O'Reilly Revisits Online Countermeasures

An anonymous reader writes "I just saw that late last night an editor at O'Reilly published a blog that takes a look at 'countermeasures' and 'striking back' technologies a year after a startup in Austin, TX published a white paper on the subject that caused a lot of controversy. It also links to a blog by Symbiot founder William Hurley's entitled: Self Defending Networks, Aggressive Network Self-Defense, and Vigilantes on the net. which IMHO is a damn interesting read (even though I'm personally at odds with people who want to 'strike back')."

Low on actual information

[InternationalCow]

If you read the actual blog, it doesn't really contain any information or opinion or whatever. One of the comments on the blog provides more useful information - for older and more informative papers go here: http://www.oreillynet.com/pub/a/security/2004/08/0 3/symbiot.html and http://www.onlamp.com/pub/a/security/2004/03/10/sy mbiot.html

You know...

[LegendOfLink]

even though I'm personally at odds with people who want to 'strike back'

In the UK, when somebody files a lawsuit and loses, not only do they have to pay for their own court expenses, but also those of the defendant. This isn't the case in the US, which is why we are the most litigious country in the world.

Now, let's look at computing. If we just let the asshole hackers get away with their crime without a fight, they will keep on hitting us hard. But, if we had a mechanism that would "fight back" and destroy a 15 year-old script kiddie's computer that mommy and daddy bought, well, maybe they'd think twice.

Re:what about the counter-counter measures

As Rudyard Kipling put it:

IT IS always a temptation to an armed and agile nation,
To call upon a neighbour and to say:--
"We invaded you last night--we are quite prepared to fight,
Unless you pay us cash to go away."
And that is called asking for Dane-geld,
And the people who ask it explain
That you've only to pay 'em the Dane-geld
And then you'll get rid of the Dane!

It is always a temptation to a rich and lazy nation,
To puff and look important and to say:--
"Though we know we should defeat you, we have not the time to meet you.
We will therefore pay you cash to go away."

And that is called paying the Dane-geld;
But we've proved it again and again,
That if once you have paid him the Dane-geld
You never get rid of the Dane.

It is wrong to put temptation in the path of any nation,
For fear they should succumb and go astray,
So when you are requested to pay up or be molested,
You will find it better policy to says:--

"We never pay any one Dane-geld,
No matter how trifling the cost,
For the end of that game is oppression and shame,
And the nation that plays it is lost!"

Re:What can you do back that's legal?

[ImaLamer]

I would suspect that it is equally illegal to attack back - as well it should be. From both a moral and legal standpoint you have to ask yourself if it is okay anywhere else in society?

Self defense is one thing, but attacking back is another. If someone steals from you, should you steal from them or hurt them? I would say no, and most moral philosophy would also say so too. From a legal standpoint, this is America dammit! Even if I try to take down slashdot.org their return attack has violated my rights to due process. Yeah, I know that it sucks that criminals often seem to get protected more than the victims, but that is the way the system works.

If everyone took the law into their own hands there wouldn't be "the law" anymore - just street justice. Due process exists in order to protect the wrongfully accussed, and millions of zombie PC owners thank you for that. Just think, most attacks are launched from the actual attackers PC or server. How can you even be sure who to attack?

If you are so sure, go to the proper authorities. No need to make all the white hats grey.