Slashdot Mirror
Cyber-Attacks?
Galahad2 writes "The Washington Post has a lengthy article about the Bush administration's fears of an Al Qaeda cyber attack on the nation's infrastructure. Though we have all seen this sort of attack as a possiblity for a long time, I'm having a hard time believing that Al Qaeda is capable of anything along these lines." You're not the only one. The article does cite an example of the only known infrastructure attack, a case in Australia where a consultant used his inside knowledge of a local sewage treatment system to dump raw sewage, hoping for a contract to solve the problem he created.
Of course, once all computer systems are run on Microsoft's forthcoming Palladium system then such attacks will be completely impossible. Obviously the correct response to this potential threat is to outlaw any OS that does not have Palladium security.
So that's why I've been getting these .ag spams...
I have been pwned because my
I'm having a hard time believing that Al Qaeda is capable of anything along these lines.
I had a hard time believing the events on September 11th even whilst they were happening!
They have to resort to flying planes into buildings as weapons, and you expect them to be able to what? Use a computer?
http://www.angryburrito.com/ The best, completely unfinished software review site ever.
hoping for a contract to solve the problem he created.
Isn't this exactly what happened with y2k ? Consultants talked up a problem in the hope of being paid to "fix" it.
It's not so unique
Flak 1: "Hey, we're really getting pasted over the fact that we "knew about" 9-11 and didn't warn anyone." ... oh you'll think of something! Ted, start posting stories on Slashdot; those hackers suck up every meme that's going..."
Solemn pause as the room thinks. Scratching of heads, etc.
Flak 2: "I know, let's warn everyone about every possible type of attack, so that if and when the next one occurs we can say..."
Flak 1: "... I told you so?! That's brilliant! Bob, call your guy at the Post and see if you can sell that cyber attack story. Frank, get the Times on the phone, tell them
Scene of chaos as flunkies run in every direction to Flak 1's barked commands.
Something like that, right?
I don't know whether to be more concerned about a potential cyber attack or the fact that the Assistant Secretary of Defense refers to critical infrastructure as "some sophisticated, tricky cyber thing."
A genuine crapflood!
Why are any of the computers controlling national infrastructure on the Internet or available via modem? Anything that important should be completely cut off from the outside world.
Give a man a fire, and he'll be warm for a day, but set him on fire, and he'll be warm for the rest of his life.
So might this be an all-out DoS attack looking to shut down the spread of the fruits of the decadent, imperialist American culture? Would they try to clog the networks so that people can't share any type of creative endeavour that represents the freedom that all Americans enjoy? Oh wait. That would be these people. My bad. Move along. Nothing to see here. I get those groups trying to subvert freedom at all costs in pursuit of their twisted ideology confused sometimes. (NB: I am not condoning piracy. But you shouldn't let companies engage in the kinds of activities that terrorits might do. :P) Also, is there a new version of Godwin's law relating to calling someone a terrorist?
Best. Comment. Ever. Enjoy!
What kind of fscking imbecile allows critical infrastructure control systems to be connected to the Internet?
This is a complete non-issue. There are no critical systems connected to the Internet. (Any that are need to have their plugs yanked and their admins fired, even if we weren't in the middle of an undeclared war.) This smells to me like a red herring for the Administration to grant itself more sweeping powers of warrantless surveillance and intrusion.
I wonder what Austria's immigration policies are like?
Schwab
Editor, A1-AAA AmeriCaptions
Shaun
Thanks to the War on Drugs, it's easier to buy meth than it is to buy cold medicine!
Prior to September 11th, 2001, it was inconceivable that anyone would be capable of using airplanes as guided missiles and then fly them into buildings. Look where we are now.
Okay what about kamikaze?
"Those that don't learn from history are doomed to be beat to hell by those who do. " -- red5
I know I'm going to hell, I'm just trying to get good seats.
Why do they do that? Certainly not to improve our life expectancy or security. If we wanted to do that, spending $280 billion on public health and education would save a lot more lives than a missile defense system even in the unlikely event that we were attacked and that the system worked. If we are worried about attacks on our financial system, stopping crooks like Enron and WorldCom executives would be a whole lot less trouble and costly, not to mention less threatening to our civil liberties; Osama sending a Microsoft Word virus out of his cave pales in comparison to what a single felonious US executive can achieve.
