Slashdot Mirror

← Back to Stories (view on slashdot.org)

Someone Is Learning How To Take Down the Internet, Warns Bruce Schneier (schneier.com)

Posted by msmash on from the storm-is-coming dept.

Some of the major companies that provide the basic infrastructure that makes the internet work have seen an increase in DDoS attacks against them, says Bruce Schneier. He adds that these attacks are of much larger scale -- including the duration -- than the ones we have seen previously. These attacks, he adds, are also designed to test what all defense measures a company has got -- and they ensure that the company uses every they have got, leaving them with no choice but to demonstrate their defense capabilities to the attacker. He hasn't specifically shared details about the organizations that are under attack, but what little he has elaborated should give us a chill. From his blog post: [...] This all is consistent with what Verisign is reporting. Verisign is the registrar for many popular top-level Internet domains, like .com and .net. If it goes down, there's a global blackout of all websites and e-mail addresses in the most common top-level domains. Every quarter, Verisign publishes (PDF) a DDoS trends report. While its publication doesn't have the level of detail I heard from the companies I spoke with, the trends are the same: "in Q2 2016, attacks continued to become more frequent, persistent, and complex." There's more. One company told me about a variety of probing attacks in addition to the DDoS attacks: testing the ability to manipulate internet addresses and routes, seeing how long it takes the defenders to respond, and so on. Someone is extensively testing the core defensive capabilities of the companies that provide critical Internet services. Who would do this? It doesn't seem like something an activist, criminal, or researcher would do. Profiling core infrastructure is common practice in espionage and intelligence gathering. It's not normal for companies to do that. Furthermore, the size and scale of these probes -- and especially their persistence -- points to state actors. It feels like a nation's military cybercommand trying to calibrate its weaponry in the case of cyberwar. It reminds me of the US's Cold War program of flying high-altitude planes over the Soviet Union to force their air-defense systems to turn on, to map their capabilities.

142 of 237 comments (clear)

  1. False flag operation? by Anonymous Coward · · Score: 3, Interesting

    Could be NSA/GCHQ false-flag operation to pin the attacks on Russia.

    1. Re:False flag operation? by fustakrakich · · Score: 5, Funny

      Or it could be Russia trying to make us think it is an NSA/GCHQ false-flag operation to pin the attacks on Russia.

      But we know that they know that we know....

      --
      “He’s not deformed, he’s just drunk!”
    2. Re:False flag operation? by npslider · · Score: 2

      But if they know that we know that they know, we knew...who are they again?

    3. Re:False flag operation? by fustakrakich · · Score: 1

      The Russians... It's payback for Napoleon

      --
      “He’s not deformed, he’s just drunk!”
    4. Re:False flag operation? by npslider · · Score: 1

      Wasn't he that really tall French dude who helped America win the Civil War?

    5. Re:False flag operation? by Anonymous Coward · · Score: 1

      It would have to be a false flag in that case because...

      In Soviet Russia, Internet takes down YOU!

    6. Re:False flag operation? by Anonymous Coward · · Score: 5, Funny

      Or it could just be a windows 10 update.

    7. Re:False flag operation? by Alypius · · Score: 1

      No, man. He's the ginger that voted for Pedro.

    8. Re:False flag operation? by ndogg · · Score: 2

      Or it could be NSA/GCHQ spies working for the Russians trying to make us think that it's a NSA/GCHQ false-flag operation to pin the attacks on Russia.

      --
      // file: mice.h
      #include "frickin_lasers.h"
    9. Re:False flag operation? by RockDoctor · · Score: 1

      Suspicious that no-one has mentioned the Chinese, who are just as capable of cloaking their operations in layers of false flags as anyone else.

      --
      Birds are not dinosaur descendants;birds are dinosaurs, for all useful meanings of "birds", "are" and "dinosaurs"
  2. Someone Is Learning How To Take Down the Internet by JustNiz · · Score: 5, Funny

    Don't worry I've already copied the internet onto a blank CD.

  3. north korea's last dieing move after the nukes fai by Joe_Dragon · · Score: 1

    north korea's last dieing move after the nukes fail?

  4. not necessarily a bad thing by Lead+Butthead · · Score: 2, Insightful

    considering the number of new problems created and old problems made anew by the Internet (tm), taking it down isn't necessarily a bad thing.

    --
    ELOI, ELOI, LAMA SABACHTHANI!?
    1. Re:not necessarily a bad thing by npslider · · Score: 4, Funny

      Work place productivity would skyrocket... ... Until the Internet withdrawal symptoms kick in.

    2. Re:not necessarily a bad thing by npslider · · Score: 2

      I have a simple fix:

      Tell the workers that whoever gets their TPS reports in first gets "First Post".

    3. Re:not necessarily a bad thing by waTeim · · Score: 5, Insightful

      This viewpoint is almost the opposite of reality. Losing the Internet is among the worst things that could happen.

    4. Re:not necessarily a bad thing by The-Ixian · · Score: 2

      Who said anything about going to pen and paper? Just unplug the WAN port...

      Oh wait... the cloud... I forgot...

      --
      My eyes reflect the stars and a smile lights up my face.
    5. Re:not necessarily a bad thing by Lead+Butthead · · Score: 1

      Or until you need to look something up.

      ... it's call a book, and there are places call the community library near you.

      --
      ELOI, ELOI, LAMA SABACHTHANI!?
    6. Re:not necessarily a bad thing by drinkypoo · · Score: 3, Insightful

      This viewpoint is almost the opposite of reality. Losing the Internet is among the worst things that could happen.

      It's basically identical to the situation with the two-party system in American politics. Until it actually crashes, nobody is going to bother to build a better system, because that's hard. It's better if the internet goes down now than in fifty years when we're really dependent on it for everything. We must build a better internet by then (meshed? entirely cooperative?) or someone surely will take it down and it will be the worst thing that could happen.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    7. Re:not necessarily a bad thing by execthis · · Score: 2

      I have a simpler one: Cut China, Russia, Ukraine & Nigeria the fuck off the Internet

    8. Re:not necessarily a bad thing by stealth_finger · · Score: 1

      Or until you need to look something up.

