
Kind of like the US and Freedom.
The living have better things to do than to continue hating the dead.
Well, working in IT, this is probably a wrong thing to say....but
The U.S. highest leaders are generally clueless about a great many things, especially technology.
So, while I have in the past plausibly ridiculed the prospects of Osama bin Laden using his laptop computer to communicate via the Internet using steganographic means from his goat-ridden non-electrified hovel in the mountains of Asia, close advisors to the President have spun stories to trigger fear, uncertainty and doubt in the minds of decision makers.
They've promoted these fallacies not out of malice, but rather in the interests of getting their particular piece of bread buttered. There are plenty of people in the business that would enjoy making money by contracting out a few projects that will be fun to work on, but which are of small substantive value.
But, hey, if I was pressured the same way, I'd probably lash and "Do Something" to make myself look like I was an active leader, look like I knew what was going on, etc.
"Provided by the management for your protection."
once bin gates deploys paladium biladen will quickly root and own the us networks. til then you can rest easy.
A hand up and a foot on every chest...
It is true that today Al-Qaeda or who ever are not be able to disrupt our infrastructure anymore than any script kiddie. Of course these enemy forces have a great deal more resources and time than even an army of script kiddies. That is the real problem.
Please assess the situation as it is, not as you want it to be or think it might be. There is an enemy force that killed 2823 Americans on Sept. 11 2001. This force probably spent as many as 8 years and much money planning that attack; since the previous attack in 1993. They are patient. They may field students that get jobs in very vulnerable places, and then do a great deal of harm. This will take time and money, and they have a track record of doing just that.
I appreciate the hubris expressed by everyone here, but as Teddy Roosevelt said, lets "walk softly and carry a big stick".
Cheers, SEB
If they had slowed down just a bit and waited another 30 minutes till the building was completely filled with workers, they probably would have killed a bunch more people.
You're right, though. They were clever, but they weren't *that* clever.
Any sufficiently advanced technology is indistinguishable from a rigged demo
--Andy Finkel (J. Klass?)
Maybe they can't on their own...but they definitely have the funding to pay someone else to do it....
....a consultant used his inside knowledge of a local sewage treatment system to dump raw sewage, hoping for a contract to solve the problem he created.
Isn't that what consultants do everywhere? Come in, dump raw sewage, hope for a contract.
--
As a matter of fact, I am a lawyer. But I play an actor on TV.
Look at the graph titled "Rise in Cyber Attacks".
It shows an exponential rise in the "Number of reported cyber incidents".
Pretty scary, no?
Now read the footnote
*Includes probes, illicit entry and attacks aimed at causing damage or taking control
It's hard to take something like this seriously.
It's like putting up a graph showing "Rise in illegal activity", with a footnote that says,
*includes parking violations, theft, and murder
- SWM
"Those children were killed with American weapons bought with American money. It doesn't matter who pulled the trigger, the blood is on America's ahnds"
.38 Special and uses it to kill and rob people, it's Colt's fault?
So, when the filthy nigger down the block buys a
Silence, you idiotic shitcunt.
"The event I fear most is a physical attack in conjunction with a successful boogie-attack from the responders' closet or underneath their bed," Ronald Dick, director of the FBI's National Infrastructure Protection Center, told a closed gathering of corporate security executives hosted by Infraguard in Niagara Falls on June 12.
In the future, I would want to not be isolated from my friends in the Space Station.
So the next time you get one of those poorly-worded, no punctuation, no capitalization emails from "3l337haX0r2002@aol.com" asking "teach me to hack", you should send it off to the FBI?
... because nothing short of a disaster with major associated loss of life will convince people that:
* It's not safe to use Microsoft "solutions" for anything remotely mission-critical
* The problems are caused by Microsoft's lack of attention to security
* The problems are made worse by their marketing that convinces people that Microsoft software is an acceptable substitute for thought about security
* All of this is enabled by their monopoly
* The only way to deal with the monopoly is to break it up
Note that I said "almost". If I must choose between an intact Microsoft and another WTC disaster, Microsoft can live on. But I would prefer neither.
