Slashdot Mirror
Europe Simulates Total Cyber War
Tutter writes with this quote from the BBC:
"The first-ever cross-European simulation of an all out cyber attack was planned to test how well nations cope as the attacks slow connections. The simulation steadily reduced access to critical services to gauge how nations react. The exercise also tested how nations work together to avoid a complete shut-down of international links. Neelie Kroes, European commissioner for the digital agenda, said the exercise was designed to test preparedness and was an 'important first step towards working together to combat potential online threats to essential infrastructure.' The exercise is intended to help expose short-comings in existing procedures for combating attacks. As the attacks escalated, cyber security centers had to find ever more ways to route traffic through to key services and sites. The exercise also tested if communication channels, set up to help spread the word about attacks, were robust in the face of a developing threat and if the information shared over them was relevant."
Find it here.
So that explains it now.
The ISPs in my country have obviously been preparing us for years of cyberwar.
It's Europe. Wouldn't you think they'd prefer a nice game of chess?
Love to. How about Global Cyber Internet War?
Until prompted at the terminal whether they wanted to play global thermal nuclear war....
"The problem with socialism is eventually you run out of other people's money" - Thatcher.
Since cyber attacks are launched from pwned machines, what is needed is:
(1) More diversity. We need around 5 major OS families with roughly equal market share, not one with 90% and a few others begging for scraps. Lack of genetic diversity makes life much easier for botnets and malware.
(2) We need people to start taking ownership for their machines. Running random shit that random untrusted web sites thrust at you (whether exes or just scripts used as an attack vector) is just idiotic, and people have got to start realizing this. I'm not sure how to do that. Any possible way I can think of seems inherently evil because it would do things like cut infected people off the net until they fix their box. And *that* means granting more control and central authority over the net to powers that can use it for evil as well as good. Anyway *everyone* surfing the web should be whitelisting scripts from important and trusted sites and running *no others*. Not doing that is a primary reason there are so many pwnd boxes.
Maybe we need a cultural change. We (tech geeks) need to start exerting pressure on our non-tech friends and family to not fall into the digital tragedy of the commons. No one feels like securing their own machine because, well, it's just one infected machine, and alone can't cause great harm. But when it's millions of them, they *can* piss in our collective cheerios.
How is a mock cyberwar different from a DDoS simulation from the outside and other points, combined with a thorough penetration test?
A thorough pen test doesn't just scan ports and call it a night, the testers call employees pretending to be IT or managers and demand/browbeat for access, either to be handed a password for "auditing" reasons, or because the main IT people are supposedly gone for the day and a remote OEM needs access. I have even seen some thorough pen tests actually drop U3 USB flash drives in the parking lot that if autorun, would note which machine got "compromised".
I just don't see anything here that is different from hiring a thorough tiger team to test every piece of an organization's security (which companies should do at random times throughout the year.)
At which point in their simulation are they planning on having USA saving their asses?
I think you replied to the wrong post.
Might want to check on that.
These are feasibility studies where defense is only a secondary consideration. Next we will see several small but notable "cyber attack" events that will justify increased funding to the biggest players.
Getting that MBA seemed to be a good idea at the time. Gimme a break!
RIP America
July 4, 1776 - September 11, 2001
This is why my leeching was very slow! Bastards! stop playing your little wargames so I can leech pr0n in peace
Make cyber-sex, not cyber-war!
Sure would save a lot of lives, materials and money. Oh, wait, they tried that on Star Trek and it ended in tears, until Captain Kirk shutdown the simulation.
Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
(2) We need people to start taking ownership for their machines.
No, we need OS that don't give every app access to the full system. Why is there no OS today that allows you to run an application in an isolated sandbox? Why should running an .exe be less safe then running a Flash or Javascript app? There simply isn't any good reason why things are so fucked up, its just historic ballast from the pre-Internet age, back when nobody cared about safety.
I'm not sure how to do that.
Yeah, because it *DOESN'T WORK*. And heck, even if it would work, people have absolutely no way to tell a fraudulent app from a proper one other then a good guess.
Maybe we need a cultural change.
Yeah, but one in the heads of the OS designers, so that they design their security so that it actually works for the random Joe User, not just for the professional admin that spends 10 hours a day configuring his machines.
the whole cyber- prefix is getting old and useless.
cyber-crime (it's crime)
cyber-war (it's war)
cyber-stalking (it's stalking)
cyber-bullying (it's bullying)
you get the picture.
I found a picture of the computer the simulation was run on.
> Why is there no OS today that allows you to run an application in an isolated sandbox
What do you mean? That ability is available today and has been for some time.
What do you mean? That ability is available today and has been for some time.
Where? Every OS has a "Run as Administrator"/"Run as Root", but I have yet to see one that has a "Run in Sandbox". Sure you can build a sandbox with chroot or do some stuff with virtualisation, but that is hardly practical for average Joe and would probably give a bunch of trouble when it comes to the GPU.
One easy answer to the question of how to make hard things happen (for example, making sure people run secure computers) is to mandate insurance for it. It's not a particularly liberal system, but if you can demonstrate to an insurer how you have mitigated the risk you are insuring against, you get a lower rate. Insert obligatory car analogy here.
[FUCK BETA]
WEB 0.1, Cyberspice, Saturday (NTN) — The European Union has run a simulated "cyber attack," in which simulated outsourcing companies strike mortal blows upon national budgets for consulting fees for "cyber security" while still using Windows.
The simulation steadily reduced access to critical services to gauge how nations react, removing access to working email, letting loose old viruses and charging €300 callout fees to look at why you can't log in.