      ... it's call a book, and there are places call the community library near you.

      So I can get out of work multiple times a day to go the library? Fuckin' sweet deal.

      --
      Wanna buy a shirt?
      https://www.redbubble.com/people/stealthfinger/shop?asc=u
    9. Re:not necessarily a bad thing by fintux · · Score: 2

      Maybe you don't realize how much people are indirectly dependent on the internet. If internet is taken down, a lot of other services will go down as well. For example, without internet banking, the banks will not be able to handle the inflow of customers anymore. I don't know how much grocery stores depend on the internet for things like ordering food etc., but I would assume they do that. Public transport may use the internet, and with hindered public transport, the streets will get more clogged. Lots of work gets almost impossible due to multi-site collaboration no longer working properly. The internet is also used more and more in health care.

      All in all, the internet is so much more than just the web pages. I sure hope things like the power grid or the telephone network are still managed on a completely separate channel, but I don't really have facts on that.

    10. Re: not necessarily a bad thing by brasselv · · Score: 1

      ditch tap water, people were doing just fine taking a walk to the next river.

      --
      "Whenever people agree with me I always feel I must be wrong." (Oscar Wilde)
  5. I've got it figured... by The+Last+Gunslinger · · Score: 1

    ...it's called probing. Not to engage, but to evaluate.

    1. Re:I've got it figured... by npslider · · Score: 2

      "Probing" you say?

      I'd say it's them dern aliens! Back in '67 I was driving in my good old '57 Chevy when I saw a bright light above me...

      Never could sit on the Jon the same way after that.

  6. Someone - or - Something... by Sarin · · Score: 1

    Is Learning How To Take Down the Internet.

    1. Re:Someone - or - Something... by npslider · · Score: 2

      As long as my Badger Badger Badger Mushroom song keeps playing... I be happy.

    2. Re:Someone - or - Something... by avgjoe62 · · Score: 1

      Learning How To Take Down the Internet

      Isn't there a "For Dummies" book for this?

      --

      How come Slashdot never gets Slashdotted?

    3. Re:Someone - or - Something... by Alypius · · Score: 1

      Skynet is reaching sentience.

    4. Re:Someone - or - Something... by Anonymous Coward · · Score: 1

      At least they were kind enough to warn Bruce Schneier about it. He will save us.

  7. The end of my world has come! by npslider · · Score: 1

    Does this mean my Internet's won't work?

    How will I check my fridge when I am out of town?

    1. Re:The end of my world has come! by npslider · · Score: 1

      All I have is Mountain Dew and pizza.

      I guess warm pizza would be OK...

    2. Re:The end of my world has come! by Coren22 · · Score: 1

      Is your fridge running?

      --
      APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
  8. Re:Someone Is Learning How To Take Down the Intern by npslider · · Score: 1

    I trust you are on an "unlimited" data plan?

  9. Re:north korea's last dieing move after the nukes by npslider · · Score: 3, Funny

    "All your Internet Bases are belong to us!"

  10. Good. Go smell the flowers. by wjcofkc · · Score: 2, Interesting

    Awhile back I used up a couple weeks of vacation time I had accumulated. First I got the idea in my head, why don't try powering my phone off for awhile?. After a few days of withdraw I started to feel liberated. From there I abandoned email and the internet entirely. More withdraw was followed by an even greater sense of liberation. It was like breathing for the first time. After a hair over a week, I grudgingly came back to virtual reality. But damn was that disconnected time wonderful.

    --
    Brought to you by Carl's Junior.
    1. Re:Good. Go smell the flowers. by npslider · · Score: 1

      What is real life Like?

      I'm to scared to go upstairs or turn off my phone.

    2. Re:Good. Go smell the flowers. by Anonymous Coward · · Score: 1

      I see you went to Burning Man too. How was your burn?

    3. Re:Good. Go smell the flowers. by wjcofkc · · Score: 1

      It's kind of like The Walking Dead, minus the zombies. It's really very pleasant. By day, there is this giant yellowish orange thing in the sky. Sometimes it is obscured by what I can only describe as cotton candy. It is very comforting though. By night, there is this big piece of cheese in the sky that I can never quite reach. Cotton candy applies here to on occasion. The only creepy thing about it is all the people around you are constantly staring down. It's unsettling at first. There are strange animated gifs everywhere, creatures animated on the ground and even in flight. It's all very HD. All in all it was very therapeutic after getting over the initial shock.

      Once I reactivated my connected reality, once again it was like The Walking Dead, only this time with zombies.

      --
      Brought to you by Carl's Junior.
    4. Re:Good. Go smell the flowers. by Anonymous Coward · · Score: 3, Insightful

      Don't be an idiot.
      Really

      This isn't about being personally liberated from the internet. This is about attacking critical infrastructure. This is like the paving of every interstate in the country disintegrating overnight.

      Sure, there would be lots of time for people to sit at home and enjoy the flowers. Meanwhile 99% of the population would immediately begin to run out of food and within a week chaos would reign - most people would have no job to work and no food to eat. The economy would take a massive pounding.

      Captcha: pounding

    5. Re:Good. Go smell the flowers. by Falos · · Score: 2

      I once traveled to the Outside. Turns out the Normals are actually fairly friendly. They were very worried when the Daystar began cooking me red and offered me water.

      3/5, would not spelunk again.

    6. Re:Good. Go smell the flowers. by Coren22 · · Score: 1

      What about the free water that occasionally falls from the sky? That's gotta be a lie.

      --
      APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
  11. DDoS Defense by sexconker · · Score: 2, Interesting

    1) Notice problem.
    2) Look at logs/whatever and verify insane traffic levels.
    3) Throttle/block source at router.
    4) Repeat for every upstream switch that is impacted by the attack. For those which you don't control, call (yes call) up your peer and inform them of the issue so they may do the same.

    1-3 can be automated fairly easily
    4 can be automated with cooperation, agreements, established procedures, responsive personnel, etc. (4 isn't going to be automated.)

    5) Inform zombie ISP customers they're part of a botnet / get authorities after the operators.
    6) Cut customers off from the internet until they clean their shit up / throw people in jail or block their host country (Russia / Brazil / China) until the respective authorities put people in jail.

