40-Gbps DDoS Attacks Worry Even Tier-1 ISPs

← Back to Stories (view on slashdot.org)

40-Gbps DDoS Attacks Worry Even Tier-1 ISPs

Posted by kdawson on Tuesday November 11, 2008 @07:16AM from the isotropic-tsunami dept.

sturgeon and other readers let us know that Arbor Networks has released their annual survey of tier-1 / tier-2 ISP security engineers. This year they got responses from 70 lead engineers. While DDoS attacks are reaching new heights of backbone-crushing traffic — 40 Gbps was seen this past year — the insiders are also worried about emerging threats to DNS and BGP. The summary notes that "Most believe that the DNS cache poisoning flaw disclosed earlier this year was poorly handled and increased the danger of the threat," but doesn't spell out what a better way of handling it might have been. All in all, the ISPs sound a bit pessimistic — one says "fewer resources, less management support, and increased workload." You can request the full PDF report here, but it will cost you contact information. In related news, an anonymous reader passes along a survey by Secure Computing of 199 international security experts and other "industry insiders" from utilities, oil and gas, financial services, government, telecommunications, transportation and other critical infrastructure industries. They are worried too.

146 comments

let it collapse by nurb432 · 2008-11-11 07:17 · Score: 3, Insightful

Then perhaps we will fix some of the fundamental problems.

--
---- Booth was a patriot ----
1. Re:let it collapse by Anonymous Coward · 2008-11-11 07:18 · Score: 4, Funny
  
  nah we will just pay 700 billion to prop it up for a few months and let the next guy deal with it.
2. Re:let it collapse by Zarim · 2008-11-11 07:21 · Score: 1
  
  They could even start spending some of that money the government keeps giving them to upgrade their infrastructure.
3. Re:let it collapse by Spazztastic · 2008-11-11 07:25 · Score: 2, Informative
  
  nah we will just pay 700 billion to prop it up for a few months and let the next guy deal with it.
  I think realistically 700 billion could fix the internet in the entire US. It would make up for the 200 billion we lost a few years ago.* Not only that we could use it to help our friends to the north.
  
  * Article, first one I found about it.
  
  --
  Posts not to be taken literally. Almost everything is sarcasm.
4. Re:let it collapse by 0100010001010011 · 2008-11-11 07:58 · Score: 4, Insightful
  
  The 700 billion would have been better spent setting up a Depression Era work force. After the bridge collapse in MN we've been hearing report after report about how the current infrastructure is falling apart around us. The electrical grid is rigged together worse than some college students' cars.
  Suspend unemployment. (Anyone willing and able to work but cannot find a job). Start putting everyone to work doing something. Bus them to and from a work site up to X miles from your home.[0] Every major bridge that isn't going to make it gets the full 24/7 treatment. When one bridge is done. You move onto the next one. Everything trickles down. Every one of those workers is going to need food, haircuts, a trailer to live in (while at work). Trucking industry would pick back up doing loads of construction supplies. Domestic construction equipment manufacturers would need to up production Only other domestic MADE, no other equipment (Cat, Deere, etc). Build the roads to European standards (Autobahn and such).
  Give the electric companies 2 choices: Fix your own damn shit with your profits or we fix it and lease it back to you or nationalize you.
  Sure there are people that are going to bitch because they're used to their handout. But handouts aren't going to help anyone. Make everyone work.
  It's not perfect but it's a hell of a lot better than handing it over to a bunch of people who managed to already lose $700b.
  [0].M-F you live in work housing or you work 4 - 10s or 7 on 7 off.
5. Re:let it collapse by cdrguru · 2008-11-11 08:15 · Score: 1, Insightful
  
  Back in the 1930's when construction was done by strong backs and no skills, that would have worked. And it did. Today, bridges are built by specialists with training. You want to drive on a bridge that was welded with by someone that never used one before? No? Neither does anyone else. The age of unskilled strong backs has ended. And we are discovering just how that relates to the "knowledge economy" now.
  Face it, if everyone goes to college to learn how to be a "knowledge worker", who exactly will be working skilled construction jobs? Short answer is, nobody. And the harder getting a college education is pushed, the less chance we have of digging out of this hole.
  Domestic construction equipement? Ha. Most of those products are made overseas now even through they have American manufacturer labels on them. It is cheaper to build a bulldozer in China and ship it to the US than to pay union scale wages plus deal with OSHA and environmental regulations. Unless we remove the US from WTO, we are stuck with making everything elsewhere - tariffs aren't legal anymore you understand. And any open-bid process would have to question why the government should spend 2x the money for "domestic made" equipment. Survival of the nation? Na, not a good enough reason.
  Sure, I would like to see work camps replace welfare. If you are able-bodied you get nothing unless you are in a work camp doing something. Picking up trash, if nothing else. Cleaning up environmentally sensitive areas. Helping to build shelters for the homeless, whether they want them or not. But I think you would hear cries of "slavery" so much that the idea has no chance.
6. Re:let it collapse by Vancorps · 2008-11-11 08:16 · Score: 3, Informative
  
  I do wonder how effective that would be, my grandfather with in the CCC and was involved in building the Hoover dam.
  Did this actually help with the depression?
  Also they lost more than $700b, that was just the amount they needed to stay solvent. Alan Greenspan's reaction was priceless saying that he'd expected banks to take reasonable risks and not commit suicide. It was in their own interests to self-regulate but surprise surprise, greed won out.
7. Re:let it collapse by MasterOfMagic · 2008-11-11 08:16 · Score: 0, Flamebait
  
  You assume the people in Congress care about the Joe the Plumbers of the world with no money and no job instead of the wealthy Wall Street contributors. Who's going to make sure that filthy lucre flows into the machine coffers and the re-election funds? Certainly not Joe who has no job, no healthcare, and no future. So take the tribute that your citizens pay you in income taxes and give it to your Wall Street friends who, like all good money launderers, will take some off the top and return the rest in kickbacks, fact-finding mission funds, and contributions to political campaigns. All-American graft at its finest.
8. Re:let it collapse by Hatta · 2008-11-11 08:21 · Score: 2
  
  Sure, I would like to see work camps replace welfare. If you are able-bodied you get nothing unless you are in a work camp doing something.
  Why does it have to be a camp? Mandatory labor in exchange for benefits is a good idea, but relocating 6-10% of the US population into camps is just crazy.
  
  --
  Give me Classic Slashdot or give me death!
9. Re:let it collapse by Anonymous Coward · 2008-11-11 08:27 · Score: 0
  
  yeah, anyone with that signature line should have all of his posts marked as troll.
10. Re:let it collapse by 0100010001010011 · 2008-11-11 08:37 · Score: 5, Interesting
  
  100% Absolute Bull Shit. Name 1 manufacturer that does this.
  I work for Caterpillar. (You know, Construction Equipment). I've been on the factory tours. I've SEEN a Bulldozer come together from front to end. I can't speak for every component and I'm sure that some parts come from China or elsewhere. But a chunk of the product is made right here built by American Workers. I've seen the robots cutting the plate steel out and people welding it together
  Bulldozers/Pipe Layers (Track Type Tractors) are built in East Peoria, IL.
  Large Mining Trucks, Motor Graders are built in Decatur, IL.
  Hydraulic Excavators and Large Wheel Loaders are built in Aurora, IL.
  Skid steers, Backhoes are in South Carolina. (At will factory).
  Engines are built in Lafayette, IN, Mossville, IL and Greenville, SC. (Only Mossville is Union).
  Paving equipment is in MN.
  Underground mining equipment is in Australia.
  And there are factories all around the world, Belguim, France, England, India, etc. (Ever figure the shipping on a multi-ton vehicle)
  John Deere is in Moline, IA.
  Go on a road trip sometime. Name a Chinese Manufacturer. Kumatsu and Mitsubishi and Japanese. JCB is British, Samsung is Korean. There are no (yet) big manufactures in China.
  Construction equipment is a tool. And just like with hand tools you can go to Harbor Freight or you can go to Snap-On. For some people Harbor Freight is fine. But if you run something 24/7, 365 and every hour costs you thousands of downtime. You don't go cheap.
  I know this is slashdot, but try not to talk out of your ass so much.
11. Re:let it collapse by Anonymous Coward · 2008-11-11 08:42 · Score: 0
  
  Alan Greenspan's reaction was priceless saying that he'd expected banks to take reasonable risks and not commit suicide. It was in their own interests to self-regulate but surprise surprise, greed won out.
  The economic crisis of 2008 was kicked off by 1 of 5 companies that, in 2004, the SEC exempted from the industry-wide standard lending ratio of 12:1.
  Lehman Brothers - FAIL - bankruptcy and liquidation
  Goldman Sachs - now a bank holding company
  Morgan Stanley- now a bank holding company
  Merrill Lynch - Sold Bank of America
  Bear Stearns - Sold JP Morgan Chase
  AIG joined the clusterfuck because it was insuring European banks which, like the 5 previously mentioned American institutions, were highly leveraged.
  I guess you could blame all this on their inability to self-regulate, but their governments did tell them "go ahead"
12. Re:let it collapse by Deadplant · 2008-11-11 08:42 · Score: 1
  
  We could get all those welfare recipients filling sand bags and use the sand bags hold back the DDOS packet floods.
  Better yet we could send this army of untrained workers into peoples homes to clean the trojans from their windows boxen.
  I think we can all agree that the final solution will of course be to use them for food. Soylent green!
13. Re:let it collapse by prezkennedy.org · 2008-11-11 08:47 · Score: 3, Interesting
  
  You seriously think the Mexicans who built your house went to college for it?
  For that matter, you more than likely have been driving on bridges built by unskilled labor back in the 30's. They haven't collapsed on you yet it seems. And I guess the ole' Hoover dam is still there. Oh, and the Empire State Building, Pentagon, and hey, even the White House. Uh oh...
  People are incompetent and lazy, but damn, you make them sound like they're all downright idiotic and unwilling to lift so much as a finger to save themselves.
  If times get tough enough, even you might be willing to put down your mouse and pick up a shovel.
  
