My problem with it was that it seemed like 90% of the world was slimy underbelly and only the top 10% was actually comfortable. This was portrayed as a "good" thing, for social stability.
Also language has been changed in the new law text possibly making it legal to eavesdrop private communications like email for antipiracy purposes.
On that note, how much effort is required to get a license to eavesdrop without the police looking over your shoulder, it sounds like someone could get into the e-mail of the people behind this relatively easily. Would be a great PR boost.
Hah! It might be different were you come from but in both my native country as well as the one I am now residing in the top newspapers feature articles along those lines regularly. During the Conficker debacle it was next to impossible to avoid reading articles about the importance to update your system, get AV and Firewall switch to alternative browsers etc.
Things are different here. My argument carries weight still.
You replied to a comment and write "Linux users". I don't know what language you speak but in English this is called stereotyping since that comment does not reflect all Linux users. And about your car analogy the same rule applies. You can't assume that all Toyota owners act a certain way simply because one did.
No I'm really not. I'm responding directly to a comment expressing joy at the possible destruction of my work since the last backup. Especially since that comment was rated 5, indicating at least some agreement from bystanders. If you drive a Toyota it's bad from to cheer when a different brand of car's brakes jam and it goes off a cliff with people inside.
It's not that we don't care. We care deeply. But these users have been told - again and again and again - that Windows is insecure, to run anti-virus software and keep their systems up-to-date, and make regular backups.
I doubt the users have been told at all. The non-technical individual will most likely never see even ONE of the sites that say these things nor are they likely to have the full ramifications explained to them in a way that they will understand.
Mainstream media tells people to run anti-virus software and patch their systems.
Anti-virus is massively slow, each one has a mostly overlapping subset of viruses that they catch and almost none of them can catch new viruses while generating a massive amount of false positives. It's no wonder people don't use them.
Linux people tell them they should run linux, not Windows.
I won't argue generalities. As the poster below me said, we all use systems for a reason. I use Windows despite having experience with Ubuntu, Gentoo and Debian because it suits my purposes in a way Linux does not. All the talk of "Linux does x,y and z that can be thrown my way is not helpful because it doesn't run the closed source Windows-only drivers from a third party company that I need.
Now I'd like to think that should my work all be destroyed, despite my care, the helpful Linux users won't openly cheer to my face.
If their so-called "security patches" didn't contain anti-competitor tricks (changing default settings from FF to IE, Google to Bing, etc.), "anti-piracy" trojans and other crap so often, then their users might have more motivation to install the patches. Me, I stopped running the updater when IE7 came out, and spent the rest of my time on Windows figuring out how to migrate (now using Ubuntu).
Yeah you have to wonder what they were thinking when they made the judgment call to start changing defaults. But I doubt most users consider this when deciding to patch.
Having said that, counter-hacking might be a useful investigative technique. If it was legal.
Since the pundits are saying that it could be a foreign government, and that the attackers struck at military targets; legality is less applicable that it would normally be.
Or to put it another way. If you were assaulted in the street by someone, the police would deal with it. If the Argentinian government sent a spy to assault you in the street. It's no longer a police matter.
Most likely it will at best lead to a compromised host which is being controlled remotely. Very likely the loss of the actual original control system where the bot herder is sitting would not be a big deal.
Even failure will reveal useful information about the opponent's capabilities. Before it was just posturing but if it is the NKs then this is the first time that they have hindered a foreign government. Information about them would be really useful about now.
about time windows boxes self destructed... people might start to question windows security issues more if their boxes died rather than just slowed down...
Now I for one am GLAD that Linux users care so deeply about the suffering of others. It's posts like this that led me to believe that Linux propagation is less about improving the world's computer safety and more about showing everyone up.
I could be wrong but I was led to believe that there's already a patch for this exploit, so it's not Microsoft's fault except in that they didn't force people to patch against their will.