    1-3 are all you need as a network operator concerned about other shit on your network.
    1-4 are what you need to get the DDoS target accessible again.
    5 and 6 are what the internet needs in general.

    1. Re:DDoS Defense by The-Ixian · · Score: 2

      Unless the attack is the type that uses perfectly normal HTTP GETs (or other expected traffic)... just from 10,000,000 sources at once... Like an old fashioned /.ing, only bigger. There is no defense against something like that other than to throttle all HTTP (or whatever) connections... but that ends up achieving the goal of the attacker anyway.

      This has been demonstrated already by the Chinese government by altering unencrypted HTTP traffic to add a bit of javascript to sessions inbound to the country so that regular browsers would make a connection to the target site.

      --
      My eyes reflect the stars and a smile lights up my face.
    2. Re:DDoS Defense by CaptainLard · · Score: 1

      You should tweet that to @verisign so they know what to do when the state sponsored DDoS to take down the internet comes. As you pointed out the answer is to stop the bad traffic which should fit nicely into 140 characters and thus, save the day!

    3. Re:DDoS Defense by cfalcon · · Score: 4, Interesting

      The problem is that DDOS is a core vulnerability based on how the internet is built. If you get packets that should go somewhere, you try to push them there. You don't know that the guy who handed them to the guy that handed them to the guy that handed them to you is a botnet node: you just know packets go a place. You forward them.

      Eventually, you hit a point where someone in that link COULD figure out that packets are part of a DDOS, but in the current model, that's just too damned far along.

    4. Re:DDoS Defense by sexconker · · Score: 1

      Who said anything about blocking all traffic on a link?
      These are routers. You block problem IPs.

    5. Re:DDoS Defense by sexconker · · Score: 2

      The defense is to block the bad traffic as close to the source as possible, whether it be 100 Amazon VMs in a botnet or 10,000,000 home machines infected with shit or the entirety of China.

      The internet only works if each network plays nice. DDoS has been a problem for so long because no one has the balls to cut home users or a country off, and certain governments don't give a fuck about going after botnet operators.

    6. Re:DDoS Defense by sexconker · · Score: 4, Interesting

      DDoS patterns are pretty obvious, and you don't need fancy DPI either.

      Happy-go-lucky packet forwarding works when everyone plays by the rules. That's not the case. You have to respond, and the ONLY response is to throttle/block the traffic. The further upstream you do this the more effective it is, but the wider impact it has for legitimate traffic. That's why step 4 is critical for the target.

      It's a very simple solution to a very simple problem. DDoS is just the normal internet at an abnormal scale. All effective responses go against the general design of the internet because they involve removing a host from the internet or portions of it. So you want to limit responses to be as close to the source as possible to avoid impacting all the good actors.

    7. Re:DDoS Defense by sexconker · · Score: 2

      Shut down the internet for bad actors, yes. You can't let bad hosts play on your network and then expect your network to be invited to the party all the other networks are throwing.

    8. Re:DDoS Defense by Alomex · · Score: 4, Insightful

      This is why slashdot sucks so much. I started reading /. back when the UIDs where in the 10k range, and only people who really knew about the subject would comment. It took me many months before I saw a topic I could contribute to with enough insight, hence my 100K UID.

      Now, we have captain obvious noob giving a trivial "shut down" solution, which only works when the botnet is concentrated in an arrogant tone to the security experts in Verisign and Bruce Schneier. To top it off it gets ranked +4 Insightful.

      p.s. Can we add a moderation score of -1 Rolls eyes?

    9. Re:DDoS Defense by Anonymous Coward · · Score: 1

      That is why point 5 and 6 are the most important steps in GP's list. It is what you have to do when under attack, but it is in reverse order of importance.
      And there should be a point 7. If an ISP does not cooperate with 5 and 6, then the ISP's peer/uplink will apply black-hole routing to the ISP.

      The logic is simple. Cut of p0wned PC's from the internet until they are fixed. This forces owners to fix the problem and immediately damages the botnet. If this is done consistently, it should be quite manageable and mostly eliminate DDoS. Even if it takes a while to get to the PC and fix the problem.It will prevent its participation in the next DDoS atttack.

      This idea is not new. This is how it used to work in the old days. It just has been neglected and nobody bothered to put in a reasonable system to manage this process. (original was e-mail, that does not scale...)

      oh, and ISP's should be forced to block outgoing spoofed packets, again on punishment by peers and uplinks with black-hole routing.

    10. Re:DDoS Defense by RavenLrD20k · · Score: 1

      Which, with a significant enough attack vector, can bring a router to its knees as it gets overwhelmed with processing the ACL trying to compare netmask of what's in the block list against the masks of what's on the inbound line. Granted it takes a massive amount of traffic from an identified bad actor to do this; but it's not outside of the realm of possibility.

    11. Re:DDoS Defense by Anonymous Coward · · Score: 1

      That's not shutting down the Internet. The DDoS is the shutdown. The described process is a recursive routine to be followed by any affected node, bringing the Internet back up one link at a time, reaching back to traffic sources.

      If a link refuses to continue the recursion, the link necessarily stays down.

    12. Re:DDoS Defense by A+Big+Gnu+Thrush · · Score: 2

      I started reading /. back when the UIDs where in the 10k range

      Yeah, I think it was always crap. Remember Signal 11? Jon Katz? The ignorant are drawn to comment sections.

    13. Re:DDoS Defense by mjwx · · Score: 1

      6) Cut customers off from the internet until they clean their shit up

      Will never happen because Profit.

      ISP's will never willingly cut off their own customers and will fight tooth and nail to prevent from being forced.

      This is why US ISP's happily hand over customer identities to the *IAA for lawsuits rather than have something like a three strikes law.

      --
      Calling someone a "hater" only means you can not rationally rebut their argument.
    14. Re:DDoS Defense by postbigbang · · Score: 3, Informative

      There's wisdom in what you say, but the ACL black hole list could be miles long. My own iptables list is pages long, and grows every day.

      I don't think that ISPs give a shit, and there's nothing and nobody to flip the blackhole switch. Even DNS tweaking isn't going to do the job. Every day my syslogs fill up with nmappers and logon failures from ugly long lists of IPv4/6 addresses.