  --
  It started back in Team Fortress Classic
14. Re:let it collapse by srussia · 2008-11-11 08:50 · Score: 2
  
  But I think you would hear cries of "slavery" so much that the idea has no chance.
  Just call it "Universal Voluntary Public Service" then.
  
  --
  Set your phasers on "funky"!
15. Re:let it collapse by Gilmoure · 2008-11-11 08:52 · Score: 1
  
  Get rid of people and just let pets run the world?
  
  --
  I drank what? -- Socrates
16. Re:let it collapse by joeytmann · 2008-11-11 08:53 · Score: 1
  
  Not all of them were unskilled workers. Probably a very minimal amount of guys were skilled. Lots of those guys had no clue how to weld or what not and were trained by the skilled workers. Guys that had could be trained as welders became welders, guys that could be trained to drive trucks, became truck drivers....etc. The same could be applied here. The guys willing to do more hazardous(high steel work/working with explosives) work got better pay. The guys doing inspections and the engineers(structural and design) are the ones that make sure a bridge/damn/road are safe, and obviously require a formal education before doing that job. Take a look at the Brooklyn Bridge/Hoover Damn projects. Built by thousands of workers, run efficiently by a small group of skilled supervisors/inspectors/managers/engineers. The same thing can be done again....people that are out of work but want a "great" job just need to come to the realization that they just need a job.
  
  --
  Insert funny smart-ass comment here.
17. Re:let it collapse by Red+Flayer · 2008-11-11 08:53 · Score: 5, Insightful
  
  Alan Greenspan's reaction was priceless saying that he'd expected banks to take reasonable risks and not commit suicide. It was in their own interests to self-regulate but surprise surprise, greed won out.
  
  Just to be clear...
  
  First, Greenspan expected banks to make choices in their own self-interest... but instead bank executives made decisions that were in their own self interests. He forgot that corporations are not actual decision-makers, individuals are, and individuals tend to make the choices that are best for them, not the choices that are best for their company.
  
  Second, given the expectation of government bailout, it was no longer in the banks' self-interest to self-regulate, since they got to externalize the risk of bad investments. It's been known for years among financial circles that any bank failures big enough to potentially unhinge the economy would be prevented by government bailout. This information influenced lending decisions.
  
  The simple fact of the matter is that top-level decision-makers at these financial institutions made decisions to maximize their bonuses, and those of their friends. Since the bonuses were not tied to long-term health of the company, the choices made were not optimized for long-term health of the company (or the economy as a whole). Any guilt over the negative repercussions was assuaged by the knowledge that the taxpayer would step in and bail them out.
  
  Really, it was an investor's dream -- privatize the profits, socialize the risks.
  
  --
  "Trolls they were, but filled with the evil will of their master: a fell race..." -- J.R.R. Tolkien on Olog-hai
18. Re:let it collapse by agrounds · 2008-11-11 08:54 · Score: 4, Informative
  
  Give the electric companies 2 choices: Fix your own damn shit with your profits or we fix it and lease it back to you or nationalize you.
  Sure there are people that are going to bitch because they're used to their handout. But handouts aren't going to help anyone. Make everyone work.
  It's not perfect but it's a hell of a lot better than handing it over to a bunch of people who managed to already lose $700b.
  [0].M-F you live in work housing or you work 4 - 10s or 7 on 7 off.
  I hate to ruin your rant with what we call "facts", but the grid in the United States is not owned by private companies that you can just boss around from your ivory tower of uninformed tripe. It is an amalgamation of state-run and multi-state entities called ISOs (Independent System Operators) that both contract and coordinate with the transmission agencies in concert with privately-owned and state-owned generation assets to produce consistent and reliable power. A grid, in the strictest sense of the word, is a series of transmission lines, owned by multiple companies, that are interlinked and under the complete autonomy of the ISO. Nothing happens without the permission and direction of the ISO or FERC (and NERC as its enforcement arm). The grid is aging, but since the ultimate authority to direct replacement lies with both federal, state, and multi-state agencies, who precisely in your little world bears the fiscal burden?
  May I suggest for your education:
  http://www.ferc.gov/
  http://www.nerc.com/
  And for ISOs:
  http://www.ercot.com/
  http://www.caiso.com/
  http://www.nyiso.com/public/index.jsp
  http://www.pjm.com/index.jsp
  http://www.midwestiso.org/home
  Find the one that serves your area, and berate them with your uninformed bile since you obviously understand all of this better than anyone else.
  Or do you?
19. Re:let it collapse by negRo_slim · 2008-11-11 09:23 · Score: 1
  
  Mandatory labor in exchange for benefits is a good idea
  Is it? You'd end up with many people who would come to rely on that 'job' and what do you do when you run out of tasks, knowing the government, an already inefficient method of using workers would become a giant money sink as they try and find more tasks and labor. And how would this prepare someone for any career other than the modern equivalent of ditch digging? What of professionals? Are they expected to devote their time and energy to work in exchange for food and or money?
  
  --
  On the Oregon Cost born and raised, On the beach is where I spent most of my days
20. Re:let it collapse by Jewfro_Macabbi · 2008-11-11 09:26 · Score: 1
  
  What welfare do you speak of? You realize the only people eligible for "welfare" TANF checks are single mothers, and then eligibility is limited to x number of months for life. It might be a bit difficult to run a work camp full of crying babies, but if you want... We also have a federal food stamp program, any citizen without income is eligible. Upon enrollment in the program you are required to either provide a doctors letter stating you are unable to work or participate in job placement programs.
21. Re:let it collapse by 0100010001010011 · 2008-11-11 09:29 · Score: 1
  
  he grid is aging, but since the ultimate authority to direct replacement lies with both federal, state, and multi-state agencies, who precisely in your little world bears the fiscal burden?
  The same people that would for the $700b bailout. I didn't say I *wanted* to pay for it. I just said I thought it would be a better option than throwing money at AIG.
  And building a new damn probably requires the input from dozens of state, local and federal regulators and bodies, but somehow the Hoover Dam got built.
22. Re:let it collapse by agrounds · 2008-11-11 09:33 · Score: 2, Funny
  
  I didn't say I *wanted* to pay for it. I just said I thought it would be a better option than throwing money at AIG.
  To be fair, using it to line the litterbox at my house is a better option than AIG.
23. Re:let it collapse by DrugCheese · 2008-11-11 09:34 · Score: 3, Informative
  
  John Deere is in Moline, IA.
  Moline, IL
  across the river from IA
  
  --
  *DrugCheese rants*
24. Re:let it collapse by Hatta · 2008-11-11 09:39 · Score: 2, Insightful
  
  First, Greenspan expected banks to make choices in their own self-interest... but instead bank executives made decisions that were in their own self interests. He forgot that corporations are not actual decision-makers, individuals are, and individuals tend to make the choices that are best for them, not the choices that are best for their company.
  All the more reason to eliminate corporations as an entity in the eyes of the law.
  
  --
  Give me Classic Slashdot or give me death!
25. Re:let it collapse by Fulcrum+of+Evil · 2008-11-11 09:53 · Score: 1
  
  You seriously think the Mexicans who built your house went to college for it?
  You think they build 4 lane bridges in the off season?
  
  --
  "We returned the General to El Salvador, or maybe Guatemala, it's difficult to tell from 10,000 feet"
26. Re:let it collapse by afidel · 2008-11-11 10:10 · Score: 1
  
  Uh, most of those bridges welded by unskilled laborers with way less tech than is available today are still standing, in fact that's kind of the problem! We haven't really replaced those public works project era bridges despite the fact that they were past their expected lifetimes a generation ago.
  
  --
  There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
27. Re:let it collapse by Anonymous Coward · 2008-11-11 10:10 · Score: 0
  
  All the more reason to eliminate corporate officers as entities in the eyes of the law.
  There, fixed that for you. ;)
28. Re:let it collapse by afidel · 2008-11-11 10:18 · Score: 1
  
  So what you're saying is Greenspan made the same mistake Marx did and forgot that the one immutable fact when dealing with humans is that they are greedy? Yep, that sounds about right for a theoretical economist =)
  
  --
  There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
29. Re:let it collapse by Bryansix · 2008-11-11 10:21 · Score: 0, Flamebait
  
  You know the part about the Electric Company is funny and ignorant. In California they "Deregulated" the industry. But they didn't really deregulate it because their plan failed and they shot themselves in the foot. By "they" I mean the Grey Davis government. So Southern California Edison has been trying for a long time to upgrade the high voltage lines that lead out of state to other power suppliers. The problem is they have to get on their knees and ask pretty please to the California Public Utility Commission for a 1% increase in power rates and then they get denied. So where are they supposed to get the money if they can't raise it through rates? Oh, and they barely make a profit now and they were losing money before because of Gay Davis (no I didn't misspell that).
30. Re:let it collapse by cheater512 · 2008-11-11 10:32 · Score: 1
  
  Wouldnt you need more skilled labour than unskilled labour for bridges, power, water and similar things?
31. Re:let it collapse by nwf · 2008-11-11 10:39 · Score: 1
  
  I think you'll find that most of the really old bridges were riveted, not welded. Riveting isn't nearly as hard as welding 2 inch thick steel.
  