No, people create fear in order to gain power. That's true for Afghan terrorists as much as for the US government and the media. Creating fear gives people power and it allows politicians to move billions of dollars to their favorite campaign contributors.
Folks, life is dangerous: live with it. And learn to evaluate risks and spend dollars wisely on prevention. Nearly 50000 people die each year in the US in traffic accidents, more Americans than in the entire Vietnam War. Cars cause even more deaths each year from pollution. Smoking causes 440000 premature deaths each year. Obesity causes about 280000 premature deaths each year. (Data comes mostly from JAMA.) Those are all easily preventable, with better education, reduced stress, and a better transportation infrastructure. Instead, however, we get worked up about obscure threats and spend enormous amounts of money on anti-terrorist measures and military hardware that will almost certainly not protect us anyway.
In the literal meaning of "terrorist"--people who create terror for power--governments and the media are way ahead of any third rate coward in some cave halfway around the world. Hold the people who spread fear accountable the next time you go to the ballot box.
And the WP journalist responsible for this trash ought to be horsewhipped. As if we need more hysteria about the internet right now.
Anyone who thinks a few religious fanatics hiding in caves somewhere can take the internet down has another think coming. Or, to paraphrase Emperor Palpatine, "The infrastructure is quite safe from your pitiful little band."
-Kasreyn
Kasreyn: Cheerfully playing the part of Devil's Advocate to hairtrigger
and the destruction of the morally bankrupt, corrupt western civilization, we sure are giving Al Qeda and the Q'Ran-and-ravers kudos for a lot more hightech savvy than they need to infect themselves with to accomplish their goals.
Have you read about how Islam is treating anybody with enough education to frame a question to ask the immams? After they've shot them?
Have you read the clap-trap that their schools, in those countries where they still pretend to have some, are spewing in an effort to reconcile the Western scientific viewpoint, based on letting things describe themselves so that we can understand them, and Islam's mystical religious authoritarian fervor, which is based on Allah this, Allah that and nothing happens without the will of Allah and the Q'Ran is the only book you need and the immams will guide you in its interpretation so you don't need to know how to read. (Very Catholic of them. Watch your sons around that bunch of androsterone loving creeps.)
Given the patterns shown to date and the historic emnity betwen the Q'Ran-and-ravers and our transportation infrastructure, (you don't need to leave your village and the influence of your immam,) we'd probably do better to watch who the country's transportation workers are.
What do they do to spread terror and interfers with our lives? Mall bombers are a very ineffective way to spread terror. They have noticed that our conveyances offer the opportunity to murder and do a lot of harm to many people in a tight space. Now they set bombs off next to busses, hijack planes, crash them into buildings.
River bridges and tunnels are far more vulnerable than airports right now. Truckers and their rigs are the vulnerable underbelly of America.
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
Most of the critical infrastructure stuff is air-gapped from the Net (that is, they are completely separate from it, and not connected, not even indirectly), and rightfully so. So any job would have to be an inside job by a sleeper agent or something.
But it might be easier for terrorists to take out something (physically) like the root DNS servers, or a major point like MAE East/West -- it may not cause the apocalypse, but that will still screw things up majorly for the world... the Internet does have lots of single points of failure, believe it or not.
There's 10 types of people in this world, those who understand binary and those who don't.
I don't believe Osama's buddies would attempt something like this. Somebody else, maybe, but not Al Quaeda. They're much more interested in the 'honor' and the 'glory' of making big, bloody direct attacks. Look at their history of attacks: WTC, Khobar Towers, USS Cole, WTC again, Kenya embassy,... All aimed at directly attacking symbols of US hegemony, with big booms and many dead. Computers is just not like them.
Anthrax, maybe.
superblog.org: all your favourite blogs on o
What do they think a terrorist organisation could do, that groups of script kiddies with a few botnets couldn't do? Have they really got any idea what sort of DDoS stuff happens every day of the week out there in IP land?
"None are more hopelessly enslaved than those who falsely believe they are free." -- Goethe
I'm having a hard time believing that Al Qaeda is capable of anything along these lines.
So they have towels on their heads, hide in caves and currently live somewhere between Afghanistan and Pakistan - so this makes them stupid, right?