This sounds like an excellent opportunity four a counter-hack. If you follow the chain of computers back to the source, won't it end up in the opponent's critical systems? By placing a backdoor in the target, we would be able to study their technique and objectives.
So where should they develop to? Windows is "as good as it gets". What should they include in the system to have another "must have" seller? I can't see anything the average user could want.
Well I could come up with a few things that I would enjoy seeing in XP..
* Kernel use for SSE3 and additional processor instructions when available.
* Support for Vista drivers in XP
* Strip out the unnecessary services and operations to streamline Xp for most people's use. It's been around for a while and MS could do a lot.
* Add a disk scheduler like Linux uses
* Better 64 bit driver support
* 64GB memory support out of the box for the 32 bit edition
I've probably missed a few things. But Xp could be better still and if they add a few of the nicer options I would even be willing to buy a new version.
My vast powers predicted this post from the very time I saw it on google's feed. I've also got a response. "I don't exist just for the sake of making children.".
it's well known that the US would be in big trouble if it was forced to fight two major conflicts... i.e., if we engaged n. korea. so yes, forcing the US into that could very well unbalance it. anything that raises tensions between the US and n. korea furthers that end. if china considers n. korea an ally (do they?), it's only because of proximity and because "the enemy of my enemy is my friend". i seriously doubt that would stop them from using n. korea to further their goals. as for why n. korea... 1) they are technologically backwards and probably aren't up to disproving the claim and 2) they are one of a few nations that we could believe would make such an attack.
They're all good points. But in the last Korean war, the American forces faced off against the Korean and Chinese armies and utterly slaughtered them. Despite being vastly outnumbered the American force sustained some obscenely small amount of casualties and proceeded from one end of the country to the other in record time. During the intervening period, the Americans have become far more advanced and the Koreans wouldn't have the Chinese backing them.
The stuff I've read suggests that an attack by the NK army would flood over the demilitarized zone and flatten Seul with artillery (if it's still there), but the American reprisal would mow through NK without even slowing down. I maintain despite your points that it's still not worth it for China.
china gains by stressing it's enemies. assuming they consider the US an enemy, raising tensiosn with n. korea destabilizes the US because it's already up to it's neck in afghanistan and iraq. i'm not accusing china, jut making an observation.
Yes, true. But it doesn't seem worth it. In this case China doesn't actually gain anything, it doensn't do enough damage or strain things to the point where America unbalances. However there is massive potential for backlash. Also, China seems unlikely to frame it's own ally; they would pick someone else to take the fall.
While the US and South Korea have been at war with North Korea in the past, and quite possibly the near future, it's not correct to say we are presently at war with them. Perhaps you meant "they were" instead of "they're" - the contraction for "they are"?
For one thing the war never officially ended. America didn't sign anything and South Korea signed a cease fire. North Korea recently stated that the cease fire is no longer valid. Therefore, according to them, North Korea is at war with America and South Korea. Although that doesn't stop them from talking about Imperialist provocation.
except that the reichstag fire worked, the gulf of tonkin worked, many others worked.
They do work, otherwise people would never do it. However when your country stands to suffer from the fallout, the risk/reward balance is heavily skewed. If it is a third party, eventually they will be found out. If they had succeeded in starting a war, the fallout would be crushing.
Could always do what Russia does they recruit and help train them and supply them, but never officially support them however they pretty much sick them on people to have their way example with with Georgia.
That carries the same problems; people find out and the fallout comes back home sooner or later.
You think for one second that a bored hacker even thinks that far ahead?
And lets get some perceptive here. A few website went down for less than a day. Hardly an attack that anyone should care about. And not national security or military level either.
Really a DDOS attack like this, *is* a small thing.
I'm not disagreeing, it's entirely possible. I merely think it's unlikely. The scale of the attack does appear small, but the NASA example I used was nothing to care about, intent to attack matters.
The point of a botnet is they don't have to be very motivated at all. Just bored. Having a list of IP numbers or URLs that includes 2 countries is *not* difficult.
