Slashdot Mirror
Internet Meltdown Predicted for Tomorrow
Kobalt writes "A few news services are reporting that Russian computer expert, Aleksandr Gostev from Kaspersky Labs, has predicted that a large chunk of the Internet will be shut down tomorrow by cyber terrorists."
as long as google dosen't go down we can live on the caches!!!!!
Loading Please Wait....
Could they be a bit clearer on which TZ they're basing the attack? For me, it's already "tomorrow" in Japan.
I smell the work of the GOP trying to get the geek vote.
Drill baby drill - on Mars
How will I be so productive at work ?
oh... wait..
My blog
Evil bits! There is still time to mend your ways! Repent, evil bits, for the hour of your doom is at hand!
SAILING MISHAP
We're going to slashdot the entire internet?
Chris Knight is my hero.
SANS internet storm center has a note on this. They have seen increased scriptkiddie activity possibly leading up to this. Started on Sunday. Also read the note on the "drag-n-drop" exploit that is now seen in the wild and only requires you to move the scrollbar for it to install....several scanners are not picking up some of the new binaries being installed.
Armed with this foreknowledge, what can we do besides wait and see what happens? One of TFAs stated that there's really nothing we can do to defend against the attack, so what's the point in worrying about it? Either it will happen, and folks in the US and Western Europe will be inconvenienced, or it won't happen, and we'll all have worried for nothing. At this point, it seems like this knowledge, while nice to have, is somewhat useless.
Also, why tomorrow? Wouldn't it send a more powerful message to wait a few weeks and do it on September 11th?
This sig has been stolen. Return it to its original user for a reward.
NO! don't let them anywhere NEAR the internet's power switch!
Summary: nothing to see here. Move along.
The sun may or may not go nova this week.
I may or may not get myself a real girlfriend.
there may or may not be dupes posted on our beloved
Kevin Mitnick may or may not like chicken.
You may or may not get that raise (job, for those unemployed) this week.
It's easy to make
> Is it someone who makes threats using electronic media?
no thats the RIAA isn't it?
---- There are 10 types of people in the world. Those that understand binary and those that don't
Has anyone else noticed a lot of automated (presumably) login attempts for the users 'root', 'test' and 'guest' over SSH?
I never used to get this, and now I seem to get dozens of them every day.
I wonder if this is related to the so called "dooms-day" tomorrow.
Productivity tomorrow is expected to rise to levels not seen since the 1980's.
But I can predict with 100% certainty that my eyes will meltdown in their sockets if they don't change the IT section color scheme soon.
A coordinated online strike against Internet servers by terrorists, dubbed "electronic jihad," may or may not strike this week, security experts said.
Well, I may or may not be concerned then.
Moo.
e-had - a purely electronic holy war
i-had - much like an e-had, but it's portable
I want to drag this out as long as possible. Bring me my protractor.
It's anyone who disrupts business interests, isn't that obvious?
Oh wait, I'm a banker, I'm not supposed to say things like that...
Read jack phelps dot net
I've personally become entirely jaded by the term 'terrorist'. I've heard it used to describe just about everything that the speaker wants to scare you into believing.
Officials of foreign governments are now terrorists, drinking a Pepsi at the Olympics is "advertising terrorism", etc.
As Reagan said; one mans terrorist is another mans freedom fighter.
I was supposed to do a major network re-configuration tomorrow, damn, now I'll get the blame for bringing down the whole internet!
A house divided against itself cannot stand.
Kaspersky labs says they were misquoted. Quoting from a mail from kaspersky labs themselves (as found in a repost on the NTBugtraq mailing list):
A handful of sites are stating that Eugene Kaspersky, founder of Kaspersky Labs, believes that tomorrow will bring a massive terrorist attack on the Internet. This is being quoted in a range of ways, ranging from factual reporting to citing the story as an example of cyber hysteria.