Whatever. Have you forgotten that these people managed to simultaneously hijack FOUR aircraft, in a country with absurdly tight border restrictions, keep the whole thing quiet from an increasingly Orwellian state, run the whole gig on a budget of eighty dollars and five camels AND get away with it? Hmm? Do I see Osama Bin Laden's head mounted on a plaque in the oval office? Quite.
Thing 2 - Sysadmin's are notoriously lazy, particularly Microsoft ones. Count the number of no brainer hacks we've had over the last, say, two years: Default passwords on SQL servers, unpatched IIS installations by their thousands... Not to mention the notoriously bad security record of the vendor itself.
Not that you need to actually attack anything, don't forget that the multi billion dollar Yahoo! empire was reduced to rubble by some kid in fuckwad Arizona calling himself "Mafiaboy". And he bragged about it on IRC, hardly the gold standard in attempting to get away with things.
Fucks' sake, A "cyber attack" is so thoroughly within the reach of Al Queda that the only reason I can suggest that they've not done it is that they've been busy regrouping after their previous hosts, the Taliban, had their arses royally kicked a few months back.
You think they're going to run forever? Grow up America. You're not as smart as you think you are, and you're very much a target. Have a nice day.
Dave
I write a blog now, you should be afraid.
They keep using that word. I do not think it means what they think it means.
SpyDock: Scientific Python in a Docker container
No it wasnt inconceivable, not by a long shot. The plot of the first episode of "The Lone Gunmen" was about just that, even the correct building!
In fact it was more believable than what is alleged to have really happened.
no sig.
Al Qaeda has hired script kiddies to bring down rain down computer destruction. I don't understand why the fuck things not designed to be hooked up to the internet are being hooked up to it.
I ask in all seriousness, why is a railway switch hooked up to the public internet? What good reason is there for eletronic valve controls for fresh or sewage water to be hooked up to the internet? Does a passing shit or dead goldfish need to check its e-mail? I can understand having some sort of network linking a bunch of sensors and whatnot, that makes sense. I do not understand however why that network needs to be on the internet or even publicly accessible. In some cases, like the guy in Australia, the method of intrusion was not the internet or a network of any sorts, just an unsecured method of entry. Having singular systems with unsecured entry point is understandable and pretty forgivable. Not everyone expects some jackass to try to scre with something. A network of systems with unsecured entry is ridiculous.
I remember reading a billion and a half philez back in the day on how to fuck with systems through Tymnet and other networks similar to it. I still don't see why the SCADA system controlling the Hoover damn needs a modem in it, if it does need that modem in it what is up with the lack of intense and thurough handshaking and password challenges?
The internet is an obvious target regardless for you bozos who question militant religious fanatics and their target aquisition. Why attack the WTC? It was a symbol, same with the White House or Pentagon. They're both symbols. The internet is another symbol of Western culture. Who is the internet big with? A hint: it is not a bunch of predominatly Muslim countries but the word does start with W and end with est. It would be yet another symbol to attack if you're in the mindset that the West is the source of all of your ills.
If you're worried about phone lines going down and needing network access get some geeky friend together, get yourselves Ham licenses and form yourself an emergency packet radio network. If you've got laptops and battery powered equipment you'll be fine even if your power goes from al Qaeda script kiddie attack. While it sounds sort of ufnny to some it is a good idea, hams in an area suffering from power outages or down phone systems can be a big help keeping the flow of information flowing. Nothing helps in an emergency situation like the right information getting to the right people at the right time.
I'm a loner Dottie, a Rebel.
You mean they have attacked palestinian linked sites, and vice versa. Sad really.
no sig.
The idea that critical systems of a power-plant of any kind would be on-line and accessible via the web or dial-up is so preposterous as to defy reason. The idea is surely suggested by ignorant kooks, and snatched up and carried into daylight by "journalists" who would rather see their name in a byline than verify the information in the stories they rush to press. In short, someone has seen one to many USA Channel Sunday Night Movies.
Having worked on nuclear plant monitoring systems software, I can tell you for a fact that the critical systems not only can not be tripped from off-site, but also can not be accessed from anything but specific, highly secure and redundant systems.