  --
  I don't know, but it works for me.
32. Re:let it collapse by nwf · 2008-11-11 10:43 · Score: 1
  
  So what you're saying is Greenspan made the same mistake Marx did and forgot that the one immutable fact when dealing with humans is that they are greedy?
  
  Not to mention lazy, selfish and not in possession of the perfect knowledge economists so often like to claim the markets operate with. Fact is, only a few have the knowledge and they use it to get rich, i.e. business leaders and Wall Street bankers. They knew they were in trouble, but voted themselves huge bonuses because they had the knowledge others didn't: the good times were about to end.
  
  --
  I don't know, but it works for me.
33. Re:let it collapse by khardiss · 2008-11-11 10:43 · Score: 1
  
  John Deere has plants all over the place. I worked for a while for them in Waterloo, IA.
34. Re:let it collapse by glrotate · 2008-11-11 11:03 · Score: 0
  
  Talk about a non sequitur.
35. Re:let it collapse by Anonymous Coward · 2008-11-11 11:22 · Score: 0, Redundant
  
  Go on a road trip sometime. Name a Chinese Manufacturer. Kumatsu and Mitsubishi and Japanese. JCB is British, Samsung is Korean. There are no (yet) big manufactures in China.
  Caterpillar, for one. They're very heavily invested in China. They recently finished acquiring Shandong SEM, a major Chinese heavy equipment manufacturer, primarily, as I understand it, to use their facilities to produce Caterpillar machines. As I understand it, you can't go to a Chinese mine without tripping over something with Caterpillar stamped on it.
36. Re:let it collapse by Mister+Whirly · 2008-11-11 11:36 · Score: 4, Insightful
  
  So when a small business employee gets into a car wreck on the job and accidentally kills somebody, the victim's family should be able to take not only all business assets, but the house and all personal assets of the owner?? Yeah, I can't see where that would cause any problems...
  
  --
  "But this one goes to 11!"
37. Re:let it collapse by afidel · 2008-11-11 11:38 · Score: 2, Interesting
  
  OK, so we rivet the new bridges. I still fail to see why we can't do what our great grandparents did with significantly lower levels of technology.
  
  --
  There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
38. Re:let it collapse by 0100010001010011 · 2008-11-11 11:41 · Score: 2, Insightful
  
  Which is quite a bit different than us buying everything from China and restamping it over here. For some things (Cat Machines for example) it's cheaper to make it where it's going to be used.
  And as far as "Big Chinese Manufactures" I meant like Shandong SEM. Now if everything in the US has a "Shandong SEM" and was repainted yellow and put out to use then the post I was replying to might have a bit of a point.
39. Re:let it collapse by insllvn · 2008-11-11 12:23 · Score: 2, Interesting
  
  Perhaps this is a stupid question, but could we go back to riveting? The bridges have held, and if it is cheaper/easier/more practical... well, it goes against my geeky instincts to say it, but not every endeavor needs the latest tech, so long as what is used is safe and workable.
40. Re:let it collapse by Melibeus · 2008-11-11 12:39 · Score: 1
  
  Give the electric companies 2 choices: Fix your own damn shit with your profits or we fix it and lease it back to you or nationalize you.
  That's three choices...
41. Re:let it collapse by hairyfeet · 2008-11-11 14:41 · Score: 4, Interesting
  
  I agree. They just scraped an old WPA bridge near my home,not because it was unsafe,but because it was built in the time of single lane back roads and with all the trucks they needed a two lane bridge. That thing was built like a tank and had needed almost no maintenance in the nearly 80 years it stood. Most of the bridges here in AR,along with a lot of the electric and water lines were originally WPA,and really changed folks lives for the better in these rural states.
  So why not a WPA now to not only fix the crumbling roads,but to build us a new national broadband infrastructure for future generations? We could cut the ranks of the unemployed and lay fiber throughout the country,from the most urban to the most rural. And since it would be owned by We,The People we could lease it out to the telecos and have us some actual free market competition for a change. Wouldn't that be nice? Oh,BTW,it isn't 700 billion,that was just smoke up your butt. The actual number so far is 2 trillion! and they refuse to even tell us where the money went. You know,OUR money,that our great great grandkids will be paying for? You just have to love the brilliance of putting Wall Street insiders in charge of bailing out Wall Street.
  
  --
  ACs don't waste your time replying, your posts are never seen by me.
42. Re:let it collapse by Neoprofin · 2008-11-11 15:53 · Score: 1
  
  How are any of you objections any worse than the current system of giving people money for nothing?
  
  Welfare and unemployment cost money, produce nothing tangible, and in most cases do nothing to prepare workers for anything they weren't prepared for beforehand.
43. Re:let it collapse by Neoprofin · 2008-11-11 16:07 · Score: 1
  
  Maybe maybe not.
  
  The Manhattan Project employed hundreds of thousands of people, brought in to work on short notice for less than two years when most of the skilled labor was probably already invested in the war effort.
  
  If they can build machines to separate Uranium isotopes I bet they can handle a powerplant under enough supervision. I bet they could rebuild the destroyed sections of New Orleans while they were at it too.
44. Re:let it collapse by Kent+Recal · 2008-11-11 17:47 · Score: 3, Insightful
  
  No matter what you call it, it's still a problematic idea as countries that already follow that model can attest.
  In germany, for example, you can go roughly 2 years on welfare (if you have been in a job for at least 2 years before) before they start sticking you into "1 EUR jobs".
  An 1 EUR job, as the name tells, pays 1 EUR per hour. And you have to take whatever job they give you.
  The idea is that people who are forced to work for low wage will quickly become very interested in finding a *real* job (why work your ass off for 1 EUR when can you make more for the same work in a real job?).
  The problems are manyfold:
  1. Many people are simply underqualified and won't find a job no matter how hard they try. The 1-EUR-model basically turns into slave labor for them.
  2. Many people *are* reasonably qualified but still don't find a job in their profession.
  3. 1-EUR jobs now seriously compete with normal low-wage jobs such as cleaning, callcenters etc. Why should a company pay minimum wage when it can request workers for almost free from the government?
  4. At least in germany this has opened the gates for a lot of shady companies (really borderline slave-labor there) that abuse the system in various "funny" ways, squeezing the last bit of profit out of them poor souls at the bottom of the food chain.
  IMHO we have a totally unsolved problem here that nobody has dared tackling so far. The demand for low-skilled workers is declining to critical levels in the western world (because of automation and because outsourcing is cheaper for the rest) and high-skill work can never nearly cover the whole population.
  It has become a fact of life that any larger western country simply can not offer productive work to a significant part of the population. No matter how you spin it, we'll continue to subsidize these people in one way or another - unless we decide to let them die. Now while it is a legitimate desire to "want something back" from them for their subvention money I don't think *forcing* them can be the way to go.
  It's not their fault that the society doesn't need them and I find it highly problematic to force someone to "work on a bridge" (completely outside their learned profession) for minimum wage while somebody else, possibly with similar qualifications but a better family name, makes millions on wall-street.
  The current system kinda works (and has suppressed any tendencies towards civial war so far) because of the elevator effect. Once you start forcing people into minimum wage jobs on a large scale scale without offering any alternatives or escape routes you'll soon get just that: a revolution.
45. Re:let it collapse by Anonymous Coward · 2008-11-11 17:51 · Score: 0
  
  So they're manufacturing in China, for Chinese customers. Sweet.
  What's your point?
46. Re:let it collapse by mcrbids · 2008-11-11 19:13 · Score: 3, Insightful
  
  Did this actually help with the depression?
  Yes, but not right away. There's a very strict limit to how much "economy" the government can directly fund.
  But the bridges and roads built during the 30's depression are the infrastructure that the automotive boom of the 1950's was based upon. Much more was built in the 1950s and 1960s, along with an extensive power grid, telephone system, and power plants, nuclear and otherwise. Many of these freeways, highways, power lines, and power plants remain today, gridlocked or overloaded, essentially the same as they were in 1965. For 40 years, we've been milking the massive infrastructure built during an era of the United States when we were boldly looking forward.
  If we don't start looking forward again soon, our aging infrastructure will continue to crumble and groan under the burden of our much larger population. We blow 700 billion bailing out a bunch of white guys who were caught feeding at the trough of the public good, while other nations spend a similar amount remaking themselves into super powers.
  Tisk tisk. We should be spending 700 billion on rebuilding bridges, roads, power lines, and green energy. We could be energy independent in just 10 years if we pushed it, and the cost of doing so would create a strong economic and political power base for the United States for generations to come.
  Every day we don't, we squander the strength our fathers left for us. We should return the favor for our progeny.
  