      --
      ---- Teach Peace. It's Cheaper Than War.
    15. Re:DDoS Defense by Alomex · · Score: 1

      Yeah, there have always been some idiots around, but there used to be a lot less. Also with the increased number of know-nothings moderation has degraded. Over the years I've gone from reading at 0, to 1, to 2, to 3, and now at 4 or higher.

    16. Re:DDoS Defense by mars-nl · · Score: 1

      Maybe they should also turn on DNSSEC for verisign.com, since they are crucial and into security and all.

    17. Re:DDoS Defense by Fnord666 · · Score: 1

      you just know packets go a place. You forward them.

      If nodes would quit forwarding packets that say they came from a place that they couldn't possibly have come from, it would cut down on some of this crap.

      --
      'The tyrant will always find pretext for his tyranny.' - Aesop's Fables
    18. Re:DDoS Defense by networkBoy · · Score: 1

      If ever there was a "get off my lawn" post...
      I simply lost my first account. I don't even remember the username (if I did I *might* remember the pwd).

      --
      whois gawk date unzip strip find touch finger mount join nice man top fsck grep eject more yes exit umount sleep dump
    19. Re:DDoS Defense by onepoint · · Score: 1

      You are correct, they won't willingly cut the cash flow. Something real interesting where everyone will have to work has to happen.
      so wait for the lawsuits

      --
      if you see me, smile and say hello.
    20. Re:DDoS Defense by BuGless · · Score: 2

      This is why slashdot sucks so much. I started reading /. back when the UIDs where in the 10k range, and only people who really knew about the subject would comment.

      And even Slashdot back then was ten times worse than the golden age 1988-1994 USENET already.

    21. Re:DDoS Defense by Frederic54 · · Score: 1

      > And even Slashdot back then was ten times worse than the golden age 1988-1994 USENET already

      In a way, yes, but /. in 98 or 99 was still relevant and contributors were engineers or university students etc
      But yeah there was GNAA...

      --
      "Science will win because it works." - Stephen Hawking
    22. Re:DDoS Defense by Alomex · · Score: 1

      Usenet was great around 1988-1992, trolls were rare and could be dealt with the KILL file and most people participating were veritable experts compared to the ignoramuses that dominate discussion forums today.

      I met political leaders, writers, and award winning scientists on usenet back then.

  12. Was kind of done with the Internet, anyway by WillAffleckUW · · Score: 1

    Ready to move on to the 40 Gbps backbone 100 Gbps fast Internet 3 and leave all you civilians behind to complain why we can't do better.

    --
    -- Tigger warning: This post may contain tiggers! --
  13. TFS leaves out most important piece ignoring info by daveschroeder · · Score: 5, Insightful

    "The data I see suggests China, an assessment shared by the people I spoke with."

    Of course, that will be buried in these comments that it's a US false flag, that obviously it's the US that's responsible, etc.

    It couldn't possibly be someone like China.

  14. Re:As the US surrenders control of DNS by npslider · · Score: 1

    "What's this big red cable do? Let me just adjust the cable so I can walk by the rac "

  15. Re: As the US surrenders control of DNS by daveschroeder · · Score: 2

    Except, from TFA, "The data I see suggests China, an assessment shared by the people I spoke with."

    But that's impossible in your mind...it has to be the US. It could never be a US adversary with principles that run decided counter to internet freedom, human rights, and so on. Clearly this is a US effort to leave itself a capability to "take down the internet", when we are the ones ceding control of ICANN and IANA.

  16. Interesting timing by CODiNE · · Score: 4, Insightful

    I wonder who would stand to benefit from an Internet black out during the US presidential election?

    --
    Cwm, fjord-bank glyphs vext quiz
    1. Re:Interesting timing by cfalcon · · Score: 1

      A good point. A less partisan point is, what happens if you have "online voting", or any goddamned thing that requires a net to function, and it doesn't?

      We have an infrastructure problem- plenty of systems assume that the internet will either always be up, or be up at least, for instance, daily.

    2. Re:Interesting timing by Anonymous Coward · · Score: 1

      The entire world?

    3. Re:Interesting timing by benjonson · · Score: 1

      Exactly. Prepare for Vlad the Poisoner's October surprise.

      --
      =-+
    4. Re:Interesting timing by swb · · Score: 2

      We have an infrastructure problem- plenty of systems assume that the internet will either always be up, or be up at least, for instance, daily.

      And it's getting worse, because the infrastructure that keeps the Internet up is starting to require the Internet actually be up.

      A cow-orker installed some Meraki switches this past weekend and they are "cloud" managed. I didn't work on it, but he said you basically needed an active Internet connection to do anything with them because there was no local management at all. And of course the switches themselves had problems, cutting off Internet access until physically rebooted at least once.

      Off the top of my head, I can only really see this being even sane if you had a dedicated management network with Internet access not dependent on the switching you needed to manage, but this mostly runs counter to much of the idea behind a management network (ie, a closed network with access limited to protect management interfaces).

      But there seems to be an increasing number of things that just don't work without Internet access, and often not because the manufacturer cheaped out and pushed intelligence to the cloud and cut the system specs, but because of licensing, DRM or because some asshat in marketing wanted to guaran-damn-tee that they got phone home data, so the device just doesn't work unless it can phone home.

  17. ElInt "Ferret" Missions by Anonymous Coward · · Score: 1

    I'll be "that" guy, the vast majority of elint ferret missions did not overfly the Soviet Union... they would fly parallel to the border and record electronic emissions. One particular stunt they did pull was have a SAC bomber head straight at Soviet airspace to illicit a response which the elint plane would record, generally the bomber diverted right before it hit Soviet air space but there were rare incursions. And the Soviets did the same thing but it was generally with European countries and not the US because that's were any conventional war would have been executed. What a lot of people don't realize is that the Soviets did shoot some of these planes down and ~100 US airmen died on these missions (always listed as training mishaps). These activities inadvertently contributed to the Korean Airlines 007 shootdown. The most common elint plane at that time was one of the RC-135 variants, a four engine jet that vaguely has the same configuration as a 747. The Soviets thought it was a ferret mission and shot it down.