These systems have physical switches that often require two hands to operate. They are designed to prevent insider sabotage, so no wanker with a laptop, sitting in a cave or boardroom half a world a way can do anything. The only action that can be caused by any local anomaly is a controlled, safe shut-down. The only thing that a remote action will result in is a line-item in the logs, period. A plant shutdown may be costly and greatly inconvenient, but hardly lethal, and absolutely not catastrophic. The "terrorists" will have better luck flying a 747 into the Hoover Dam.
The notion that someone with access from outside could trip a plant or cause anything but the generation of a non-critical statistics report to be generated is lunacy. Yes, some aspects of some systems may be monitored from outside, but this is only for informational purposes only.
enough to understand the dangers of the connection and of the mode of connection?
Gimme a break? The bell curve shows that most of them will be mediocre. That's sad but statistically true.
But we've got some hope. Our infestation of script kiddies and the puerile juvenile delight our youth takes in engaging in high-tech sacred-cow-tipping.
Somebody somewhere is getting hammered at by the bazillion script kiddies and his/her systems are behaving like women of negotiable affection when the fleet's in town. But its not somewhere important. An individual firm may go under but it most probably wasn't important either.
The web of commerce is far broader, loser and more resilient than it is vulnerable.
But watch the transportation industries and highway system that are the filaments that hold it all together...
Remember the Golden Gate bridge and the disruption expense and systemic inefficiency caused by the Loma Prieta 'quake...
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
When I had it demoed to me at a show, it had an extreme smell of snake oil (which probably every device like this has and always will), but IMHO it could be worse.
In fact, it looks quite solid - just don't think it is a solution for every problem.
Windows 2000 - from the guys who brought us edlin
The usual attack pattern goes:
- Enter the site on a "powered by freebsd" google search reference
- Cause an error ("GET
../.." or a "GET / HTTP/1.0" request) to get the web server name and version.
- If the version is a vulnerable version of Apache, an attack commenses with a different tool.
If everyone hasn't upgraded Apache to a safe version yet, I strongly suggest you do. It's not just a Microsoft hole any more.There is only one problem with an attack on the infrastructure, and it is not the actual attack.
Indeed there would be a days work lost, but any company that has a good tech department / disater recovery plan would be able to sort themselves out within a day, although the backlog of mail might take a little longer. This is not in fact a massive deal.
The biggest problem would come from the fact that all the current anti privacy legislation would have an excellent excuse to go through with the backing of all in congress/parliment (for us in the UK)
Actually I think it sounds like home in another way: Microsoft hax0r (Gates) dumps raw sewage (Windows) to the public.
Of course the Bush administration will finally have a real reason to blame the Clinton administration for somthing, with Al Gore being the inventor of the Internet and Cyber-everything.
_______
2B1ASK1
So NATO got less spam that day...not exactly a catastrophe. I doubt anyone at NATO really noticed anyways - and one would hope that NATO and other military related entities would communicate sensitive information through more secure and reliable channels as opposed to email.
When most think of an infrastructure related terrorist attack, they're thinking more along the lines of power being knocked out, phones not working, no water, etc. Email, despite all the hype, is something most people can live without or at least work around. Email at many companies goes down so often that many employees also use IM programs or other methods during such outages...sometimes even resorting to using the telephone. Oh what is this world coming too...
I'm sure that many government computers are safely isolated from any public nets, but many of them have the sole purpose of serving information to the Internet, and would be pretty useless if they were isolated! Furthermore, it's not just government installations that are at risk. The 9-11 attacks weren't just aimed at the Pentagon. Or perhaps you forgot about the WTC?
The major US backbones of the Internet itself could be considered part of our national infrastructure. I hope you're not going to ask why the backbones are on the Internet!
Anthrax, no way. That has to be some kooky retired redneck general with keys to the lab, or, worse, someone who still works in the lab. The targets (Judith Miller, Sen. Daschle, Tom Brokaw) are hardly folks that would be high on al-Qaeda's list of most heinous infidels.... if anything, they are all more visible to and hated by elements of the American right. Interestingly enough, the attack on Daschle (which was perhaps an attack on all of Congress rather than him personally, who knows) came just as the patriot act was being debated on the Hill. Who would gain from spreading that particular kind of fear at that particular moment? Hardly Osama bin Laden. In fact, in papers found on a computer bought by a reporter in Afghanistan, an al Qaeda operative admits in a memo that "despite their extreme danger, we only became aware of [chemical and biological weapons] when the enemy drew our attention to them by repeatedly expressing concern that they can be produced simply."