  --
  I have no problem with your religion until you decide it's reason to deprive others of the truth.
47. Re:let it collapse by Clanked · 2008-11-11 19:41 · Score: 1
  
  Wouldn't something such as the federal minimum wage help alleviate some of these problems? Then these companies that already pay their workers the minimum have to choose between hiring their own, and having a government supply. Personally I would hire people myself as I imagine firing a person that the government hands to you as labor would be quite tough.
  This however brings up another problem. What happens when your company gets handed someone who won't work. Someone who just shows up and collects a paycheck. A lot of people on unemployment are these type of people. They will apply to random jobs which they know they cannot get, just so they can check the box saying they are looking for a job. I imagine they will do the same when they get to their Govt. handed job.
48. Re:let it collapse by Kent+Recal · 2008-11-11 21:08 · Score: 4, Interesting
  
  We have exactly this discussion here in germany right now.
  Germany is one of the last countries in europe that doesn't have a minimum wage and the slave labor lobby is trying hard to keep it that way.
  I agree that a minimum wage should alleviate a large part of the immediate problem. But the bigger problem remains unchanged: We have more people than we have jobs.
  The government can (and does) create artificial jobs by making people clean up parks or even repair bridges that would otherwise not be repaired - but that will always be a losing game. If these jobs would provide enough value to justify the cost then they'd already exist as regular jobs and there was no need to create them. Such "created" jobs are really just subventions in disguise and a tool to keep people busy so they don't start thinking.
  The question is: For how much longer can the (steadily shrinking) productive portion of the population drag the (rapidly growing) non-productive part of the population along?
  It doesn't matter much whether a non-productive worker is collecting welfare or is kept busy in a pseudo-job. The cost to society is almost the same.
  I think therein lies the real crux that we're facing these days. Maybe the new messiah (err, obama) will finally at least acknowledge the problem so we can start looking for solutions.
49. Re:let it collapse by Anonymous Coward · 2008-11-11 21:29 · Score: 0
  
  "remove from the WTO": couldn't wait to lay my hands on all those juicy USA patents, trademarks and copyrights.
50. Re:let it collapse by Bert64 · 2008-11-11 22:39 · Score: 1
  
  And prisons are even more expensive than the unemployed...
  Make prisoners do hard labor, and other jobs that noone else wants to do...
  Make the unemployed work on less unpleasant tasks if they want to receive their benefits, that way the costs stay roughly the same but you can get some things done that would be economically infeasible otherwise due to labor costs.
  Also don't bother with fancy expensive tools, if the job takes longer then so be it.
  They could do things like cleaning public areas of litter and graffiti, cleaning up wasteland and planting trees, sorting out recyclable materials from general rubbish...
  None of these things require any special training, and most don't get done at all normally because the labor costs outweigh the benefits. In this case the labor costs are virtually nothing.
  Alongside the labor you could provide training, say 3 days labor 2 days training for better paid jobs.
  This would discourage many people from claiming unemployment, as it would no longer be an easy option... And it would bring many benefits to the community as a whole.
  
  --
  http://spamdecoy.net - free throwaway anonymous email - avoid spam!
51. Re:let it collapse by Bert64 · 2008-11-11 23:04 · Score: 1
  
  The same as if he gets into a car wreck while driving his own personal car...
  A company cannot force you to do anything illegal, if they tell you to drive in an unsafe manner then you are legally required to refuse and potentially report them for making such an illegal request.
  If on the other hand you chose to drive in an unsafe manner, then you are now breaking the law and if you cause an accident as a result should be duly punished.
  But what the poster was talking about, was making those in charge of making decisions on behalf of a company responsible for them... If a company breaks the law, then take the people in charge to court, if they were found to have ordered the illegal activity, or been aware of it and not put a stop to it, then punish them as if they had committed the act personally.
  At the moment, all you can do is fine companies for breaking the law, so that company then just works out if the cost of the fine outweighs the profit made from operating illegally...
  Look at the case between Microsoft and the EU, it's more profitable to pay the fines than comply with the ruling.
  Similarly, it used to be illegal for many shops to be open on sundays in the UK, however the fines were small enough to be insignificant to many of the larger stores, who simply paid them and opened on sunday anyway.
  Also, corporations being punished for illegal activity should be treated in the same way as individuals... No spending months negotiating, one or more judges simply decide on a punishment and hands it down.
  
  --
  http://spamdecoy.net - free throwaway anonymous email - avoid spam!
52. Re:let it collapse by xouumalperxe · 2008-11-11 23:07 · Score: 1
  
  No, that's two choices for "them", leaving "us" with two choices if they pick the wrong one.
53. Re:let it collapse by icebrain · 2008-11-12 00:01 · Score: 1
  
  How about "here is your base pay; if you don't have anywhere to live we will supply your choice of barracks/dorm/apartment housing to you for a reasonable direct paycheck deduction"?
  Other ideas:
  For every X days worked, Y days of job training.
  Free after-hours education up to GED level for those in the program.
  I fullly agree with the sentiments expressed in this sub-thread. Unskilled labor can't do everything, but there's a lot they can do to help fix the infrastructure.
  
  --
  The meek may inherit the earth, but the strong shall take the stars.
54. Re:let it collapse by Ideally+Nowhere · 2008-11-12 00:58 · Score: 1
  
  The demand for low-skilled workers is declining to critical levels in the western world (because of automation and because outsourcing is cheaper for the rest) and high-skill work can never nearly cover the whole population.
  
  In virtually every state you see migrant workers working HARD for 5+ an hour for menial tasks like food delivery, cleaning, field labor, etc. And high-skill work? The number of resident students in the sciences & engineering are ridiculously low and there are still shortages in the medical field. There is demand, but there's little financial advantage to hiring and retaining a citizen/legal resident workforce unless the playing field is leveled. This may mean tariffs for imports, tax hikes for outsourcing, etc. None of which will happen.
55. Re:let it collapse by Hatta · 2008-11-12 01:52 · Score: 1
  
  No, the employee should be responsible for his own actions.
  
  --
  Give me Classic Slashdot or give me death!
56. Re:let it collapse by swarsron · 2008-11-12 02:03 · Score: 1
  
  i agree with you. I've said for a long time that we won't get back to full employment. A few years ago there was a public outcry in germany when we crossed the 3 million mark for unemployed people. People predicted the downfall of germany. Last month IIRC we got slightly below 3 million again and the press and politicians were enthusiastic. No one remembers the time this mark was seen as a catastrophe.
  
  This shows how the expectations have changed. But people still believe it's a reasonable goal to work towards full employment.
  With growing automation and a workforce split between highly qualified experts and a growing pool of people who are just not able to qualify for the jobs needed today this will not happen.
  
  There is much potential there to use education to get more people to qualify for high-tech jobs but the important question is what to do with the people with an iq of 90 and below? Currently you can get those people a job as a cashier - rfid will take care of that. Some kind of work in a factory, in the agricultural sector - how long until we're able to build machines who can do the work faster, without sick time, 24x7?
  
  1 euro jobs aren't the solution. I think the way to go is something called the Buergergeld here. It's an idea that every german citizen gets something like 600 euros each month and has to pay 50% tax on every euro he earns. You can opt out and pay 25% tax instead. Every other kind of social welfare is removed including all the bureaucracy around it.
  
  Unemployment will be the norm for some part of the people. We have to create systems which can deal with it to keep social peace.
57. Re:let it collapse by Windows_NT · 2008-11-12 02:20 · Score: 1
  
  If times get tough enough, even you might be willing to put down your mouse and pick up a shovel.
  I have built houses, drove piling for harbors, and built wall sections (wood based), landscaping, etc ... And it sucks to sit in a office when its 90 degress out, when i could be breaking a sweat on a roof top stapling shingles. Granted that Computers are my forte, and make the most money, if i didnt have this job, Id be dregging harbors 14 hours a day, and would be loving it
  
  --
  Go go Gadget Nailgun!
58. Re:let it collapse by Anonymous Coward · 2008-11-12 04:18 · Score: 0
  
  sounds like fucking communism, no thanks pinko
59. Re:let it collapse by Conficio · 2008-11-12 12:34 · Score: 1
  
  Who did vote this "Insightful?"
  In the Third Reich this was called "Arbeitsdienst." A rather dark chapter of history. May be better we pay people to read their history books for a few hours a week.
  
  --
  Busy helping non technical users of OpenOffice.org - http://plan-b-for-openoffice.org/
60. Re:let it collapse by Conficio · 2008-11-12 12:45 · Score: 1
  
  To the best of my knowledge in Germany, you receive "Unemployment Insurance" for up to two years and it is really a separate pot from the tax collections. (Although the Government has put other administrative tasks on the back of this Insurance and does pay for its delivery).
  Contrast that to the US, where congress collects unemployment taxes from businesses and rates go up if the business lays off people more frequently. The congress also regularly decides to pay unemployment benefits for longer periods, when the economy goes south and unemployment rises. Sometimes they enact it only for industries that are especially hard hit (like the IT industry after the 2000 bubble burst).
  Welfare, I believer, you get indefinitely in Germany.
  