To a Lisp hacker, XML is S-expressions in drag.
I'm posting this anonymously because my employer is one of those potential targets.
We have several SCADA (supervisory control and data aquisition) systems. Yes, they do control a lot of things which, if abused by someone with specific background knowledge, could do serious damage.
We also know that we have been under surveillance from that part of the world. A couple intruders were nearly caught inside one of our more critical installations. Unfortunately, they escaped. Similar instances of on site surveillance have been noted by the FBI. In fact, at one site they were caught, and yes these were men with Middle Eastern ties (I know that doesn't mean much, but I doubt that we'll learn anything more in the near future).
This article has got some awful FUD and irrelevant stuff in it. For example the Al Qaeda computer they found with AutoCad and Microstran on it is old news. The Australian control system hack case is even older news.
To date, I haven't heard of Al Qaeda successfully attacking anything via the Internet. Despite that, we have plenty of reason to take this threat seriously. Our systems can run independent of the regular intranet and they never touch the internet. Any attacks on us would have to be physical assaults on company facilities.
So a strictly Internet based attack is highly unlikely. However, like others in municipal utilities, we have a soft underbelly that management knows very little about. They come from all over the world and all walks of life. They have agendas of their own, they're often frustrated and mad as hell.
They're called employees.
Sleep tight.
"I'm having a hard time believing that Al Qaeda is capable of anything along these lines." hell even if they aren't capable, they can pay someone who is...like chinese, russian, or other foreign terrorist supporters living in countries like this.
Depends on your skin color, from what I've heard...
I think people here are ignoring something that is even more frightening than a concerted attack on the Internet: an electromagnetic pulse bomb.
Imagine a bomb filled with filaments of graphite detonated in a special manner near a power generating plant or major power substation. The EMP from such an explosion would effectively wipe out most everything electrical connected downstream from the point of attack and anything electrical within line of sight of the explosion; you might as well kiss anything connected to the wall outlet in your home goodbye since the pulse will overwhelm most surge protectors out there.
And the scary part is that building such a bomb is very inexpensive.
Al Queda set of an EMP bomb? Right. They couldn't keep a Leer jet flying for more than a month. These are people who bitch about having to take time out from studying the Koran to eat, sleep and shit. Most of 'em don't know how a door knob works.
Al Qaeda doesn't have any money, right? And there's not groups (like say the Russians) who would do anything for money? Or how about the Chineese? We've been finding cache's of weapons from them all over Afghanistan.
Are you all saying that you don't think that the big AQ could find someone willing, for whatever reason, to hit at our infrastructure? You are supposed to be the security experts and you just write it off as "Ahh, that's never gonna' happen". HAHAHAHHAH You are all so lame. You are going to be standing there pounding your chests about MS while a whole army marches right behind you and you won't even know it. And then when something happens you will stand there and make funny/nasty remarks about MS but not do anything. You are all less than worthless.
That's why you get when children run the show!
--this is quite possible. Most folks think of a cyber attack as a remote exploit hack type deal. This isn't even needed. Given the volume of people in this nation from foreign lands-a lot of whem just really don't like the US or christianity or western style governments- and domestic sympathisers like the black muslims, thousands of whom are on government worker positions like at water plants, utilities, etc. this could be accomplished very easily. Think of all the potential terrs inside university research establishments. Think of the huge ethnic concentrations made up of people who honestly believe in "jihad"and "kill the infidel". And to top that off we have the resurrgence of the hispanic aztlan movement, again, people coming from a culture of violent revolution and using force for their goals.
Yes, I know the US does this too,and it makes the whole deal doubly bad, doesn't it?- and more likely than not.
The genie is out of the bottle, the US border has been flung wide open for years, USleaders are all mostly sell outs bought off by profits at any cost bribe payers in corporations, any number of hundreds of thousands of un documented or falsely documented people have entered the US and are still here, sealed shipping containers by the cubic mile have gotten through, and at high levels of official cop government they certainly appear to be either incompetent or outright traitors.