(By the way let's not forget that al Qaeda's nuclear weapons plans included an internet spoof from the "Journal of Irreproducible Results"....)
These people may want to kill all Americans, but they are not the most sophisticated bunch, no matter how well orchestrated 9-11 was. That anthrax was home grown, and it was probably someone who still has access to a biodefense lab, and his identity is possibly well known to a number of people around him who find him embarassing and dangerous but protect him anyway because they've known him for so many years.
How about disruption of 911 service? power outages at major nodes of the network in major cities? Mess with traffic lights at key intersections at rush hour? A virus in the computers at the NYSE? Remember the Y2K bug stories - even though hardly anything actually happened, a lot of the scenarios described were not that outlandish, and in fact a lot of near disasters were prevented.
(One in particular was noteworthy - in Los Angeles, a y2k test at a water reclamation plant led to some 4 million gallons of raw sewage spilling into the streets. Had this occurred on New Year's eve, there would have been 150,000 or so in that park for a millennium celebration. Hehe... 150,000 Angelenos covered in shit on New Year's eve....
...that Bob's guy at the Post is already doing a story on it. Bob, be sure to say that Frank's guy at the Times is doing the same.
Not prison camps. MSCE Reeducation Centers.
One of the most important issues for a terrorist is to generate fear. The more, the better. To hit the world trade centre surly get the public attention. Now lets say you create a powerful virus and called it "AQ_FUCK_USA". It may do a lot of damage. It may cost millions of dollars and cause a lot of people to be angry. But it won't create fear.
Even if you hit a vital structure like power plants or hospitals. Yes it will be an annoyance. Some might die (due to lack of traffic lights, respirators etc...), but it's nothing compared to killing 5000 people (or more in some of the other possible scenarios).
You can't tell the terrorist world; "We just cost the evil USA 2 billion dollars". It doesn't give as much "respect" as saying "We just killed 100 Americans" (or some other western "evil" country).
But I wouldn't feel safe anyway. Someone (maybe AQ) will try it anyway. Why not? But do it make a change whether a script-kiddie or AQ hits us?
-:) Oh no - not again.
www.rednebula.com
When we have Worldcom's CFO...
Think KPNQwest...
retrorocket.o not found, launch anyway?
So right, and the really funny and tragic thing about this is that 1000 years back, Islam was the cultural light of the world. They had no problem with science, saw it as studying Allah's creation, and a truly proper thing to do. Large parts of the Rennaissance were merely bringing knowledge from the Islamic world into Europe.
Then sometime in the past few hundred years, they began to throw all of that away.
Kind of like the US and Freedom.
The living have better things to do than to continue hating the dead.
Well, working in IT, this is probably a wrong thing to say....but
The U.S. highest leaders are generally clueless about a great many things, especially technology.
So, while I have in the past plausibly ridiculed the prospects of Osama bin Laden using his laptop computer to communicate via the Internet using steganographic means from his goat-ridden non-electrified hovel in the mountains of Asia, close advisors to the President have spun stories to trigger fear, uncertainty and doubt in the minds of decision makers.
They've promoted these fallacies not out of malice, but rather in the interests of getting their particular piece of bread buttered. There are plenty of people in the business that would enjoy making money by contracting out a few projects that will be fun to work on, but which are of small substantive value.
But, hey, if I was pressured the same way, I'd probably lash and "Do Something" to make myself look like I was an active leader, look like I knew what was going on, etc.
"Provided by the management for your protection."
a flock of pigs
I'm sorry, but the mental image is too much for me. Thanks for the laugh. :-)
It is true that today Al-Qaeda or who ever are not be able to disrupt our infrastructure anymore than any script kiddie. Of course these enemy forces have a great deal more resources and time than even an army of script kiddies. That is the real problem.
Please assess the situation as it is, not as you want it to be or think it might be. There is an enemy force that killed 2823 Americans on Sept. 11 2001. This force probably spent as many as 8 years and much money planning that attack; since the previous attack in 1993. They are patient. They may field students that get jobs in very vulnerable places, and then do a great deal of harm. This will take time and money, and they have a track record of doing just that.