  --
  Busy helping non technical users of OpenOffice.org - http://plan-b-for-openoffice.org/
61. Re:let it collapse by Kent+Recal · 2008-11-12 16:51 · Score: 1
  
  Yes, you are right. I mis-translated the terms. Ofcourse the first 2 years is "unemployent insurance", then comes wellfare - which is cut down hard or even frozen when you refuse to take an 1 EUR job.
62. Re:let it collapse by Anonymous Coward · 2008-11-14 15:55 · Score: 0
  
  May be better we pay people to read their history books for a few hours a week
  They think they do; it's called "The Bible", and they can quote quite a lot of it to you verbatim.
Welcome to the recession. by mbone · 2008-11-11 07:20 · Score: 2, Interesting

...one says fewer resources, less management support, and increased workload.
Welcome to the recession. Please enjoy your stay.
1. Re:Welcome to the recession. by joocemann · 2008-11-11 07:45 · Score: 1
  
  you got quotation marks, but no point. please elaborate.
2. Re:Welcome to the recession. by Culture20 · 2008-11-11 07:55 · Score: 4, Funny
  
  Except the economy is fake and "they" pull this recession bullshit every ten years or so.
  you got quotation marks, but no point. please elaborate.
  Obviously the Anti-Illuminati. You'd think "they" meant Illuminati, which is why it has to be the Anti-Illuminati. Unless "they" knew you'd think that...
3. Re:Welcome to the recession. by Pope · 2008-11-11 08:34 · Score: 1
  
  How is this tied to the recession? Sounds like SOP for any business that wants to bump up the bottom-line with zero thought put into the decision.
  
  --
  It doesn't mean much now, it's built for the future.
4. Re:Welcome to the recession. by Shakrai · 2008-11-11 08:48 · Score: 1
  
  Welcome to the recession. Please enjoy your stay.
  Aren't the Telecom companies actually still making money? I'm somewhat skeptical to hear them crying about the recession until I see some quarterly results that don't show profits.
  
  --
  I want peace on earth and goodwill toward man.
  We are the United States Government! We don't do that sort of thing.
I blame... by Anonymous Coward · 2008-11-11 07:21 · Score: 1, Funny

...the Jews.
Wasn't there something in the Book of Phlobroham about not trusting a 128-bit address space? I don't want to have to get circumcised just to get to the BBC website, goddammit.
1. Re:I blame... by Anonymous Coward · 2008-11-11 08:41 · Score: 2, Funny
  
  as far as trolls go, that was pretty good. that is how slashdot trolling ought to be done
2. Re:I blame... by Anonymous Coward · 2008-11-11 10:13 · Score: 0
  
  +1
what's scarier, or not by circletimessquare · 2008-11-11 07:30 · Score: 5, Interesting

i can't decide, is the 40Gbps spike was related to fighting between criminal organizations. so its mollifying that this tool is so far only being used at such screaming proportions as turned on its creators:

The Arbor Networks researchers said a 40-gigabit attack took place this year when two rival criminal cybergangs began quarreling over control of an online Ponzi scheme. "This was, initially, criminal-on-criminal crime though obviously the greatest damage was inflicted on the infrastructure used by the criminals," the network operator wrote in a note on the attack.
the new york times had a good summary:
http://www.nytimes.com/2008/11/10/technology/internet/10attacks.html?partner=permalink&exprod=permalink
its notable that a lot of this potential is just sitting around, waiting for a chance to be used. if china goes to war with taiwan, or as when russia declared war on georgia, you will see/ saw these countries get DDosed off the face of the earth. that's the really worry: using DDos as a tool of war. the usa can sit around and wait until DDos used against vital government and civilian systems, or get ahead of the curve now
also notable: reflective amplification. that's the methodology employed. i'm not really sure, but i think that's where you dupe completely unrelated systems into responding to forged packets. someone wiser than me on these issues: is that the general drift?

--
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
1. Re:what's scarier, or not by whydna · 2008-11-11 07:40 · Score: 5, Informative
  
  Back in the day (about a decade ago), you could "smurf" folks, which is a form of reflective amplification. The process was fairly simple: you'd ping a network's broadcast address with a packet spoofed to appear to come from your victim. At the time, most networks weren't filtering the broadcast traffic. As a result all the hosts on that network would respond to the ping. Back in the days of 14.4 modems, you could easily blow somebody offline while generating a very tiny volume of traffic.
  ---> ping (src: victim [spoofed], dest: broadcast address of large network)
  <=== large number of icmp responses (src: addresses in large network, dest: victim)
  I'd guess that the attack is similar in concept.
2. Re:what's scarier, or not by russotto · 2008-11-11 07:43 · Score: 1
  
  also notable: reflective amplification. that's the methodology employed. i'm not really sure, but i think that's where you dupe completely unrelated systems into responding to forged packets. someone wiser than me on these issues: is that the general drift?
  Yeah. The "smurf" attack -- where you forge an ICMP Echo Request to some large broadcast address -- is the prototype for that sort of thing. Any service which will generate a reply to an unverified source address is a potential middleman, though.
3. Re:what's scarier, or not by Splab · 2008-11-11 07:53 · Score: 4, Interesting
  
  Well there are all sorts of neat tricks, but basically its the same.
  First you get yourself a bunch of zombies, these can hammer away at whatever speed they got uplink - but instead of hitting the target directly you use BGP routers (hopefully most are now immune to this) and make ICMP packets claiming to be from your victim, this way the BGP routers will respond to the ping effectively making a reflected DDoS (RDDoS). The neat thing is its pretty hard to figure out where the traffic is coming from because you need to contact whoever administrates the BGP router - and you can't block the traffic since the BGP routers are kinda important for your connection(s).
4. Re:what's scarier, or not by Anonymous Coward · 2008-11-11 07:57 · Score: 2, Funny
  
  the usa can sit around and wait until DDos used against vital government and civilian systems, or get ahead of the curve now
  That could be a bit of a self-inflated problem considering the zombie bot armies. However I do agree we need to make the telcom industry feed us some heavy doses of fiber with all those extra funds we been giving them for decades for it and less on silicone for their mistresses, thereby making the "tubes" a bit more regular in the flow and less top heavy. It would help too if things were less centralized with traffic and more redundant as well. Wonder if the DHS is monitoring backhoes yet?
5. Re:what's scarier, or not by pdxp · 2008-11-11 08:16 · Score: 1
  
  I believe what we have now that stops this is called egress filtering.
  
  basically, outgoing routers at different levels check to make sure the source address of a packet will lead back to the network it originated from.
6. Re:what's scarier, or not by Penguinisto · 2008-11-11 08:25 · Score: 1
  
  Err, why would the US gov't care? They have their own secure internetwork setups that are pretty much isolated from 'The Internet' as we know it. No one has creates a DDoS technique that can leap an air gap, so...
  I suspect that most other first-world governments have similar infrastructures as well.
  /P
  
  --
  Quo usque tandem abutere, Nimbus, patientia nostra?
7. Re:what's scarier, or not by Anonymous Coward · 2008-11-11 11:32 · Score: 0
  
  also notable: reflective amplification. that's the methodology employed. i'm not really sure, but i think that's where you dupe completely unrelated systems into responding to forged packets. someone wiser than me on these issues: is that the general drift?
  It's called a smurf attack.
Key comments by Animats · 2008-11-11 07:32 · Score: 5, Informative
Useful quotes from the report:
- "Large Web mail operators like Google don't give a sh-- -- about spam originating from their networks because they know they are too large to be blacklisted. This causes significant pain."
- "Overall, law enforcement referrals dropped for the third year in a row." "We also asked respondents if they believe law enforcement has the power and/or means to act upon information provided by network operators. Only 21 percent said Yes, while nearly 64 percent said No".
- "The attack stopped only because the attacker was paid. The attacker remains at large and active. No bots were used in this attack. The attacker had a small number of compromised Linux boxes from which he'd launch the spoofed source DNS query. The DNS servers were all DNS servers open to recursion."
1. Re:Key comments by Anonymous Coward · 2008-11-11 08:02 · Score: 0
  
  "Large Web mail operators like Google don't give a sh-- -- about spam originating from their networks because they know they are too large to be blacklisted. This causes significant pain."
  It's only a matter of time before google are blacklisted. We cut them some sway because they've got a huge network and presume they're acting responsibly.
  
  The attack stopped only because the attacker was paid.
  Where there's a payment, there's a paper trail!
2. Re:Key comments by Anonymous Coward · 2008-11-11 11:02 · Score: 0
  
  Unless they used cash!
3. Re:Key comments by Anonymous Coward · 2008-11-11 14:10 · Score: 0
  
  "Large Web mail operators like Google don't give a sh-- -- about spam originating from their networks because they know they are too large to be blacklisted. This causes significant pain."
  Complete crap. Google spends a lot of money on engineers and servers in order to help fight spam coming from Google. I know people that work in the anti-spam team. Its actually quite a large group of people that work on no only stopping spam form coming in, but also stopping spam from going out. If you think about it, not caring about outbound spam would totally kill any large company. Bandwidth and server time is expensive. Processing and storing all that data is expensive as well. With gmail every message sent is also stored in the users sent mail. If they didn't fight spammers not only would they have to pay for gigs a second of bandwidth, they would also have to store gigs a second of disk growth.
  As I understand it, the reality of large providers like Hotmail, Google, and Yahoo is that they have to fight spam very hard just to keep the service running, and likely have better spam fighting tools than any other service that doesn't require a purchase (and given my experiences with datacenter machines, likely better then most for-pay services as well.)
http://openbgp.org/ by Anonymous Coward · 2008-11-11 07:33 · Score: 0

http://openbgp.org/
Those darn Swedes by Anonymous Coward · 2008-11-11 07:47 · Score: 0

The 40gbps attack must have come from her.
1. Re:Those darn Swedes by davidphogan74 · 2008-11-11 14:55 · Score: 1
  
  If Comcash could do that kind of speed, I wonder what they'd charge a month?
holy alliteration batman by circletimessquare · 2008-11-11 08:04 · Score: 1

'However I do agree we need to make the telcom industry feed us some heavy doses of fiber with all those extra funds we been giving them for decades for it and less on silicone for their mistresses, thereby making the "tubes" a bit more regular in the flow and less top heavy.'
best idiomatic sentence i've seen on slashdot, ever. you shoehorned two idiomatic expressions in there, in parallel, without sounding verbose, and increasing the humor and potency of what you were trying to say
pure awesome win

--
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Well that and getting slashdot'ed by Anonymous Coward · 2008-11-11 08:06 · Score: 0

That one keeps everone up at night.
Re:Frist POST FUCKKERRER by Firehed · 2008-11-11 08:10 · Score: 4, Funny

Where's my "-1, Epic Fail!" moderation option when I need it?