More attacks bound to happen, including IT infrastructure oriented. This is a gimmee. Plan on it.
Ignore it, live in a likely urban target zone, most likely you will be going through some serious hell sometime, and whether or not you got broadband certainly isn't going to matter at that point.
Me, I won't even visit any major urban area, let alone live there. Those are now called "targets of opportunity". Millions won't care until after they are hit. I live pretty rural, have enough onsite resources to stay quarantined for a long time awayfrom infected populations. We produce our own food and water and electric power.
I own zero video games and no MP3's. I don't rent videos. I own no fancy new shiny car, but several older simpler to fix vehicles that work quite adequately. We store our own fuel and buy it in bulk. What we spent on that was really no more than getting a semi new box with some add-ons, ie, "it's doable", but most people won't consider it. We store water and have a well and a pond. We have muiltiple generators and extensive solar. enough plain but nutritious food stored up to last two gardening seasons withoput going to the store if we can't.
Stuff like that, an on purpose priority choice.
People can make the decisons they want to, live where they want to, pay attention to the world and poltics and current events or worry about video games and professional sports.
I don't even consider video games or professional sports or broadway plays or popular music to be even of marginal interest or relevance to todays planet..or whether or not their ride is "detailed"enough--things of that nature. Soap operas to lotto tickets. Everyone makes choices and prioritizes.
Millions think those things are so important it's their major interest.
Personally, I think they will become "overclocked" by fast moving events sometime, if they live urban.
Have a nice day
Yea and if I told you a year ago someone would crash three airliners into major buildings in the US you'd have said the same thing.
I do a lot of work with SCADA and DCS type systems. (Major Electic Energy Management Systems, Water/Wastewater, Power Plant,etc.) I don't think that wide spread attacks are very likely.
My customers are all very aware of security concerns. Even high level managers with little technical expertise will ask about security.
DCS and SCADA systems are almost always firewalled from the rest of the corporate network if they are connected at all (many are on small local LANS with no access whatsoever). I only say almost because there is always an exception, but if I ever do find one that is not firewalled, I certainly won't leave without making a recommendation to correct the oversight. If a connection to the corporate network is made, ACLs are setup to allow only a limited number of specific machines into the controls network. Most of these systems are secure enough to make them very difficult to penetrate from the corporate network.
Most of my customers periodically hire a competent security expert to audit the systems and give them a list of potential vulnerabilities to plug. This insures that the easy exploits are blocked.
I'm not saying that these systems are inpenetrable, only that breaking into them would require inside information and a lot of homework. This means that it would take a lot of work to get into one system. A wide spread attack would take a tremendous amount of resources to pull off.
The 9/11 attacks involved a relatively small number of people who didn't need a lot of insider help. I think that there might be some isolated attacks on specific systems but a large scale attack would be difficult to coordinate without tipping someone off.
Gee, I'd like to do my patriotic duty and help the govt. find the flaws and holes first to help get them fixed, but due to current legislation I would chucked in jail for 10 million years...
Several points:
First, they aren't worried about Afghanistan mounting cyberattacks, they're worried about Al-Qaeda doing it. Those two entities are not the same, and never were.
Second, attacks would likely be mounted from outside Afghanistan, since Al-Qaeda doesn't have much power base left there, and from there they're surrounded by hostiles. Other likely places from which an attack could come are likely to be easier to use.
Third, if someone wanted to initiate an attack from inside Afghanistan, they could use a satellite link to get to the outside 'Net (and probably would, since any Afghani ISP is likely to be watched like a hawk).
Virg
A few years ago Aviation Week ran a survey about cyber warfare.
Except for people trying to get research funding by being alarming, the experts they interviewed largely agreed on two things.
1. A virus attack would get lost in the noise of routine virus attacks, system "upgrades", and crash-prone bloatware.
2. If you want to make an enemy's computer stop working, the fastest, most reliable way to do it is to send an F-18 to drop a bomb on it.