  18. Re:Someone Is Learning How To Take Down the Intern by BarbaraHudson · · Score: 1

    Nah, they only copied the good stuff. One blank CD is probably overkill, but who has floppies or zip drives any more?

    --
    "Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
  19. A Nascient AI Exploring its Universe? by Psion · · Score: 1

    You just have to love the work of Google's DeepMind projects!

  20. Re: As the US surrenders control of DNS by npslider · · Score: 2

    Once China's great firewall is updated to RedOS 2.0. They can turn off the "Internet" and keep the good times rolling behind their borders...

  21. Re:TFS leaves out most important piece ignoring in by npslider · · Score: 2

    But of course...

    If the NSA can't OWN the Internet. It will do the next best thing, and throw a tantrum and shut it off.

    "If we can't have it.. nobody can!"

  22. Re:Someone Is Learning How To Take Down the Intern by npslider · · Score: 3, Funny

    640k ought to be enough for anybody to back up the Internet.

  23. "uses every they have got" by turkeydance · · Score: 1

    yea...that

  24. I hope it's us...I think by pseudorand · · Score: 1

    I hope it's US DoD trying to catch up on cyber security. Or maybe not. I'm not sure who's scarier, foreign governments or our own. Not that I like terrorists, but I'm pretty sure we all need to be more worried about all the the "official" guys we willingly bought nukes and stuff for than we do about the "alquiedas" who might like to steal one.

  25. Re:north korea's last dieing move after the nukes by CrimsonAvenger · · Score: 1

    dying.

    --

    "I do not agree with what you say, but I will defend to the death your right to say it"
  26. At what point do end-users become responsible by mlw4428 · · Score: 3, Interesting

    For far too long we've allowed people to buy computers, hook them up to the internet with crappy "AV" software, let the end-user allow the subscription to end, not install security updates, and do literally everything else they can do to compromise security. In effect, it's like letting a drunk driver to drive around in his car after allowing him to cut his break lines, and shove a heavy rock on the accelerator. There needs to be something that holds people accountable to do a bare minimum number of things.I realize that simple things like having a decently ranked AV, keeping it and the OS updated, keeping critical programs updated, and ensuring that home passwords are sufficiently complicated won't stop every single attack. But neither will simply telling people they should't drive drunk. That's why we have laws and cops and revokation of driver's licenses, fines, and jail time. At some point, end users need to be held accountable.

    1. Re:At what point do end-users become responsible by Anonymous Coward · · Score: 1

      This is exactly what Windows 10 forced updates are doing, and /. seems pretty pissed off at Microsoft about those.

    2. Re:At what point do end-users become responsible by nuckfuts · · Score: 2

      "AV" software is practically useless.

      How about an Internet that refuses to route packets with a forged source address?

    3. Re:At what point do end-users become responsible by Anonymous Coward · · Score: 1

      You misunderstand. Slashdot users are angry about Microsoft upgrading their systems. Forced patching is meant for everyone else.

      The best is when you can find a single poster who in one story comments that patching should never be optional, and in another posts that he never applies a patch until it's been tested in the wild for a month. Point it out and they get self-righteous about how patches need to come faster and have longer QA testing periods (????) so the userbase can be protected sooner, but with no risk of incompatibility with obscure OSS utilities that haven't been updated since 2005.

    4. Re:At what point do end-users become responsible by codeButcher · · Score: 5, Funny

      I hear your cry about antivirus software.

      A website the other day detected 432 viruses on my computer. Thankfully, it also provided a link to download some high quality antivirus software that resolved the problem.

      I'm glad to say I'm now part of the solution and not of the problem any more.

      --
      Free, as in your money being freed from the confines of your account.
    5. Re:At what point do end-users become responsible by goarilla · · Score: 1

      Isn't this what good ISP's are already doing ?

    6. Re:At what point do end-users become responsible by bheerssen · · Score: 3, Funny

      I am happy to hear that you take internet security seriously. Since you seem like a kind and generous person, I would like to share with you an opportunity to make money on the internet. You could earn up to $50,000 (FIFTY THOUSAND DOLLARS!) just by following a few easy steps. If you'll kindly send me your email address, I'd be happy to provide you with details.

      --
      (Score: -1, Stupid)
    7. Re:At what point do end-users become responsible by DRJlaw · · Score: 3, Insightful

      Woooossshhhhhhh....

    8. Re:At what point do end-users become responsible by Anonymous Coward · · Score: 1

      Funny...

      I've ran linux systems for 15 years now (probably nothing in /. time), and only bothered with AV on three of them -- companies where it was required by policy. Two viruses in Linux ever
      1) An infected file over wine (hilarious)
      2) Mozilla/Firefox's shitty plugin system brought in some proxy hijacking adware when an add-on was bought by a shady company. I blame mozilla -- and the scanner didn't catch it anyway.

      How do I know? Offline AV scanners on thumb drives ran about once a year during maintenance.

      My BSD based routers never caught anything.
      My mac system never actually caught anything, but the symantec scanner false flags constantly.

      My windows systems needed them desperately -- and that's why I stopped running it

      Keep your shitty preconceived notions of responsibility away from my hosts, and I'll keep my hosts off your network... thanks.

      Just because it's a computer doesn't give you a license to bump your stock in Symantec. If you want to hold people accountable -- start with the vendors of crappy products -- users can't actually be expected to know better, and don't understand misleading marketing materials anyway.

      How about you fine adobe $50 for every time a user is infected over flash, and send the proceeds to CERT.

    9. Re:At what point do end-users become responsible by wjcofkc · · Score: 1

      +1

      --
      Brought to you by Carl's Junior.
    10. Re:At what point do end-users become responsible by Anonymous Coward · · Score: 1

      HAHAHAHAHA shut up faggot, lets talk again when site developers, you know people that have some kind of insight into computers are able to serve adds without malware and THEN we talk about the users and their responsability

    11. Re:At what point do end-users become responsible by jezwel · · Score: 1

      As a Win10 user, I'm annoyed at forced updates at inconvenient & strange times ( in primetime, while i'm playing a multiplayer game - really?), and that a whole bunch of telemetry is running, much of which I doubt is useful for maintaining security of my system. Let me set the time for updates, then stick to it.