--
How are sites slashdotted when nobody reads TFAs?
Why isn't the insecurity of Windows mentioned? by whoever57 · 2008-11-11 08:13 · Score: 1

Most of the DDOS traffic originates from compromised Windows PCs. Most SPAM originates from Windows machines. There is lots of hand-wringing about the issue, but the fundamental cause of several serious Internet problems appears to be the insecurity of Windows (before anyone mentions "clueless users" -- the OS should not allow the users to make these mistakes -- since Windows is marketed to these very types -- it's like selling a car that does not have seatbelts and airbags to people who can't drive).
So, when are people going to ask Microsoft the hard questions? Yes, I know MS has taken some steps, but, clearly those steps have not been sufficient.

--
The real "Libtards" are the Libertarians!
1. Re:Why isn't the insecurity of Windows mentioned? by Yetihehe · 2008-11-11 08:43 · Score: 1
  
  So, when are people going to ask Microsoft the hard questions?
  
  When they realise windows is not secure. Which is: not very soon. Typical zombie-computer users don't know what a zombie computer is.
  
  --
  Extreme Programming - Redundant Array of Inexpensive Developers
2. Re:Why isn't the insecurity of Windows mentioned? by lawaetf1 · 2008-11-11 08:45 · Score: 2, Insightful
  
  I don't often ride to the rescue of MSFT but if people are going to ignore updates and continue to run unpatched IE5 on Windows 2000.. what would you have them do? Force patches on people with no disable option? That'd go over real well with the /. crowd.
  Probably the best thing that could happen would be for major web sites to start rejecting IE5. That would oblige a significant chunk of the slackasses out there to upgrade and visit windowsupdate in the process. Not that this would really improve the already infected machines out there but it's a start.
  
  --
  CommentBot 0.7a running with args "-module irritate,disagree -target random"
3. Re:Why isn't the insecurity of Windows mentioned? by pandrijeczko · 2008-11-11 09:01 · Score: 0
  
  Most SPAM originates from Windows machines.
  I'm a mainly Linux/UNIX guy but the above statement is entirely incorrect.
  Most Spam originates through incorrectly configured mail servers that allow mail relaying. In reality, it's much easier to leave on open relay on something like Sendmail on Unix than it probably is on Microsoft Exchange.
  
  --
  Gentoo Linux - another day, another USE flag.
4. Re:Why isn't the insecurity of Windows mentioned? by whoever57 · 2008-11-11 09:38 · Score: 4, Informative
  
  Most Spam originates through incorrectly configured mail servers that allow mail relaying. In reality, it's much easier to leave on open relay on something like Sendmail on Unix than it probably is on Microsoft Exchange.
  Did we just jump in back 5 (or more) years in time?
  
  You are joking, right? Open relays have been oveshadowed by compromised destop machines as spam sources for a few years now. Plus, since SMTP MTAs tend to be on static IPs, the use of RBLs has effectively limited the reach of open relays as sources for any kind of email (SPAM or otherwise).
  
  --
  The real "Libtards" are the Libertarians!
5. Re:Why isn't the insecurity of Windows mentioned? by legirons · 2008-11-11 09:58 · Score: 1
  
  I don't often ride to the rescue of MSFT but if people are going to ignore updates and continue to run unpatched IE5 on Windows 2000.. what would you have them do?
  Write it correctly the first time?
  Prioritise security over trying to out-politick a court?
  Use simple published protocols in preference to ones designed to make it harder for competitors to reverse-engineer?
  Or alternatively they could just patch their shit every tuesday and blame the users for not spending their entire monthly bandwidth on software upgrades, that works too...
6. Re:Why isn't the insecurity of Windows mentioned? by rabbit994 · 2008-11-11 12:43 · Score: 1
  
  No one gets anything correct the first time and if Linux got majority of the home users, I would see people attacking it as well. Right now it's not worth it but when it does, we will see the same problem.
  Real problem is fact that ISPs will let these zombies sit on their networks and not do a thing. If ISPs started cutting off zombie machines then this problem would be fixed. It's pretty easy to see a zombie machine at work, 50 outbound connections to 45 different SMTP server, yea, it's a zombie or at least teenager on other side with no morals.
7. Re:Why isn't the insecurity of Windows mentioned? by pandrijeczko · 2008-11-11 13:03 · Score: 0, Troll
  
  Actually, to correct you, it tends to be more compromised online email accounts (like Gmail and Hotmail) with guessable passwords than it is end client email viruses.
  
  --
  Gentoo Linux - another day, another USE flag.
8. Re:Why isn't the insecurity of Windows mentioned? by david_thornley · 2008-11-11 13:05 · Score: 3, Insightful
  
  It is often the elephant in the cubicle, but there's really nothing that most people can do. For anybody outside Microsoft, and most people inside it, it's kind of like a bad Supreme Court decision.
  Now, suppose that all of these problems, all the spam and DDOSs, were due to Microsoft's incompetence, shortsightedness, and general desire to increase next quarter's profits while dooming civilization as we know it. (This isn't entirely true, of course.) Suppose that the top Microsoft execs believed they had to do something effective, or God was going to release everything Microsoft ever wrote under GPLv3.
  They decide to get to work on a more secure OS. This will take a lot of rewriting, and they'll dump other features before they get it out the door. They decide to keep the eye candy intact, and give the RIAA and MPAA everything they want. They call it, for the sake of argument, Mojave. (Vista may not be ideal, but it has a lot more security built in than XP.)
  Now, what do they do about older software? Most people and businesses have some software they rely on, which really won't work on a secure machine. The developers of Roller Blade Tycoon and The Sins had administrator accounts, after all, and that's what they tested on. Everybody took advantage of all the security holes, because it made it possible to get their stuff out the door a week sooner, at the expense of dooming civilization as we know it of course.
  Ballmer thinks. He can't just enforce security, because nobody will buy Mojave. He can't leave all the holes there, or he gets Eric Raymond and Richard Stallman as permanent house guests. The only thing he can do is plug the holes, and let the users decide what they want to run under the Users Are Competent program.
  At this point, the users notice that Mojave runs slower, and when they try to run their favorite game, Uncle Wiggley DDOSs WWW.Apple.Com, they have to click through all these boxes, which is annoying even to the multitudes who are completely trained to click OK on "See dancing pigs and doom civilization as we know it!" They start badmouthing Mojave, and stick to XP as much as they can. When they get Vista, the ones who know enough disable all those annoying little dialog boxes, and the rest just click through them to get them off the screen. "Hey, dancing pigs!"
  So, regardless of what you think of Microsoft's bad security practices and shortsightedness, there's really very little they can do about the situation they helped create. We have to deal with the computers we have, not the ones we wish everybody had.
  
  --
  "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
9. Re:Why isn't the insecurity of Windows mentioned? by whoever57 · 2008-11-11 14:10 · Score: 1
  
  Actually, to correct you, it tends to be more compromised online email accounts (like Gmail and Hotmail) with guessable passwords than it is end client email viruses.
  You might have more success in correcting me, if you did not pull stuff out of your rear orifice.
  
  First it was open relays, now it is compromized acccounts: you can't even be consistent.
  
  There has been a lot of discussion of the automated or semi-automated creation and use of Gmail and Hotmail accounts on /., but there has been little to no discussion of utilizing hijacked accounts on a mass scale.
  
  Anyway, just for you, I just checked my MTA's spam mail spool. It is relatively small, but I cannot find a single email in it that came from Google, gmail or Hotmail (yes, there are forged received lines claiming this, but no deliveries from those major email sites direct to my server).
  
  On the other hand, there are many emails from servers that show up as "unknown" (ie, no reverse DNS), most of which one would assume are dynamic IPs -- most likely compromised desktops. Meanwhile my logs also show an order of magnitude more emails rejected through the use of Spamhaus' XBL -- which is a list of "hijacked PCs infected by illegal 3rd party exploits, including open proxies (HTTP, socks, AnalogX, wingate, etc), worms/viruses with built-in spam engines, and other types of trojan-horse exploits.". In other words, mostly those compromised Windows machines you seem to want to downplay.
  
