Slashdot Mirror
Germany Readying Offensive Cyberwarfare Unit, Parliament Told
concertina226 writes to note that it's not just the U.S. that's increasingly open about using malware as an offensive tool of state security: From the TechWorld story: "According to German reports, the Bonn-based Computer Network Operations (CNO) unit had existed since 2006 but was only now being readied for deployment under the control of the country's military. 'The initial capacity to operate in hostile networks has been achieved,' a German press agency reported the brief document as saying. The unit had already conducted closed lab simulations of cyber-attacks."
"Unlike physical attacks," concertina226 writes, "cyber-weapons can't be isolated from their surroundings with the same degree of certainty. If, as a growing body of evidence suggests, the U.S. Government sanctioned the use of cyber-malware such as Stuxnet, are the authorities also held responsible should such campaigns hit unintended victims?"
Bombs are expensive. You want to stop enemy production in a war, right? So you blow up the factories, the power plants, etc.
What if, instead of blowing them up, you just shut them all off? It worked with Iran's atomic development and ushered in a new era of warfare. Up until WWI, war was a grand and glorious adventure, swords and arrows, showing the bad guys what for! Then chemical weapons killed so many people all at once, the game wasn't fun anymore, but you could still send your plebians out to rattle your sabres. Once atomics showed up, we go to the point where war could kill the country's leaders as well as the people sent out to the front lines.
This new era lets anyone, anywhere, pick off any target. You can shut down an Iranian centrifuge. You can dig up dirt on the Prime Minister and give it to the newspaper. Everyone with an Internet connection has the potential to hold a weapon far more dangerous and far more powerful than anything that goes "bang". We can make anyone, anywhere, go "whimper".
That's why we're seeing cyberwarfare units and Internet censorship / monitoring. We can't have people rocking the boat.
---
ECHELON is a government program to find words like bomb, jihad, plutonium, assassinate, and anarchy.
Instead of running processes with all the rights of the given user account, use Capability Based Security. This means that for a given process, at run-time (not before hand like app-armor), you tell the OS which files and access type a process will need. This doesn't fix everything, but it does let you isolate security decisions and eliminate the side effects of running any code (trusted, untrusted, or downright evil) to the capabilities you chose to give it. This means that even if you confuse a process, you can't get more capabilities than it was given. Privilege escalation goes away, which is a major attack vector, along with stack injection, buffer overflows, etc. (Of course it does require a secure kernel, which you have to trust).
It's my firm believe that capability based security will eventually be what we all use... but due to the need to make people aware of the concept (which is several layers of abstraction away from what we usually deal with) and the cost of revamping everything... we're still 15 years out.