    12. Re:At what point do end-users become responsible by DRJlaw · · Score: 1

      Oh, no. I totally got it. Double secret reverse woooossshhhhhhh.

      An anonymous coward trying to save face. There's another woooossshhhhhhh for you...

    13. Re:At what point do end-users become responsible by jancar.marian · · Score: 1

      A license for computer usage should be required, like for driving a car.

    14. Re:At what point do end-users become responsible by mlw4428 · · Score: 1

      > users can't actually be expected to know better, and don't understand misleading marketing materials anyway.

      You must be in management, not IT. Users can and should be expected to know better. I'm sorry chief, maybe you're "old school", but this is 2016. Computers are everywhere and there are now adults who have grown up with them in their households and have had access to the internet for as long as they can remember. It's time to expect that they understand the car equivilent of what a stop sign is for or what to do at a red light. Or that the gas pedal is on the right and the brake pedal is on the left.

      > How about you fine adobe $50 for every time a user is infected over flash, and send the proceeds to CERT.

      Or you could fine the end-user for installing flash, since these days, it's not needed. Or we can just simply not fine developers since there's no such thing as bug free software. That's like suing Ford because the end user decided to take their C-Max and drove it down the side of a mountain when there's a far safer road that they could've taken instead.

    15. Re:At what point do end-users become responsible by codeButcher · · Score: 1

      My dear Nigerian friend... Seems that one of those 432 viruses wiped my whole hard drive, so I lost the e-mail with all your contact information. I'm so glad you found me again!!!

      --
      Free, as in your money being freed from the confines of your account.
  27. What is this gibberish? by Anonymous Coward · · Score: 2, Insightful

    "Verisign is the registrar for many popular top-level Internet domains, like .com and .net. If it goes down, there's a global blackout of all websites and e-mail addresses in the most common top-level domains."

    Somebody who has no idea how anything works must have written this.

  28. Re:Someone is learning how to become an editor by NetNed · · Score: 1

    Annnnnd you failed

  29. Even the commies follow the money! by shanen · · Score: 2

    Is the moderation system disabled? That one deserved a "good question" mod, but the closest approximation here would be "insightful". Not only that post, but no "insightful" mods yet. That led me to check for "funny" mods, too, and couldn't find any. Anyway, I can't give you a mod point since I never get any. Many years now...

    I still think that most of the spam and scams are motivated by profit, and most of the time the way to fix the problem is to figure out the business model and break it. Unfortunately, only one major success story I can think of: The demise of the pump-and-dump spam scams. After several research papers proved the scammers were essentially printing their own money, they changed the rules of the game to stop it, and the stock-touting spam went away.

    Focusing on your narrow question about the presidential election, the answer is intuitively obvious to the most casual observer. America has real enemies and all of them benefit from the effective paralysis of the American government. That means ALL of America's enemies and wannabe enemies are looking at the problem in terms of their OWN profits. Some of them (like Russia) are playing short-term games for money to be harvested next week, but many (like China) are playing for the long-term, seeking power that will later translate into money.

    Their calculus is not limited to your "Internet black out" (sic) scenario, but would include all sorts of attack scenarios. However, I think it is obvious that a large-scale Internet blackout extremely close to the election would help Trump because it would probably cripple the Democratic GOTV efforts.

    I'm more concerned with why Windows 10 is so great for pwning. Hint: Microsoft has no financial liability and the ISPs don't care as long as you pay your bill.

    --
    Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
  30. Re:Someone Is Learning How To Take Down the Intern by aliquis · · Score: 1

    The latest Internet version from Vivaldi, version 1.4, wrote 1 TB to my SSD yesterday (by memory allocation and Windows swap) - thanks Vivaldi!

  31. Re:Someone Is Learning How To Take Down the Intern by Alypius · · Score: 3, Funny

    Just save it to the cloud! That way, when the internet goes down, you can still run your sites through your smartphone!

  32. Suspicious Claim by bill_mcgonigle · · Score: 1

    and they ensure that the company uses every [sic] they have got, leaving them with no choice but to demonstrate their defense capabilities to the attacker.

    This doesn't make sense. To require them to use every defense they have would require the attacker to be precisely calibrated with the defenses the company has.

    It's much more likely that the attacker has more offenses that the company doesn't have defenses for or that the attacker has fewer attacks and that the company has defenses that are not employed.

    Even more likely is a disjoint match - the attacker has attacks the company is not prepared for and the company is prepared for some attacks the attacker is not employing.

    The only way the statement could make sense as written is if the attacker has a priori inside knowledge of the companies' defenses. That would be a much bigger story. More likely is that at least some of the claims in the article are not well-founded and/or outright propaganda.

    --
    My God, it's Full of Source!
    OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
    1. Re:Suspicious Claim by amxcoder · · Score: 1

      I read it differently and made a different, but similar, assumption. I read it as: the attackers didn't have inside info on their defenses, but that they were big enough, and lasted long enough, and possibly had various attacks going on, that it was causing Verisign to "reveal their hand" so to speak with their defenses... whether it was all of their defense strategies, or just more than would have liked to reveal is up for interpretation for the story I guess.

  33. Re:Someone Is Learning How To Take Down the Intern by JustNiz · · Score: 2

    Wait, the Internet is up to version 1.4 already?
    When did it move out of beta?

  34. Redesign internet with a backchannel by presidenteloco · · Score: 3, Interesting

    My computer often freezes with the beachball of death or disappearing cursor. Some runaway application, interacting with OS memory managment or UI services and devices, has managed to DOS my computer. Often a reboot is the only solution.
    But what was the real problem? The fact that someone designed an OS that allows runaway processes and memory managers and what not to completely dominate all other processes, or to completely hijack key devices.
    Why would an OS not have a more effective segmentation; a hierarchy, which enforces rules like:
    - Never dominate the pointer movement and rendering, ever, for any reason
    - Give the process kill user interface (red button, X), and the process termination procedure, absolute highest priority as well.
    - Have a high-priority command shell process.
    - Don't let background processing and user-process memory use ever dominate and freeze user interface rendering. Probably requires a separate CPU core just for talking to the graphics subsystem.

