Yeah... just DoS the inbound routers and well you just toasted a bunch of high paying companies.... I wonder what kinds of DoS DDoS defences they have... firewall won't cut it.
I hear that Asta Networks have product that will stop DoS attacks.
Yeah... the zombie is part of the issue but you've got to realize that this is just not gonna end.
The key is to go after the zombies but also go affter the traffic. I was not shocked by the findings of the report but I've gotta wonder how much of this DoS tarffic is eating up bandwith that I've gotta pay for.
The very act of observing the photostream forces you to make a decsion on how the protons will be polarized -- as the Man in the Middle you don't know which protons you are interperting are correct until you get the entire message.
For an excellnet description on this process I would recommend Simon Sings' book The Code Book. You can find it here.
One of the benifits of quantum crypto is the ability for easdroping to be detected.
On time pads are very secure and if used correctly, are very difficult to break. The issue with one time pads is the distribution and mangement -- with quantum crypto you don't need this and it cuts down on overhead.
In my opnion this overhead is the real reason why we do not see cypto adopted for business use on a wide scale -- can you imagine the same folks that need to get toner in the copier being responsible for the distribution of one time pads!
The kiddies may have a say in this too. The power that they have at their hands to just about cream a segement of the net with a low tech DoS attack is pretty amazing. I happened to be managing a small site that was hosted by the same folks who do Amazon and we were totaly taken off line as a result of DoS attacks -- it sucked.
Not sure that the bean counters are the ones we need to be worried about... do you know how safe your border routers are?
So far all the easy things have been done on the net for reliablity. Throw more hardware at it add more lines -- kind of reminds me of old style management where the powers that be would throw more people at the problem vs working smarter.
Tools like what Asta Networks are building will allow you to work smarter NOT harder.
I don't know about the rest of you but I would rather spend my time playing with new technology vs babysitting and digging throug logs 'cause some script kiddie had decided to just dork around with the segement of the net that I happen to be trying to run a business off of!
- Imp.
I agree that this is a very nice thing to see.
With the recent increases of cyberattacks on sites this is a very good thing to have happen. I happen to be sitting on a pice of backbone that is shared with some government offices and when the Washington State web site was clobbered my business took a hit from all the flooded traffic.
By offering to raise the security bar like this we all will be better off.
Yeah... that is my thought too. Now I'm no legal expert here but in reading this vaguely written piece of work other things that could get included would be:
Load test tools
Search engines
Caching software
This just seems like a big mistake by the USPO. Sure I think inteluctual property should be protected but there are some reasonable limits.
An this one seems way out of bounds and not reasonable at all!
In looking at the inpact of the net on society I think people are way too early to judge the media as a success or a failure.
I mean if you look at technology like say the TV it was going to change the world. We were going to have virtual 'town meetings' on the TV. We would be taking classes over the TV. TV was going to change it ALL. -- Well it didn't do everything and it did find its place; initaly as an entertainment media and possibly serving more of an educationional role.
The same is going to happen to the Net, Wireless, and what ever is next. It will start out being the solve all fix all but really it will just find its place and do what it does well.
The Net is a media for communication -- a very cool and personal favorite of mine but still just a media. It does some things well and others not so well... the same applies to print, telephone, fax, email, tv, movies, etc.
Web sites and the like are just finding their place in the grand scheme of things.
Maybe not that revolutionary but still it works very nicely. We happend to have lots of boxes hostes all over and a big chunk of them are at InterNap. It is amazing to see how dog slow some of the traffic gets when it goes over a particular saturated backbone.
I have to feel sorry for the folks who just get thrown onto those backbones 'cause somebody is playing hot potato with their packet.
It would be even nicer if people like Nos didn't have to have their packets play intercontintal hot potato, ping pong!
Yeah... when I had the chance to lobby for going to InterNap vs droping our existing provider who is just one step above trained monkeys I jumped at the chance to go to InterNap.
Sure they are more expensive but we've seen a nice return in customer satisfaction and performance times cause the little packets don't have to wander around until they find the right backbone.:)
Yeah... but launching an attack on inbound torpedo's LOB (Line of Bearing) is a pretty old tactic. Been used since the begining of submarine warfare. With modern torpedos you don't launch an attack along a LOB but do a dog-leg attack so if somebody shoots a torpedo back at where they think you shot from, along the LOB, you are not there.
I could see it as a revenge weapon but it strikes me as not very effective. What bubble head (submariner) would want to put this on their boat knowing that it has little chance of getting the guy who attacked first. And if there was any doubt of where you were... well you just runied it 'cause Shkval can't be used in a dog leg attack. Kind of like pinning a big Hear I am tag on your head.