However, Kaspersky is not predicting the end of the Internet tomorrow - or even in the near future. The story stems from brief comments made yesterday at a press conference which was dedicated to cybercrime and the problems of spam.
At this press conference, Kaspersky commented that the possibility of terrorists using the Internet as a tool to attack certain countries as a reality. As an example, he cited the fact that a number of Arabic and Hebrew language websites contained an announcement of an 'electronic jihad' against Israel, to start on 26th August 2004.
In an interview today, Kaspersky stressed that such information was not necessarily trustworthy. 'We don't know who is behind these statements.' He went on to clarify: 'It's not the first time the term 'electronic jihad' has been used. We've seen this before, with the focus being on sending racist emails, and defacing and hacking Israeli web sites. But it is the first time I have seen sites encouraging the use of Internet attacks against one country as a form of terrorism.'
'As we've already stated many times in the past, it would be easy enough to use a network of infected computers to launch such an attack. We saw the impact that Sasser, Mydoom and Slammer had, on the Internet, businesses and organisations. Just imagine if such an attack was directed at one country or one critical point in the infrastructure of the Internet. Computers are a tool - and just like any tool, they can be used or misused.'
Kaspersky emphasised that the likelihood of a massive attack directed against Israeli institutions tomorrow is low. However, he believes that Pandora's box has now been opened. Hackers and virus writers can be motivated by a range of factors: money, curiosity, or political
conviction. But whatever their motivation, the insecure nature of the Internet and weak security precautions offer a wealth of opportunities. 'Maybe it won't be tomorrow, or the day after tomorrow - but sooner or later, terrorists will be using the Internet as another weapon in their arsenal.'
Doesn't XP Service Pack 2 finally make its way onto Windows Auto-update tomorrow?
Don't Crease the Weasel!
Don't jump to conclusions too quickly... The chances that somebody, somewhere on the planet is experiencing Internet-related problems on the same day as this was announced is pretty much 100%. It just so happens that you're the guy with the problems. Doesn't necessarily mean anything.
It's what happens if you put your swimsuit in the dryer for too long on high heat.
(S(SKK)(SKK))(S(SKK)(SKK))
At about 12:15pm on the US east coast, it should be "tomorrow" soon in the Eastern continents. I'll keep a watch on the stats and flip the switch if necessary :P
An Indian-American Hindu committed to non-violent thought/speech/action alarmed by the global explosion of radical Islam
If the Internet is your livelyhood, then the threat of being shutdown or defaced (thereby damaging your company's reputation) is very real. While it is not life-threatening, a successful cyber attack could be very distruptive. If, for example, someone was able to shut down a large percentage of the Internet, what effect could that have on the US economy? It would not take long for serious repercussions on a world-wide scale due to loss of productivity.
No, they are not terrorists in threatening people's lives, but if they can prove that they can hit the economy, they accomplish the same goal: to create fear. Remember, one of the goals of 9/11 was not just to kill people but to hurt the US economy. Is this something to be worried about? What kind of wide-spread damage could a "cyber-terrorist" cause on the Internet?
BTW, I realize that this was a mis-quote, but it does bring up interesting questions.
I believe in de-evolution. God made the world perfect, man fell, and its been going downhill ever since!
>one mans terrorist is another mans freedom fighter.
If a fire fighter fights fires, and a crime fighter fights crime, what is a "freedom fighter"?
As Reagan said; one mans terrorist is another mans freedom fighter.
I always mess that one up. I thought he said "one mans terrorist is another mans customer."
"The executive director of Dr.Web antivirus lab, Mikhail Bychinsky, quoted by Lenta.ru web agency said he had not heard of such an attack. "I do not believe in mass internet attacks because the main servers are defended, and Kaspersky Labs has been foretelling doomsday for a long time.""
Sounds like Kaspersky Labs is doing a bit of guerilla marketing on their own. "Subscribe to our pay sites and see when this 'attack' will take place !"
I wonder if a 21st century chicken little would have sold newsletters instead of running around the barnyard.