    Seems like an off-topic aside maybe?
    But the same principle should be applied to Internet design.
    - A backchannel allowing sys-admin commands (at low data rates only) to get through the network should have highest priority and not be affected at all by overcapacity on other "channels".
    - A low data rate channel permitting only low-frequency-of-send email / messaging protocol to get through should be next in line. By design it should not permit flooding. Its functioning should be entirely independent of any DDOSable level.
    - A level which supports general web-ish and messaging protocols but for trusted authenticated communicators only.
    - Finally, separated from the other levels at every switch, router, and network card, something akin to the current DDOS-ABLE level where anything goes.

    --

    Where are we going and why are we in a handbasket?
  35. time to move to virtual networks by WindBourne · · Score: 1

    Seriously, We need to create more virtual networks at the backbone level, and fully separate utilities, military, stock brokers, etc from the main arena. After all, while a nuclear plant needs to communicate with others, what need does it have to actually talk to the business office? none. The same is true of other Areas.

    --
    I prefer the "u" in honour as it seems to be missing these days.
  36. Re:north korea's last dieing move after the nukes by netsavior · · Score: 2

    no, I am pretty sure he means they are literally pouring molten iron into the internet.

  37. the federal beast website / code / game / pr stun? by cez · · Score: 1

    badselfeater.com (the federal beast...) Maybe we will find out in a few hours!? @ 7PM EST their countdown timer hits 0...

    --
    Walk with Music;
  38. World ends Friday by prefec2 · · Score: 1

    The solution to DDoS Attacke is peer-to-peer. Thank goodness DNS already works that way. If Verisign goes down, the information is still available in a DNS server near you. Mail will still work. WhatsApp may be not, but hey we can still use SMS.

  39. nice by eyenot · · Score: 1

    nice use of "what all". feels down-home.

    --
    "Stratigraphically the origin of agriculture and thermonuclear destruction will appear essentially simultaneous" -- Lee
  40. Kim Kardashian's Bum by PPH · · Score: 1

    n/t

    --
    Have gnu, will travel.
  41. Re:Someone Is Learning How To Take Down the Intern by Anonymous Coward · · Score: 1

    I do remember hearing Wikipedia maintains an offline variant people can grab, like 16GB.

  42. ISP's need to hold each other more accountable by phizi0n · · Score: 1

    First off all, ISP's ought to automatically detect abnormal traffic patterns to their clients and start blocking it in a temporary access control list that would expire after some time. There should be a protocol to share this temporary ACL upstream (how far upstream TBD depending on the size of the ACL vs how much routers can fit in RAM). If a source address is continually on the ACL then the ISP owning the address should be automatically notified so that they can take action against the client. If an ISP doesn't take action to cut off these users until they clean any infections / stop being malicious then other ISP's should cut off that ISP.

    Yes it would be painful at first but the more that ISP's police each other and their clients then the more botnets would shrink.

    1. Re:ISP's need to hold each other more accountable by Mike+Van+Pelt · · Score: 1

      One of the major things that needs to be fixed is to put an end to IP address spoofing. Generally, the worst of these attacks are some sort of amplification attack, where the attacker sends requests to some legitimate service that comes back with a large amount of data, and spoofs his IP address to the target of the DDoS. The first thing every ISP router should check on any packet is "Is it reasonable for a packet from this IP address to come in on this wire?" and if not, drop it. And at some point, "If you allow packets with spoofed IP addresses out of your network, we won't talk to you. At all."

      Yeah, there may be some legitimate uses of spoofed IP addresses for diagnostic purposes, but as has been said elsewhere, "This is why we can't have nice things."

  43. Re:TFS leaves out most important piece ignoring in by DavidHumus · · Score: 1

    This doesn't seem too far-fetched given China's traditional hostility to freely-available information versus the U.S.'s scary degree of dependence on the Internet.

  44. Re:Someone Is Learning How To Take Down the Intern by mlts · · Score: 1

    Is it possible to roll back to an earlier version? Even though it is rather old, the pre-AOL one wouldn't be too bad. Maybe the one before Canter & Seigel? Heck, I'd take the one before Eternal September.

  45. verisign by castus · · Score: 1

    Some of the major companies that provide the basic infrastructure that makes the internet work have seen an increase in DDoS attacks against them, says Bruce Schneier.

    This all is consistent with what Verisign is reporting.

    Is it? The way I understand it, verisign reports that their customers (verisign sells DDoS migitation services it turns out) have seen more and larger DDoS attacks in 2016, not attacks against verisign's infrastructure.

  46. Self-Check by ememisya · · Score: 1

    Nah, it's probably just C'thulhu looking around.

  47. test.sh by thoughtspace · · Score: 1

    rm -rf http://./

  48. Well Duh by tanstaaf1 · · Score: 1

    I am glad to see some attention being put to our exponentially growing FRAGILITY, as we race to replace all "dumb" infrastructure with really stupid plans for "smart" IOT everywhere. So thanks for the post. But I don't have a lot of hope. All the SF books and stories in the world haven't prevented our mad race to surrender all our privacy and create all the trappings required for totalitarianism way beyond anything imaginable in Brave New World. So, why should I hope that we will pull back from this race to make computers and buggy software the ultimate arbiters of all our cars, planes, stoves, heating systems, refrigerators, washing machines, toilets, door knobs, etc. etc. etc. I used to think humans were too smart to fall for anything so transparent. But here we are -- and racing headlong toward nightmare. Yeah, IOT. Humans haven't evolved their common sense and self control in thousands of years so we might as well go for AI and IOT in everything.

  49. Re:north korea's last dieing move after the nukes by networkBoy · · Score: 1

    I don't know why or how, but that just made my day so much brighter. /hat tip

    --
    whois gawk date unzip strip find touch finger mount join nice man top fsck grep eject more yes exit umount sleep dump
  50. Re:Is it even possible? by onepoint · · Score: 1

    Aware that I am replying to an AC.