  --
  The real "Libtards" are the Libertarians!
10. Re:Why isn't the insecurity of Windows mentioned? by whoever57 · 2008-11-11 14:30 · Score: 1
  
  It is often the elephant in the cubicle, but there's really nothing that most people can do. For anybody outside Microsoft, and most people inside it, it's kind of like a bad Supreme Court decision.
  There is plenty that people can do. I agree that it is probably very difficult, if not impossible for MS to fix the problem on XP and older OSes. However, that should not stop people from recognizing the root cause. Having identified the root cause, people can then modify their buying practices based upon that knowledge. At the moment, people are just ignoring the root cause while complaining about the symptoms.
  
  Hmmm... one could argue that it is actually MS' customers who are the root cause, because, despite years of problems, they have not provided the necesssary incentive for MS to make real changes and make their OSes really secure.
  
  --
  The real "Libtards" are the Libertarians!
11. Re:Why isn't the insecurity of Windows mentioned? by davidphogan74 · 2008-11-11 15:02 · Score: 1
  
  There are basic routers that take at least put a reasonable limit on SMTP scanning. One that I work with frequently is the IP3 NetAccess series. There are other products as well, but I'm a happy customer.
  For public space WiFi networks it's a fairly simple solution that intercepts port 25 traffic, and throttles you to x per minute. It's designed for networks with many mobile users.
  Considering these are affordable for many types of smaller businesses, it's hard to believe that all consumer-grade ISP's can't implement a similar technology.
  (Yes, I am aware that there are many DSL providers that all SMTP traffic goes through them, but there's obviously a lot that don't.)
12. Re:Why isn't the insecurity of Windows mentioned? by Kent+Recal · 2008-11-11 18:00 · Score: 1
  
  what would you have them do? Force patches on people with no disable option? That'd go over real well with the /. crowd.
  I wouldn't even expect them to correct their past mistakes. But I would expect them to make the next windows release (or heck, the next vista-patch) finally immune to at least the most obvious of attacks.
  The old and vulnerable windows versions will inevitably phase out over the next years - there, problem solved.
  The whole point is that microsoft makes no visible effort to finally fix the problems that they are causing for everyone.
  Probably 90% of all malicious traffic on the internet (SPAM and DoS-attacks) originates from compromised windows hosts. It has been that way for years, all the while microsoft keeps making profits in the billions.
13. Re:Why isn't the insecurity of Windows mentioned? by pandrijeczko · 2008-11-11 21:50 · Score: 1
  
  Dear Idiot (Well, you throw insults at me & you get them back)
  Spam email is *not* the same as rootkits and trojans running on compromised Windows machines.
  In other words, mostly those compromised Windows machines you seem to want to downplay.
  Please read my original post. As a *mainly UNIX/Linux guy* it would be very easy to go off into the usual anti-Windows rant like the other zealots on here but I'm not going to. I'll argue for "either side" if I think it's correct, an OS to me is a tool to get something done in, not a "badge of office".
  Oh, and go read the Sendmail manual...
  Discussion closed.
  
  --
  Gentoo Linux - another day, another USE flag.
14. Re:Why isn't the insecurity of Windows mentioned? by myspace-cn · 2008-11-11 22:22 · Score: 1
  
  Why aren't we recycling old computers to make into cheap (like $20) iptables based firewall appliances?
  Now the "$100 laptop contest" is over, the public needs a "green friendly firewall appliance" to protect their Windows XP boxes, keeping their wireless, servers, and workstations separated, and protected from the spooky unwashed web. Something along the lines of having either phone or ether uplink and several extra ether connections for several different networks.
  I like IPCop's red, green, blue, orange theme, because it's easy to understand, and keep track of. The masses could swallow the concept like they swallow the concept of Audio, Video, and Power cables.
  The argument that Microsoft is the root of all this evil, is crap.
  Bad education (there were no computers when I grew up), bad network engineering, bad security planning, and corporate greed are the real problem. Don't blame grandma for not learning ASM! Don't blame the graphics artist for not knowing iptables. Don't blame XP users for spam and zombie attacks, when an rooted unmanaged linux box can do the same thing.
  Furthermore, give people the tools to SEE bad packets come in (for example like etherape) and they will understand this shit better.
  Remember the kids aren't growing up knowing DOS commands, batch file programming, or running bbs's, they're growing up now with gui's. Even linux/unix is becoming less command line, less bash programming, more GUI. Should granma really need to know what rm -rf, or apt-get update is?
  Windows can be hard to keep updated also. Sometimes updates don't install proper, and you have to dig under the hood to figure it out. Sure, your sister might be able to reformat and reinstall, but the graphic artist may have spent several MONTHS installing and tweaking a box that's been running for YEARS, and along comes a fucked up update. Re-formating isn't an option. At that point Imaging would be more useful, but I am getting off track here.
  The point is we need a more secure network, starting with every fucking node that exists. And it would probably be a good idea to get crackin on this now before the fucking government steps in and fucks everything up like usual.
15. Re:Why isn't the insecurity of Windows mentioned? by Tenebrousedge · 2008-11-11 23:45 · Score: 1
  
  Fail.
  Seriously, that was like the Hindenburg. "Oh! The inanity!"
  If your mail server tells a different story, now would be the time to prove your allegations. Failing that, I would go back and actually read the post you just responded to.
  
  --
  Those who advocate genocide deserve every protection afforded by law, and none afforded by common human decency.
Soviet Socialist Republics of America by m0rph3us0 · 2008-11-11 08:15 · Score: 1

What is the point of ending unemployment if the point is to take money off those to work (producing useful goods) to pay those who don't to dig a whole and fill it again (create bubbles and lose client assets when they pop). All that needs to happen is for shitty institutions to fail and reallocate those people to useful enterprises (via market forces).
1. Re:Soviet Socialist Republics of America by Anonymous Coward · 2008-11-11 08:42 · Score: 3, Funny
  
  Libertarian once shat on my carpet. Said the free market would sort it out.
DO NOT WANT MORE SPAM!!!! by sizzlinkitty · 2008-11-11 08:22 · Score: 5, Informative

Skip the spam and just download directly here... http://www.arbornetworks.com/en/docman/worldwide-infrastructure-security-report-volume-iv-2008-/download.html
IPv6 and DDoS? by Midnight+Thunder · 2008-11-11 08:35 · Score: 4, Interesting

Have any studies been made with regards to DDoS attacks and IPv6. While at this point highly theoretical, would the differences in address range and lack of NATs reduce, increase or have no change on the risk?

--
Jumpstart the tartan drive.
If it's really that big a problem then... by Spatial · 2008-11-11 08:54 · Score: 4, Interesting

...take them out.

The computers I mean. If it's that bad the zombies need to be killed off.

I've read a few stories about researchers infiltrating botnets and being able to see a list of all the compromised computers. I wonder if it's possible to completely stop network access remotely without causing data loss.

If I was in a position where I could press a button and wipe the MBR of every zombied computer on a gigantic botnet, I'm not sure if I would or not. Would you?
1. Re:If it's really that big a problem then... by Anonymous Coward · 2008-11-11 09:41 · Score: 0
  
  If I was in a position where I could press a button and wipe the MBR of every zombied computer on a gigantic botnet, I'm not sure if I would or not. Would you?
  Yes. Boot off a bootable CD/etc if you don't have a backup of your data before reinstalling.
2. Re:If it's really that big a problem then... by swilde23 · 2008-11-11 10:40 · Score: 1
  
  Orrin Hatch wants you to join the "we'll blow up your computer" army. Do you have what it takes?
  
  --
  There are 10 types of people in the world. Those that understand this sig, and those that beat up people who do.
3. Re:If it's really that big a problem then... by KrimZon · 2008-11-11 12:01 · Score: 1
  
  There's probably a downside I don't see.
4. Re:If it's really that big a problem then... by Seth+Kriticos · 2008-11-11 12:06 · Score: 1
  
  Depends. Can somebody trace and/or sue me?
5. Re:If it's really that big a problem then... by shentino · 2008-11-11 12:21 · Score: 1
  
  The trouble with this plan is collateral damage.
  Often, zombies are also hostages.
  As long as the process makes sure that reinstallation of the OS doesn't burn up any licenses for anything (I'm looking at YOU EA...), then I would be in favor of such a move.
  The annoying inconvenience should be incentive enough for people to invest in securing their computers. Anything more severe than that, and you're treating the disease by killing the patient.
  As far as getting caught, I just remember that galileo got tried for heresy for stating the truth. If it's worth the risk, go for it as long as nobody innocent gets profoundly hurt.
6. Re:If it's really that big a problem then... by Anonymous Coward · 2008-11-11 14:19 · Score: 1, Interesting
  
  Heh, yeah good luck with that. Oldskool botnets weren't that hard, since they were controlled over IRC ... just /join the channel and work out the commands. Modern bots use public key encryption, custom p2p protocols, and most significantly they have no static central server: they move around constantly by means of election protocols, heartbeat monitoring and fast-flux DNS. In fact there are usually several tiers of roles which continually self-reorganise. Oh, and they detect attempts to probe them and DDoS you off the face of the earth.
  Sure it's possible, but infiltrations of modern top-tier botnets are newsworthy for a reason. Even if mass-disinfection were possible it would be illegal under most jurisdictions, since your modifications are just as unauthorised as the infection. Getting permission across all those jurisdictions, with a moving target, is of course totally infeasible. For all intents and purposes the bad guys have won, and security researchers know it.
7. Re:If it's really that big a problem then... by slimjim8094 · 2008-11-11 15:18 · Score: 1
  