If you think about it a bit further you may see some other uses like anti-shipping. If one Shkval equiped submarine gets close enough to let 10 - 20 of these buggers loose at a battle group well... there will be lots of flaming datums. In the confusion you would have a chance to get away. It is was deployed on a diesel boat it would be pretty scary 'cause they are very quiet.
In Anti-Mine Warfare these buggers would be pretty powerful like what the folks at NUWC sated. Although that would probally have things like Shkval deployed from air and surface units and not sumbarines.
Then again, I could be all wet (no pun intended) the Soviets/Russians we the ones who devloped the Alfa, a very fast and very noisey submarine.
I would argue that we are not done with our 'digital revolution' but more in the middle. Sure we may not stack up to the other great achevement of electricity, hot running water, medical progress, and others right now. We are still working on it and even in this faster paced world some things just take time to be adopted.
I would liken efforts to cross the digital divide as a more modern equivelant to the efforts to bring electricity to the Tennesee Valley and other 'poor' areas of the country during the 30's and 40's. Some would argue that the real impact of elecriticity in the home did not change society until the 50's in the United States -- and in many other parts of the world the impact has still not been felt.
I agree! I do have some BIG concerns over the whole precedence this sets. It is scary on one hand because there is so many variables that go in human behavior (legal and illegal) that I would be amazed that any piece of software would be able to digest this and come up with something that would be fair. You comment about lowering the operator skill level does get at what twisted my guts on this. We are already seeing this in 'managed' health care. - the imp p.s. I know that the GPF comment was a cheap shot... I just couldn't help myself...
It sounds a bit like one side of the discussions in Ray Kurzweil's book TheAge of Spiritual Machines : When Computer Exceed Human Intelligence.
I would recommend that anybody intrested in the topic read the book. It is an interesting book on lots of levels. One thing Kurzweil does is have a socratic discussion on various topics.
I rember that there was one side of the discussion that this could be used for evil and that machines could overtake humanity.
Personaly I think the risk is there but my guess is that human beaings are way too much of a 'control freaks' to let this happen.
I would agree with you. That each country is going to spy for its best intrests.
The French are good. Their track record is among the best.
Although the practicality of getting this pulled off would be pretty hard. Belive it or not MS has lots of testers and testers tend to find these things.
Also it would be hard to hide... I just can't see how you could bury it unless you worked directly with a programer.
It would be eaiser for the NSA to insert special 'builds' into a hostile environment vs having all of Windows with a neat little security hole.
As a final note... MS has a whole lot of non-US citizens running around which could stumble into this and spill the beans.
Even though I'm shooting holes in the possiblity of this happening... things like this have in the past.
Yeah... the power need to do this is pretty impressive. If you get a chance to read Peter Wright's book _Spy_Catcher_ it has some pretty good info on how and what it takes to boost signals so you can tap them.
The Brits had a C-130 specialy modified to be able to boost the transmission signals for listening devices -- unfortunalty it played hell with comon things like the UK cabbies radios in the 60's - 70's.
Slashdot Mirror
Yeah but if you DoS the transaction the data doesn't get to the server ... seems to me you need a secure location AND redudant/flood proof pipes.
I hear that Asta Networks have product that will stop DoS attacks.
-Da Imp
The key is to go after the zombies but also go affter the traffic. I was not shocked by the findings of the report but I've gotta wonder how much of this DoS tarffic is eating up bandwith that I've gotta pay for.
The very act of observing the photostream forces you to make a decsion on how the protons will be polarized -- as the Man in the Middle you don't know which protons you are interperting are correct until you get the entire message.
For an excellnet description on this process I would recommend Simon Sings' book The Code Book. You can find it here.
So ...
Anybody know of any comercial uses of one time pads? Their use for military purposes is pretty well known.
On time pads are very secure and if used correctly, are very difficult to break. The issue with one time pads is the distribution and mangement -- with quantum crypto you don't need this and it cuts down on overhead.
In my opnion this overhead is the real reason why we do not see cypto adopted for business use on a wide scale -- can you imagine the same folks that need to get toner in the copier being responsible for the distribution of one time pads!
The kiddies may have a say in this too. The power that they have at their hands to just about cream a segement of the net with a low tech DoS attack is pretty amazing. I happened to be managing a small site that was hosted by the same folks who do Amazon and we were totaly taken off line as a result of DoS attacks -- it sucked.
Not sure that the bean counters are the ones we need to be worried about ... do you know how safe your border routers are?
So far all the easy things have been done on the net for reliablity. Throw more hardware at it add more lines -- kind of reminds me of old style management where the powers that be would throw more people at the problem vs working smarter.