I'm guessing you missed the /SARCASM tag in the original post, but I gotta bite on your statement anyway. Minimal cost? They lost the good graces of the only two nations that would support them, they got their organization (and their friends the Taliban) beat all to Hell, they pissed off the entire world (heck, even Arafat and Castro said "bad doggies!" to them, even if it's only lip service) and I haven't noticed any changes to our foreign policy that would benefit them at all. I'd say they came up on the down side of that exchange.
Virg
Ironically, their cyber attacks were thwarted when they burned up all their AOL hours trying to stay connected.
"Derp de derp."
It doesn't take an Economics degree or a large brain to figure this out. What it takes is listening to your constituency bitch loudly when you try to raise taxes to pay for these people. If you can figure out a way to make the average person consider that paying for a warm, non-corrupt, well skilled body to sit at each of these installations is worth the money, then bully on you, but nobody has managed to do that yet.
Oh, that's right, you're complaining about capitalism, so cost shouldn't be an issue. Then we'll just use volunteers. I volunteer you. Don't want to go? Too bad, you don't get to choose.
Virg
Remember for the 9/11 attacks they used every possible modern means in their planning, logistics.
The operatives used satellites phones, web, email, steganography for messaging etc.
It is not farfetched that they recruit more and more educated samrt people into their cause. And there are plenty of them in that region of the world.
Also their influence is multi national so they can recruit from any country which has a decent higher education standard plus they have also shown that they can turn western educated recruits into raving zealots.
There are already documented cases of active Pakistani crackers aggressively breaking into Indian military installations and sites.
They could turn on US too. So the idea is not that far fetched.
If they do, our geeks will send them back to the stone age!
Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
IOW a terrorist hell-bent on attacking something would like nothing better than a map on the WWW that tells exactly where to put an explosive device. A really sophisticated terrorist could use data gathered from those systems to model the flow of (water, sewage, power, etc.) to find weaknesses.
There are a variety of such systems today on the WWW. Some have been shut down (e.g., EPA closed down a hazards site months ago), others have added authentication and authorization, but many continue to operate apparently unexamined. The responsible authorities should, at the very least, examine the vulnerability such systems introduce in the light of the 9/11 attack. IMO they should shut them down until they have determined vulnerability.
We are talking about people who's friends (the Taliban) beileve that TV - and so almost certainly Cathode Ray Tubes (CRTs) are immoral. By that token, TFT/LCD displays are probably immoral as well. Therefore, unless they crack into the world's infastructure using only radio (which is OK, for propaganda), a line-printer, or ask someone else nicely to do it for them, they can't really do much.
Charlie Dyson
i bet they had better security than MS.
A blog about stuff.
Have you been under a rock or something. The people in that region are very technically adept. Why, just the other day I was reading on Slashdot about Afghan kids downloading steaming movies on their Commodore 64. If the kids can do that, just imaging what Al Quaeda could do. Remember, they are very well financed and I'm sure they have invested heavily in research and development of just such an attack.
Be afraid! Very afraid... Hoover damn could explode at any moment.
and here are Dave's ways to flush him out:
r ch ive/ls_topten_archive2001/ls_topten_archive_200111 23.shtml
http://www.cbs.com/latenight/lateshow/top_ten/a
WARNING: Smartphones have side effects--most of them undocumented.
The Australian case in the article is far from the only one.. I remember seeing something on the news some years back about how this guy from Sweden managed to put out the Emergeny Number 911 for a big part of the United States.. or was it only Florida? .. anyhow he did this back hacking in to AT&T's servers.. =P
realistically, one doesn't need high-tech methods to bring down the infrastructure... just the other day, the simple method of severing a telephone line took out much of the entire Boston area's communication networks...
I can't believe it's not lard!