    The problem with the self-healing theory is the following; the multiple of grids go down.... the few basic grids on a regional level are, your basic 15 - 20 power grids. 20 or so huge Air and rail transport grids, lucky for us, the USA has redundancy system built in, it's all radio and physical. Logistical grids fail in general so expect food stocks to dwindle to nothing.

    Not sure about water grids, I think they are local-ish or state-ish

    We won't die, or at least a large percentage will live, the problem is the re-boot.

    --
    if you see me, smile and say hello.
  51. OpenBSD to the rescue!!! by cpm99352 · · Score: 1

    You seem to be advocating the user is responsible for their actions, a la the car model.

    Oddly, you seem to an OS recommendation. Surely you recommend OpenBSD, correct?

    You also realize anti-virus software is garbage, right?

  52. Re:Is it even possible? by AHuxley · · Score: 1

    The US issue of self-healing theory might not be real policy at the private sector or consumer level.
    Building out to add as many consumers at a very low cost along one network is about cost savings. A one connection policy only up and down the wider network.
    The gov, party political, mil elite on the upper east coast would have great redundancy thanks to contractor overspend and mil/gov policy.
    The west coast would have had the rush to build networks and in theory have a few different networks still running.
    The real fun part is the unpaved fly over state where east and west multinationals agree to peer. Why pay to build out redundancy for another company?
    Thats shareholder cash per year been lost to a "theory". The working one link, one satellite, buying just enough shared bandwidth for expected daily data flows is the all the redundancy worth investing in.
    Recall "A Dissertation So Good It Might Be Classified" (01.01.04).
    https://www.wired.com/2004/01/...

    --
    Domestic spying is now "Benign Information Gathering"
  53. Re:Someone Is Learning How To Take Down the Intern by GrumpyNope · · Score: 1

    I beat you to it. I already have it on a floppy.

  54. Re:TFS leaves out most important piece ignoring in by Anonymous Coward · · Score: 1

    Um, moderators:

    Note that the GP is *the artist formerly known as 'naval information warfare officer'*. And he just sank your battleship with the incessant whining about "anti-Americanism" on Slashdot. Are we just going to join in the call for war again based on possibly "mistaken" information, like with Afghanistan and Iraq? Let's get some confirmed evidence first this time.

    For sure the military don't use DNS from a public cache, and maybe not even TCP/IP anymore. I doubt very much they will suffer any denial of service attacks from the public internet. I hope they're not that dumb.

    *New name: cryptologic warfare officer.

  55. Re:"the company uses every they have got" by LesFerg · · Score: 1

    omg, they have already broken sentences. The rest of the internet will soon fall.

    --
    If I had a DeLorean... I would probably only drive it from time to time.
  56. Re:Someone Is Learning How To Take Down the Intern by dcooper_db9 · · Score: 1

    Was it blank before or after you copied it?

    --
    I do not block ads. I do block third party scripts.
  57. Re:Someone Is Learning How To Take Down the Intern by aliquis · · Score: 1

    The "Vivaldi Internet" is.

    (My post was a reply to "got the Internet on CD-ROM" you have to read it in context.)

    ("Google Internet" is at version 52!! (It bombs? Maybe that explain the Vivaldi behavior since it's based on Chrome))

  58. Re:Someone Is Learning How To Take Down the Intern by stealth_finger · · Score: 1

    HELP! I accidentally the whole internet!

    --
    Wanna buy a shirt?
    https://www.redbubble.com/people/stealthfinger/shop?asc=u
  59. Re:Someone Is Learning How To Take Down the Intern by stealth_finger · · Score: 1

    CRTL+P

    --
    Wanna buy a shirt?
    https://www.redbubble.com/people/stealthfinger/shop?asc=u
  60. Re:Someone Is Learning How To Take Down the Intern by stealth_finger · · Score: 1

    or CTRL, whatever.

    --
    Wanna buy a shirt?
    https://www.redbubble.com/people/stealthfinger/shop?asc=u
  61. Re:Someone Is Learning How To Take Down the Intern by stealth_finger · · Score: 1

    Combined SCP-355 into one handy source?

    http://www.scp-wiki.net/scp-335

    --
    Wanna buy a shirt?
    https://www.redbubble.com/people/stealthfinger/shop?asc=u
  62. so what? by ole_timer · · Score: 1

    new domains would be limited or stopped, existing domains would work just fine. bruce should crawl back in his hole.

    --
    nothing to see here - move along
  63. If you want a vision of the future... by hoggoth · · Score: 1

    If you want a vision of the future, imagine a September that never ended - forever.

    --
    - For the complete works of Shakespeare: cat /dev/random (may take some time)
  64. Re:Is it even possible? by onepoint · · Score: 1

    You are correct ( my person views only ) about the private sector and consumer level self-healing. As an observation of self-interest and I don't have the cite source facts, look at the bridges and roads of the USA. Most bridges ( greater than 50% ) are in need of major repair ( read that in 2012, can't find the source ). We don't have enough qualified Bridge inspectors in the USA to look and write reports ( we have less than 100, and I am sure the report I read said 42 in the entire USA ).

    Heck we need a huge amount of money to be spent on logistics repair and or replacements.

    Read about the Brooklyn bridge, it was built with triple redundancy and that's what saved it when NY ran out of money for maintenance in the 70's and could only emergency maintenance. Imagine all those bridges built in the 50's and 60's, they need fixing.

    --
    if you see me, smile and say hello.
  65. Re:Someone Is Learning How To Take Down the Intern by Coren22 · · Score: 1

    Twice the capacity?
    http://www.newegg.com/Product/...
    http://www.newegg.com/Product/...
    or even
    http://www.newegg.com/Product/...

    SD card (200GB) is so much more than twice a CD (700MB) or even a Blu-Ray disk (50GB) as to be laughable.

    --
    APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
  66. Re:Someone Is Learning How To Take Down the Intern by Coren22 · · Score: 1

    That is what all this cloud stuff is, they just want to bring back the mainframe days.

    --
    APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
  67. Re:north korea's last dieing move after the nukes by Coren22 · · Score: 1

    fall.

    North Korea.

    I doubt they would make it past the nukes falling though as the US has easily enough to hit the whole of North Korea.

    --
    APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?