Tools like what Asta Networks are building will allow you to work smarter NOT harder.
I don't know about the rest of you but I would rather spend my time playing with new technology vs babysitting and digging throug logs 'cause some script kiddie had decided to just dork around with the segement of the net that I happen to be trying to run a business off of!
- Imp.
I agree that this is a very nice thing to see.
With the recent increases of cyberattacks on sites this is a very good thing to have happen. I happen to be sitting on a pice of backbone that is shared with some government offices and when the Washington State web site was clobbered my business took a hit from all the flooded traffic.
By offering to raise the security bar like this we all will be better off.
That was a different coward. Than the earlier threat ... I too am interested in reading about this being relevent.
Thanks
- Load test tools
- Search engines
- Caching software
This just seems like a big mistake by the USPO. Sure I think inteluctual property should be protected but there are some reasonable limits.An this one seems way out of bounds and not reasonable at all!
I mean if you look at technology like say the TV it was going to change the world. We were going to have virtual 'town meetings' on the TV. We would be taking classes over the TV. TV was going to change it ALL. -- Well it didn't do everything and it did find its place; initaly as an entertainment media and possibly serving more of an educationional role.
The same is going to happen to the Net, Wireless, and what ever is next. It will start out being the solve all fix all but really it will just find its place and do what it does well.
The Net is a media for communication -- a very cool and personal favorite of mine but still just a media. It does some things well and others not so well ... the same applies to print, telephone, fax, email, tv, movies, etc.
Web sites and the like are just finding their place in the grand scheme of things.
I have to feel sorry for the folks who just get thrown onto those backbones 'cause somebody is playing hot potato with their packet.
It would be even nicer if people like Nos didn't have to have their packets play intercontintal hot potato, ping pong!
da imp
Sure they are more expensive but we've seen a nice return in customer satisfaction and performance times cause the little packets don't have to wander around until they find the right backbone. :)
da imp
I could see it as a revenge weapon but it strikes me as not very effective. What bubble head (submariner) would want to put this on their boat knowing that it has little chance of getting the guy who attacked first. And if there was any doubt of where you were ... well you just runied it 'cause Shkval can't be used in a dog leg attack. Kind of like pinning a big Hear I am tag on your head.
If you think about it a bit further you may see some other uses like anti-shipping. If one Shkval equiped submarine gets close enough to let 10 - 20 of these buggers loose at a battle group well ... there will be lots of flaming datums. In the confusion you would have a chance to get away. It is was deployed on a diesel boat it would be pretty scary 'cause they are very quiet.
In Anti-Mine Warfare these buggers would be pretty powerful like what the folks at NUWC sated. Although that would probally have things like Shkval deployed from air and surface units and not sumbarines.
Then again, I could be all wet (no pun intended) the Soviets/Russians we the ones who devloped the Alfa, a very fast and very noisey submarine.
- tech_imp
I would liken efforts to cross the digital divide as a more modern equivelant to the efforts to bring electricity to the Tennesee Valley and other 'poor' areas of the country during the 30's and 40's. Some would argue that the real impact of elecriticity in the home did not change society until the 50's in the United States -- and in many other parts of the world the impact has still not been felt.
I agree! I do have some BIG concerns over the whole precedence this sets. It is scary on one hand because there is so many variables that go in human behavior (legal and illegal) that I would be amazed that any piece of software would be able to digest this and come up with something that would be fair. You comment about lowering the operator skill level does get at what twisted my guts on this. We are already seeing this in 'managed' health care. - the imp p.s. I know that the GPF comment was a cheap shot ... I just couldn't help myself ...
I would recommend that anybody intrested in the topic read the book. It is an interesting book on lots of levels. One thing Kurzweil does is have a socratic discussion on various topics.
I rember that there was one side of the discussion that this could be used for evil and that machines could overtake humanity.
Personaly I think the risk is there but my guess is that human beaings are way too much of a 'control freaks' to let this happen.
The French are good. Their track record is among the best.
Although the practicality of getting this pulled off would be pretty hard. Belive it or not MS has lots of testers and testers tend to find these things.
Also it would be hard to hide ... I just can't see how you could bury it unless you worked directly with a programer.
It would be eaiser for the NSA to insert special 'builds' into a hostile environment vs having all of Windows with a neat little security hole.
As a final note ... MS has a whole lot of non-US citizens running around which could stumble into this and spill the beans.
Even though I'm shooting holes in the possiblity of this happening ... things like this have in the past.
The Brits had a C-130 specialy modified to be able to boost the transmission signals for listening devices -- unfortunalty it played hell with comon things like the UK cabbies radios in the 60's - 70's.