I appreciate the hubris expressed by everyone here, but as Teddy Roosevelt said, lets "walk softly and carry a big stick".
Cheers, SEB
....a consultant used his inside knowledge of a local sewage treatment system to dump raw sewage, hoping for a contract to solve the problem he created.
Isn't that what consultants do everywhere? Come in, dump raw sewage, hope for a contract.
--
As a matter of fact, I am a lawyer. But I play an actor on TV.
The U.S. was isolationist until we got hit in Perl.
Damn that Larry Wall and his globalization policy!
Come play Heroes of Might and Magic Mini online.
Look at the graph titled "Rise in Cyber Attacks".
It shows an exponential rise in the "Number of reported cyber incidents".
Pretty scary, no?
Now read the footnote
*Includes probes, illicit entry and attacks aimed at causing damage or taking control
It's hard to take something like this seriously.
It's like putting up a graph showing "Rise in illegal activity", with a footnote that says,
*includes parking violations, theft, and murder
- SWM
The French are particularly stupid. When bin Laden is ranting and raving about how the French and the British carved up the Ottoman Empire, do they think that his band of lunatics might, just might, want to attack the French and the British? The British understand this (at least its government does, excepting spouses). The French don't.
I guess the French figure that as long as they let Muslims attack Jews at will, this will serve as a release valve. How gallant.
-jon
Remember Amalek.
"The event I fear most is a physical attack in conjunction with a successful boogie-attack from the responders' closet or underneath their bed," Ronald Dick, director of the FBI's National Infrastructure Protection Center, told a closed gathering of corporate security executives hosted by Infraguard in Niagara Falls on June 12.
In the future, I would want to not be isolated from my friends in the Space Station.
When your enemy is ranting about the loss of Spain in 1492, the breakup of the Ottoman Empire in 1919, and the presence of US troops in a country that invited them in to protect them from another lunatic, you've got to figure that there isn't much reasoning with him.
I know you'd like to believe that we're dealing with rational people, but we aren't.
-jon
Remember Amalek.
It's a water cooled 3000+ round/minute gatling cannon commonly referred to as R2-D2.
The distinctive white dome is a radar tracking system that tracks every out-going projectile as well as the incoming missile, making minute modifications to it's aim to insure total destruction of the incoming threat.
The system is so sensitive (unless they've dumbed it down) that it will continute firing until there is no piece of the incoming threat larger than a small sparrow.
At that fire rate, the weapon would run out of ammo long before a Kamikaze plane were to disintegrate.
So the next time you get one of those poorly-worded, no punctuation, no capitalization emails from "3l337haX0r2002@aol.com" asking "teach me to hack", you should send it off to the FBI?
... because nothing short of a disaster with major associated loss of life will convince people that:
* It's not safe to use Microsoft "solutions" for anything remotely mission-critical
* The problems are caused by Microsoft's lack of attention to security
* The problems are made worse by their marketing that convinces people that Microsoft software is an acceptable substitute for thought about security
* All of this is enabled by their monopoly
* The only way to deal with the monopoly is to break it up
Note that I said "almost". If I must choose between an intact Microsoft and another WTC disaster, Microsoft can live on. But I would prefer neither.
To a Lisp hacker, XML is S-expressions in drag.
I think people here are ignoring something that is even more frightening than a concerted attack on the Internet: an electromagnetic pulse bomb.
Imagine a bomb filled with filaments of graphite detonated in a special manner near a power generating plant or major power substation. The EMP from such an explosion would effectively wipe out most everything electrical connected downstream from the point of attack and anything electrical within line of sight of the explosion; you might as well kiss anything connected to the wall outlet in your home goodbye since the pulse will overwhelm most surge protectors out there.
And the scary part is that building such a bomb is very inexpensive.
Yea and if I told you a year ago someone would crash three airliners into major buildings in the US you'd have said the same thing.
Several points:
First, they aren't worried about Afghanistan mounting cyberattacks, they're worried about Al-Qaeda doing it. Those two entities are not the same, and never were.