Neelie Kroes, European commissioner for the digital agenda, said the exercise was intended to help expose short-comings in existing procedures for combating attacks on funding. "It is an important first step towards working together to combat potential online threats to essential infrastructure and the consulting fees therefrom."
The exercise also tested how nations work together to avoid a complete shut-down of international links when internet service providers charge £50/month for a "super-fast" connection with a 20GB bandwidth cap.
The exercise was overseen by bouncing new baby quango the European Network Security Agency. "We considered just bombing Redmond, Washington from orbit, which simulations showed would have pretty much solved all attacks over the network itself," said Dr Udo Helmbrecht, most recently of outsourcing firm EDS Capita Goatse. "But we're not so silly as to put ourselves out of a job."
http://rocknerd.co.uk
A combination AppArmor (which has no GPU issues) and for very dangerous things a VM (which does, but can still run light to moderate 3D workloads) works a treat. The rollback button in the VM is a mere mouseclick away. My grandmother could do it, once I showed her the button. We're not talking rocket science here, or any kind of deeply complex problem that takes years of study to master. You don't even need a VM to browse safely, you just have to not run things thrust in your face. If browsers would just ship with the default of not running things unless whitelisted, most of these problems would disappear. Would most people let any stranger into their house at any time for any reason? No? Then they need to stop doing that with their computers.
The tools already exist. People just have to use them. The device is a Turing machine and the only way to stay safe is by using it in a responsible manner. We need to start expecting that, just like we expect people not to drive while drunk or barrel through a residential area at 80 MPH or haphazardly fire guns toward innocent bystanders. Social responsibility applies to the internet just like it does to real life. We have to start demanding it of people.
The tools already exist. People just have to use them.
The tools do not exist, some bare framework exists from which it is possible to replicate some effects from a proper sandbox, but thats all. I seriously doubt that you go out and build an AppArmor profile for every little app you want to run, heck, even the distris don't bother with that and only put a tiny small fraction of apps into AppArmor.
If browsers would just ship with the default of not running things unless whitelisted, most of these problems would disappear.
While whitelisting would certainly help, a proper secure OS shouldn't have an issue with running insecure code in the first place, thats the whole point of a sandbox after all.
The device is a Turing machine and the only way to stay safe is by using it in a responsible manner.
Turning completeness has nothing to do with security.
No, we need OS that don't give every app access to the full system. Why is there no OS today that allows you to run an application in an isolated sandbox?
It's called iOS. Also, Mac OS X has sandbox-exec(1).
It's set in the future, there is no USA to speak of. China's the enemy, Russia's our friend.
The independent nations of Texas and California were too busy cleaning up at home, but the Islamic Republic of Jerusalem did send some observers.
P.S. Thanks for making it easy to hate young Americans, it's not like you know anything about the real history of WWII. The British and Russians did all the heavy lifting, they're the one's who won the war!
Couldnt something on a huge scale like an internap fcp, be able to detect congestion or an attack and be programed to just continuously rotate providers and routes as needed?
sandbox-exec(1)
Going off-topic for a moment here, sorry.
What exactly does that (1) mean?
So would this have anything to do with the two multinational (Scotland, N.Ireland, Eire, England) broadband outages in the last week?
Please consider this account deleted, I just can't be bothered with the spam anymore.
Section 1 of the manual.. another words run
man sandbox-exec on mac os to find out about it!
you'd see:
NAME
sandbox-exec -- execute within a sandbox
SYNOPSIS ...] command ...]
sandbox-exec [-f profile-file] [-n profile-name] [-p profile-string] [-D key=value
[arguments
DESCRIPTION
The sandbox-exec command enters a sandbox using a profile specified by the -f, -n, or -p option and executes
command with arguments.
MidnightBSD: The BSD for Everyone
It's the section the manpage is in. For instance, printf(1) refers to the program printf, and printf(3) refers to the C function printf. You can search a specific section with man , so man 3 printf will result in the Linux Programmer's Manual entry for printf on my machine.
I'm glad I had my porn backed up on my hard drive. No downtime for me...
That is all.
Stop projecting your ideas of how the American system works on a European project.
We're not like you at all, your preconceived notions don't apply here.
It's amusing to read your complaints knowing that you are blind to the fact that other places do not operate according to the rules you are obviously used to.
Gobal Cyber War?
WTF Slashdot, why do I have to login 50 times to post?
"It's sex Jim, but not as we know it" -McCoy
GNAA member forgets to click "Post Anonymously"? Classic.
De-friended... I'll try to remember to link to your post whenever you spout your normal anti-Obama rhetoric, etc.
SWM seeks new sig for a brief fling
The command is explained in section 1 of of the man pages.
You would say 'sandbox (8)' for redhat (default SELinux enabled) systems. Claiming no OS today allows you to run an application that way is just a bit of friendly trolling.
Claiming no OS today allows you to run an application that way is just a bit of friendly trolling.
I think he still has a point because: How does Joe Public easily use "sandbox" for an arbitrary program he just downloaded and have the program actually work if the program is actually safe...
The people who can easily figure out 1) and 2) typically need sandboxes less than Joe Sixpack :).
I have actually proposed this: https://bugs.launchpad.net/ubuntu/+bug/156693
Just because there's SELinux and AppArmor doesn't mean much, they're the equivalent of security doors, locks, walls and safes. They are the building blocks, someone has to build a few default rooms for people to run stuff in, and ones which are actually secure.
I have seen an Ubuntu default AppArmor template for Firefox that really doesn't prevent a pwned firefox instance from accessing the user's documents - it only blacklists access to specific areas, it doesn't whitelist.
p.s. do you have a link to the sandbox(8) man page? I can't seem to find it.