Hrm... but what about those instances where loss of the internet will increase productivity? For instance, I should be doing work right now...what if there's an interesting balance that happens (no internet hurts some folks, but helps others) such that the net effect is zero? And what's more important - net effect or effect for a given individual?
Now there's a philosophical mind-bender...
"There are a dozen opinions on a matter until you know the truth. Then there is only one." - CS Lewis (paraprhase)
Donald Rumsfeld seems to fit into your progression.
Lost at C:>. Found at C.
When Communism fell and left Capitalism triumphant (apart from China, North Korea, Cuba...) it left a bogeyman vacuum, which didn't matter much as long as everyone was ranting about felacio in the Oral^H^H^H^H Oval Office. But now we're marketing a new Bad Guy (TM) that's just like the rest of us, only doesn't like Authority... convenient.
-- "Quidquid latine dictum sit, altum sonatur."
- Whatever is said in Latin sounds profound.
Why is this a story? Seriously... This is pure BS. You KNOW tomorrow will come and go and nothing will happen.
Might as well report that the Apocalypse is supposed to happen sometime between 7 PM and 12 AM on Friday.
Personally, I hope it does happen. There hasn't really been any interesting attacks since Code Red. I'm always looking forward to what attackers will come up with next.
If they could actually cause a "meltdown", then that would be purely amazing.
We have secretly replaced these Slashdot mods' sense of humor with a rusty nail. Let's see if they notice!!
Since about midnight last night, Earthlink appears to be ahead of this "internet meltdown" curve. Their DSL service has been slow when it's working at all.
What a service provider!
Maybe he is referring to the Windows Update release of XP SP2?
a man, a plan, a canal, panama
Screw the net! I spend all my time on teh intarweb!
My strategy will consist of a different approach:
1) Do absolutely nothing.
2) If anything happens tomorrow pull the plug on the DSL router we use for Internet access.
3) Plug the router back in after a few hours.
4) Repeat step 1.
A story on /. that doesn't require you to RTFA! I think the headline on this site contained almost as much information as the linked stories did.
It is explained clearly by Russ Cooper in this bugtraq post.
With the AK, wouldn't you, technically, be playing a FPS, but with better graphics and sound?
Careful, you're playing hardcore mode.
---
ECHELON is a government program to find words like bomb, jihad, plutonium, assassinate, and anarchy.
The term "terrorist" has been applied just as much as former terms to try and convey a sense of evil and hate from the speaker to the recipient. The words "communist" and "nazi" are older examples, and are pretty much interchangeable unless the listener is actually what I call "informed".
We HAVE to have the term terrorist, we aren't allowed to call everyone who disagrees with us "nazi" anymore.
And if you don't agree, that's because you are a friggin terro-nazi.
I like the Internet Storm Center's comment about this "news". From today's
diary:
"The ISC would like to go out on a limb and predict that the Internet will not vaporize into a cloud of nothingness this Thursday, but if it does, it's been our pleasure to help stave off its inevitable annihilation this long."
---- join dshield.org Distributed Intrusion Detec
"I assume Russians define it pretty much the same way."
Don't be so sure. I took a terrorism class when I was in college, and we spent the first week or two discussing definitions of terrorism. The CIA, FBI, different dictionaries, different experts, different nations, etc., all have significantly different definitions. There are about a dozen definitions that scholarly papers regularly cite, making the word mostly useless when the definition isn't provided.
G
If you lined up all of the economists in the world, you still wouldn't reach a conclusion.
Economists have successfully predicted nine of the last seven recessions.
#!/usr/bin/english
If he's right, it's not like your comments will be modded up anyways.
___
It's the end of my comment as I know it and I feel fine.
A *RUSSIAN* scientist spreading homeland security propaganda for an *AMERICAN* political party. You really put a lot of thought into that assertion, didn't you?
One word: outsourcing.
Given a choice between free speech and free beer, most people will take the beer.