Second, attacks would likely be mounted from outside Afghanistan, since Al-Qaeda doesn't have much power base left there, and from there they're surrounded by hostiles. Other likely places from which an attack could come are likely to be easier to use.
Third, if someone wanted to initiate an attack from inside Afghanistan, they could use a satellite link to get to the outside 'Net (and probably would, since any Afghani ISP is likely to be watched like a hawk).
Virg
I'm guessing you missed the /SARCASM tag in the original post, but I gotta bite on your statement anyway. Minimal cost? They lost the good graces of the only two nations that would support them, they got their organization (and their friends the Taliban) beat all to Hell, they pissed off the entire world (heck, even Arafat and Castro said "bad doggies!" to them, even if it's only lip service) and I haven't noticed any changes to our foreign policy that would benefit them at all. I'd say they came up on the down side of that exchange.
Virg
Ironically, their cyber attacks were thwarted when they burned up all their AOL hours trying to stay connected.
"Derp de derp."
It doesn't take an Economics degree or a large brain to figure this out. What it takes is listening to your constituency bitch loudly when you try to raise taxes to pay for these people. If you can figure out a way to make the average person consider that paying for a warm, non-corrupt, well skilled body to sit at each of these installations is worth the money, then bully on you, but nobody has managed to do that yet.
Oh, that's right, you're complaining about capitalism, so cost shouldn't be an issue. Then we'll just use volunteers. I volunteer you. Don't want to go? Too bad, you don't get to choose.
Virg
I think you missed my joke.
... procedes to set off the suicide bomb strapped to his chest.
An al-queda operative sits alone in a house
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
I thought the same thing - the variant I recall attempted to hack IIS, then put up pages that hacked IE, and tried to get in through outlook too. It wasn't so much that it exploited vulnerabilities, it was that it seemed to attack on so many fronts, and simply caused *lots* of disruption. Heck the internet was even noticeably slower afterwards, my own web server was getting close to 1000 Code Red hits an hour, according to the logs, and I don't even run a commercial site.
"using the Internet as a direct instrument of bloodshed."
I can see the headlines now: "Millions dead as UDP packets are directed out of control. Packet shards found embeded in victims!"
There are some people that if they don't know, you can't tell 'em.
The idea that a terrorist organization could attempt some sort of hack isn't out of the realm of possibilities. Hell, a 12 year-old can take down a website. But what are they really capable of? Probably less than they're being given credit for. The media knows however, that by attaching any varient of any computer related phrase, something becomes plausable. Fear what you don't understand, it's the american way.
There's an upside now. All of us sudden, being a geek may be patriotic. A well run, well administered network won't be as useful in a zombie (which I'd bet is the most likely) attack. Al-Qaeda, you've met your match. The American geek. We're waiting for you, packet sniffers in hand!
There are some people that if they don't know, you can't tell 'em.
Reporters: If you don't know what a word means, please don't use it. The volt is a unit of potential difference, not power.
Abstract Syntax Notation is a way of defining packed representations of data. It is analogous to XML. How could there be a vulnerability in the specification itself?
Implication: we should seek security through obscurity by hiding such technical information. That is a very naive idea. A railroad signalling system, for example, is probably sold both to US railroads and to third world railroads. The third world engineers who maintain these systems may have good reasons to attack the US or to aid those planning the attacks.
I don't understand. As with the ASN example, if the problem was inherent in a language, then the language would need to be modified. If the problem was solved by patching software, then the problem must have been in a specific implementation rather than the language. But what is this person talking about? Does he mean IP, or BGP? Does he even know what he means? The problem is not just that the article lacks information, it's that this reporter does not seem to think clearly.
That glorious Islamic civilisation was smashed by Genghis Khan and his successors. Baghdad was sacked in 1258. This catastrophe was seen as a divine judgment, and prompted the rise of extreme fundamentalism. They threw away their enormous cultural and intellectual dominance and left the world open to the rise of Europe.
http://www.fsmitha.com/h3/h11mon.htm is an interersting summary of the Khan's colourful career.
Incidentally, the Mongols didn't manage to conquer Israel. Presumably the local Muslims had been getting more than enough practice by killing Crusaders, and knew how to deal with a bunch of pony-mounted yurt-dwellers :-)
Real Daleks don't climb stairs - they level the building.