  Your post advocates a (x) technical ( ) legislative ( ) market-based (x) vigilante approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.) ( ) Spammers can easily use it to harvest email addresses (x) Mailing lists and other legitimate email uses would be affected (x) No one will be able to find the guy or collect the money ( ) It is defenseless against brute force attacks (x) It will stop spam for two weeks and then we'll be stuck with it (x) Users of email will not put up with it (x) Microsoft will not put up with it (x) The police will not put up with it ( ) Requires too much cooperation from spammers ( ) Requires immediate total cooperation from everybody at once (x) Many email users cannot afford to lose business or alienate potential employers ( ) Spammers don't care about invalid addresses in their lists (x) Anyone could anonymously destroy anyone else's career or business Specifically, your plan fails to account for (x) Laws expressly prohibiting it ( ) Lack of centrally controlling authority for email ( ) Open relays in foreign countries ( ) Ease of searching tiny alphanumeric address space of all email addresses (x) Asshats ( ) Jurisdictional problems ( ) Unpopularity of weird new taxes ( ) Public reluctance to accept weird new forms of money ( ) Huge existing software investment in SMTP ( ) Susceptibility of protocols other than SMTP to attack ( ) Willingness of users to install OS patches received by email ( ) Armies of worm riddled broadband-connected Windows boxes ( ) Eternal arms race involved in all filtering approaches (x) Extreme profitability of spam ( ) Joe jobs and/or identity theft (x) Technically illiterate politicians (x) Extreme stupidity on the part of people who do business with spammers ( ) Dishonesty on the part of spammers themselves ( ) Bandwidth costs that are unaffected by client filtering ( ) Outlook and the following philosophical objections may also apply: ( ) Ideas similar to yours are easy to come up with, yet none have ever been shown practical ( ) Any scheme based on opt-out is unacceptable ( ) SMTP headers should not be the subject of legislation ( ) Blacklists suck ( ) Whitelists suck ( ) We should be able to talk about Viagra without being censored ( ) Countermeasures should not involve wire fraud or credit card fraud (x) Countermeasures should not involve sabotage of public networks (x) Countermeasures must work if phased in gradually ( ) Sending email should be free (x) Why should we have to trust you and your servers? ( ) Incompatiblity with open source or open source licenses (x) Feel-good measures do nothing to solve the problem ( ) Temporary/one-time email addresses are cumbersome ( ) I don't want the government reading my email (x) Killing them that way is not slow and painful enough Furthermore, this is what I think about you: (x) Sorry dude, but I don't think it would work. (x) This is a stupid idea, and you're a stupid person for suggesting it. (x) Nice try, assh0le! I'm going to find out where you live and burn your house down!
  
  --
  I have developed a truly marvelous proof of this comment, which this signature is too narrow to contain.
8. Re:If it's really that big a problem then... by ITEric · 2008-11-11 15:18 · Score: 1
  
  ...I've read a few stories about researchers infiltrating botnets and being able to see a list of all the compromised computers. I wonder if it's possible to completely stop network access remotely without causing data loss.
  If it's possible to get lists of compromised computers, why not spend some resources on notifying the clueless masses that they are compromised and let them know what to do about it?
  It would seem to be a lot more ethical than just blowing them out of the water.
  
  --
  The most exciting phrase to hear in science, the one that heralds new discoveries, is not 'Eureka!' but 'That's funny...
9. Re:If it's really that big a problem then... by Anonymous Coward · 2008-11-12 02:08 · Score: 0
  
  K, you wiped the MBR. Now you have a zombie continuing to contribute, but won't come up after the next reboot.
10. Re:If it's really that big a problem then... by citylivin · 2008-11-12 05:13 · Score: 1
  
  "If it's possible to get lists of compromised computers, why not spend some resources on notifying the clueless masses that they are compromised and let them know what to do about it?"
  If their computer works, most people dont give a shit about the health of the internet.
  Would I push the button? Hell yeah! then I'd charge by the hour to do data recovery for the mofos.
  It is kind of like people who let their car burn oil or have other glaring emissions related problems. If the government didn't step in and have mandatory emissions testing, there would be many people who would simply top up their oil daily.
  
  --
  As a potential lottery winner, I totally support tax cuts for the wealthy
In other news by icedcool · 2008-11-11 08:58 · Score: 2, Funny

Nuclear bombs even worry 1st world countries.

--
Most people aren't thought about after they're gone. "I wonder where Rob got the plutonium" is better than most get.
Great Explaination by IceCreamGuy · 2008-11-11 09:17 · Score: 4, Insightful

Most believe that the DNS cache poisoning flaw disclosed earlier this year was poorly handled and increased the danger of the threat
The Kaminsky thing? The ISPs thought it was handled poorly? How ***the fuck*** should it have been handled then? The day they disclosed publicly that there was a vulnerability, nevermind that they didn't disclose the details, they had patches out for every major DNS server and any ISP who wanted to be patched could have been. WTF?
1. Re:Great Explaination by jallen02 · 2008-11-11 13:47 · Score: 1
  
  Actually the vulnerability was always there. The exploit is what came out the same day.
  It was such a relatively easy to figure out flaw that once Dan even mentioned it many security researchers, not even really into network protocols, took a gander at the way DNS worked and figured it out. So, the irresponsibility is that if these guys consider it to be such a probably that they did not make it a top priority to correct it.
  Yeah..
2. Re:Great Explaination by Anonymous Coward · 2008-11-11 23:14 · Score: 0
  
  Every "major" DNS server, yes. Meanwhile, a lot of smaller projects were completely left out in the cold - they were basically told that there was a fatal flaw in their products, but while the larger players had been told about it and given an opportunity to fix it, they hadn't - in fact, they weren't getting told what it was even THEN, so they couldn't even fix things after the news of the flaw became public.
Scary stuff by Larryish · 2008-11-11 09:27 · Score: 5, Funny

This is terrifying.

So terrifying, in fact, that I fully support the rebuilding of the entire Internet by pseudo-Democratic countries like the United States, and large businesses such as General Electric and Monsanto.

We have to stop these faceless Internet terrorists once and for all!
1. Re:Scary stuff by Talar · 2008-11-11 20:46 · Score: 1
  
  Scchhh!! not now, we have not reached that stage of the plan yet.
Nuclear Power by Anonymous Coward · 2008-11-11 09:51 · Score: 0

Take 700B, build some nuclear plants. And overnight (well, as soon as the plants get built) we go from a huge oil importer to exporting energy to our neighbors.
Plus, with all the added funding on nuclear research which would come from such a move: solutions to the waste problem would be found, breeder reactors optimized and new secrets of the atom unlocked. (not to mention global warming and the middle-east crap)
It would be amazing not having to worry about energy for the next ~200 years. And by that time we'd all have Mr Fusion anyway.
I wouldn't be too quick to let things collapse... by Anonymous Coward · 2008-11-11 10:06 · Score: 0

> It's been known for years among financial circles that any bank failures big enough to potentially unhinge the economy would be prevented by government bailout. This information influenced lending decisions.
The problem with that is that they're able to take hostages, in effect. We can't let them fail (because they'd take lots of innocent people down with them) so they're able to hold us for ransom.
Re:WOW! by Anonymous Coward · 2008-11-11 10:18 · Score: 0

No way champ, my AC e-penis is WAAAAAAAAAAAAAAAAYYYYYYYYYYYYYYYYYYYYYYYYYYYYY bigger than yours.
CRY HAVOC by Lunzo · 2008-11-11 12:57 · Score: 2, Funny

And let SLIP the dogs of war.
Taggers, please quote correctly.
OMG by Anonymous Coward · 2008-11-11 13:37 · Score: 0

Quick everybody run out and buy lots of Arbor networks crap
They're worried, huh? by NerveGas · 2008-11-11 16:56 · Score: 1

They're only worried about it happening to them, they don't seem to care if it happens to anyone else.
In otherwords, they're not worried enough to do sufficient egress filtering, or to cut off their infected customers in order to keep it from happening to other people. Almost a "NIMBY" situation, but not quite.

--
Oh, you're not stuck, you're just unable to let go of the onion rings.
there are other limited-liability arrangements by Trepidity · 2008-11-11 19:39 · Score: 1

If the goal is just to allow small businesses to shield their owners from liability, an arrangement such as a limited-liability partnership (LLP) or limited-liability company (LLC) ought to suffice.

--
10 PRINT CHR$(205.5+RND(1)); : GOTO 10
Re:I wouldn't be too quick to let things collapse. by Bert64 · 2008-11-11 23:07 · Score: 1

Yes, so instead of bailing them out, nationalize them...
That way, the shareholders are at risk of losing their investment completely, and they will keep the directors in check...
Once nationalized, force them to play by new rules and fire the staff who caused the problems in the first place. Bring the business back to profitability, and then sell it off.
People should not be rewarded for irresponsible behavior which causes their business to fold, and certainly shouldn't be rewarded for the arrogance and greed which makes them take stupid risks while planning to hold customers to ransom to get bailed out.

--
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
since it all worked in 1980's by Anonymous Coward · 2008-11-14 10:30 · Score: 0

As usual, old Linux people see no reason to upgrade or patch. They want sit there and not have to learn a newer software version. You know since it all worked in 1980's they see no reason it shouldn't now.