From: news@kaspersky.com [mailto:news@kaspersky.com]
:snipped::
. html for the rest.
Sent: Wednesday, August 25, 2004 10:29 AM
To: news@kaspersky.com
Subject: VirusList.com Virus Alerts & Virus News: 25th August 2004: Who knows what tomorrow will bring?
VirusList.com Virus Alerts & Virus News. Wednesday, August 25, 2004
1. 25th August 2004: Who knows what tomorrow will bring?
2. How to subscribe/unsubscribe
3. Security Rules
****
1. 25th August 2004: Who knows what tomorrow will bring?
A handful of sites are stating that Eugene Kaspersky, founder of Kaspersky Labs, believes that tomorrow will bring a massive terrorist attack on the Internet. This is being quoted in a range of ways, ranging from factual reporting to citing the story as an example of cyber hysteria.
However, Kaspersky is not predicting the end of the Internet tomorrow - or even in the near future. The story stems from brief comments made yesterday at a press conference which was dedicated to cybercrime and the problems of spam.
At this press conference, Kaspersky commented that the possibility of terrorists using the Internet as a tool to attack certain countries was a reality. As an example, he cited the fact that a number of Arabic and Hebrew language websites contained an announcement of an 'electronic jihad' against Israel, to start on 26th August 2004.
In an interview today, Kaspersky stressed that such information was not necessarily trustworthy. 'We don't know who is behind these statements.' He went on to clarify: 'It's not the first time the term 'electronic jihad' has been used. We've seen this before, with the focus being on sending racist emails, and defacing and hacking Israeli web sites. But it is the first time I have seen sites encouraging the use of Internet attacks against one country as a form of terrorism.'
'As we've already stated many times in the past, it would be easy enough to use a network of infected computers to launch such an attack. We saw the impact that Sasser, Mydoom and Slammer had, on the Internet, businesses and organisations. Just imagine if such an attack was directed at one country or one critical point in the infrastructure of the Internet. Computers are a tool - and just like any tool, they can be used or misused.'
Kaspersky emphasised that the likelihood of a massive attack directed against Israeli institutions tomorrow is low. However, he believes that Pandora's box has now been opened. Hackers and virus writers can be motivated by a range of factors: money, curiosity, or political conviction. But whatever their motivation, the insecure nature of the Internet and weak security precautions offer a wealth of opportunities. 'Maybe it won't be tomorrow, or the day after tomorrow - but sooner or later, terrorists will be using the Internet as another weapon in their arsenal.'
See http://archives.neohapsis.com/archives/today/0006
Senior NCO in the fight against entropy. I've seen things, man. Things no one should have to see.....
Multiple MD5 and one SHA0 collisions were confirmed at the Crypto 2004 conference in Santa Barbara. Perhaps more important is that these collisions demonstrated the feasibility of "shortcuts" to produce a collision. At this time, these are belived to be of little practical significance because they are still computationally expensive and affect only collision avoidance. There are two aspects to MD5 and SHA that are important. Collision avoidance is one, the other is preimage resistance (the difficulty creating an input to the function that produces a known output.) However, it is quite possible that these breaks can be expanded into even larger breaks, including preimage cracking.
While not encryption, MD5 and SHA are used in a variety of ways that are important to encryption. For example PGP and GPG use hash algorithms and salt to convert plantext passphrases into pseudo-random encryption keys. So one possible threat is finding that MD5 and SHA are biased enough to make an attack feasible. It does not matter if blowfish uses 128 bit encryption if the function used to generate the key is significantly biased. Big huge "if."
As someone else pointed out, MD5 is used to encrypt passwords in some password files. If someone expands the shortcut to defeat preimage resistance, it might be easier to find a working passphrase from a password file. Again, this is a big "if."
So the one article is blowing things out of proportion. These are not the kind of breaks that would lead to a practical attack yet. The collisions were created using generated plaintexts so it is not likely that someone can slip a trojan into source code in such a way as to produce the same hash string.