Theres too much discussion about what can and cannot be defined as a cyber-attack. We all had our definition of terrorism redefined after 9-11, after all noone thought that using commercial vehicles as weapons against us was something that could happen in reality, only in Tom Clancy novels. Now we know that its possible, but the whole trick of it is to get us where we least expect it. If there is some sort of cyber-attack, its going to be something that we dont expect, anything from a mass DoS attack on key ISP's to actually bombing the FDIC or some other electronic dependent financial/educational/ect institution, no necessarily a goverment facility. As far as if they are capable of it, why not, after all if they can hijack a plane with a box cutter, or if 1 supposidly 13 year old can DoS http://www.grc.com (see story on site) to a stand still, then anything is possible. They have shown their creativity to use low tech items against us, all they would have to do is something along the lines of getting about 100 of them to zap a phone junction box with Tesla Coils and knock out some phones and hurt some people.... After all, the goal of terrorism is to terrorize, which means hit us where and when we least expect it in a way we dont expect...
First of all, most critical systems are either on the inside of a firewall, or not connected to a
public network. Second of all, if you have a system that needs to be secure, don't run a microsoft OS!
I thought the same thing - the variant I recall attempted to hack IIS, then put up pages that hacked IE, and tried to get in through outlook too. It wasn't so much that it exploited vulnerabilities, it was that it seemed to attack on so many fronts, and simply caused *lots* of disruption. Heck the internet was even noticeably slower afterwards, my own web server was getting close to 1000 Code Red hits an hour, according to the logs, and I don't even run a commercial site.
Great, This is a technical guy. I can see the headlines now "al Queda at the border with their mechanical boom sticks."
"using the Internet as a direct instrument of bloodshed."
I can see the headlines now: "Millions dead as UDP packets are directed out of control. Packet shards found embeded in victims!"
There are some people that if they don't know, you can't tell 'em.
The idea that a terrorist organization could attempt some sort of hack isn't out of the realm of possibilities. Hell, a 12 year-old can take down a website. But what are they really capable of? Probably less than they're being given credit for. The media knows however, that by attaching any varient of any computer related phrase, something becomes plausable. Fear what you don't understand, it's the american way.
There's an upside now. All of us sudden, being a geek may be patriotic. A well run, well administered network won't be as useful in a zombie (which I'd bet is the most likely) attack. Al-Qaeda, you've met your match. The American geek. We're waiting for you, packet sniffers in hand!
There are some people that if they don't know, you can't tell 'em.
Reporters: If you don't know what a word means, please don't use it. The volt is a unit of potential difference, not power.
Abstract Syntax Notation is a way of defining packed representations of data. It is analogous to XML. How could there be a vulnerability in the specification itself?
Implication: we should seek security through obscurity by hiding such technical information. That is a very naive idea. A railroad signalling system, for example, is probably sold both to US railroads and to third world railroads. The third world engineers who maintain these systems may have good reasons to attack the US or to aid those planning the attacks.
I don't understand. As with the ASN example, if the problem was inherent in a language, then the language would need to be modified. If the problem was solved by patching software, then the problem must have been in a specific implementation rather than the language. But what is this person talking about? Does he mean IP, or BGP? Does he even know what he means? The problem is not just that the article lacks information, it's that this reporter does not seem to think clearly.
Honestly, think about it! Why the heck are all these vital systems hooked up to the internet in the first place? Now as much as I love the net and everything, there are just some things that shouldn't be hooked up to the Internet connected LAN/MAN/WAN, and controls to vital public utilities are one of them. If you really need to telecommute to these servers, then they should have direct dial in on unlisted numbers!
That glorious Islamic civilisation was smashed by Genghis Khan and his successors. Baghdad was sacked in 1258. This catastrophe was seen as a divine judgment, and prompted the rise of extreme fundamentalism. They threw away their enormous cultural and intellectual dominance and left the world open to the rise of Europe.
http://www.fsmitha.com/h3/h11mon.htm is an interersting summary of the Khan's colourful career.
Incidentally, the Mongols didn't manage to conquer Israel. Presumably the local Muslims had been getting more than enough practice by killing Crusaders, and knew how to deal with a bunch of pony-mounted yurt-dwellers :-)
Real Daleks don't climb stairs - they level the building.