I mean there's a high probability (50%+) that they will spend the rest of their lives inside a prison. Targeting a foreign country's military infastructure is no small thing and their home country is unlikely to go to defend them from something like this. If they're smart enough to pull this off no doubt this would have occured to them as well. Remember the guy that infiltrated NASA got something like 20+ years and that wasn't even military critical, neither did he do damage.
dont be naive. Why would China try to bring NK to the table? They have nothing to gain from that! Of course they pretended, seeing how far the US goes.
The NK pressure clearly causes headaches for US, ergo its good for China.
The Chinese fund something like 9/10th of NK's fuel and 8/10th of their consumer goods, they basically keep the country running and the word I've heard is because they want to both bolster communism in the world and because it buffers the incredibly rich incredibly capitalist South Korea from their borders. If the Americans finally snap and burn North Korea to the ground the Chinese are unlikely to go to bat for them, it's not worth it, the Americans owe them money and being seen to start wars is bad for business. The end result would be the ultra capitalist South right up against China's borders plus hundreds of thousands of North Korean refugees rushing into China.
What always bugs me with these "cyberwar" news is that people try to put one country as responsible for them, and its always China or Russia or one of the other "bad guys". Like parent post said, their goverments have no reason to do something like DDOS attacks against US. Who's to say its not just some individual who either is pissed at US/South Korea or has such political views, or does so for whatever reason? Stop blaming countries as a whole if you dont know it.
But there's two things that are important here..
1. An individual would have to be VERY motivated to attack two countries at once. Especially if those countries are the US and South Korea. The only thing that makes them unique is that they're at war with North Korea. We also know for a fact that the North Korean citizen does not have internet access from reporters inside the country, in fact posessing a device that can access the outside is punishable by death there so it can't have been a NK citizen acting alone. Assuming it was just one citizen from another country they would have to be very dedicated to perform what is basically a military strike against a foreign power. Prepared to risk death to frame North Korea; that would be a very unique combination and it makes little sense.
2. North Korea has recently been upping it's cyberwar capability enough for it to show up in overseas media. They only recently sent teams to participate in international hacking challanges and appear to have done well in them. One of the main reasons I instantly suspected NK is because of this.
So my personal suspicion is based on the fact that they've recently been working hard to build up their capability in this field despite having no internet connectivity for the average citizen and then all of a sudden a cyber strike hits North Korea's enemies at the same time they're conducting missile tests in contravention of UN sanctions.
I'm just curious when or if rules are going to be put up about Internet sovereignty, so that an attack on a website is seen as an act of war.
I can totally see a situation where a US gov't website or economic hub (e.g. stock exchange servers) would get hit by a series of computers based out of N. Korea, the US declares war on N. Korea for violating US internet sovereignty, and the whole thing was a setup by a third party looking to create and exploit a power vacuum.
Maybe I've been reading too many NetForce novels, but the whole idea scares me, and I have the feeling that most people in America wouldn't understand why... particularly the people who make the laws about this kind of thing.
What stops people doing that is the same thing that stops them doing it in the physical world. People have been trying to frame others for military attacks since the dawn of human history and the main deterrant is that if it backfires not only will the government become destabilized from within as people oppose the subterfuge but both involved nations with pile on it simultaneously.
Not to mention, even if they succeed, it will come back to haunt them at some later point after their intervention is discovered.
The best defense is always a good offense. Why not launch an attack on North Korea? We have far more advanced technology and could probably cause more damage to them than they could cause to us. If we are crippling their systems, they won't be able to attack ours. I would love to see our government take off the gloves in the cyber world for a change rather than always invading everyone.
Since they started it, it would only be fair. However, there would definitely be some line about imperialist agression. Still, there's almost no chance they would escalate it to physical conflict. A shot above the bows would be nice for once. It might save us from having to drop the hammer when they finally go too far.
However, do they have enough internet connected infastructure to be worth hitting?
Let's not. See what offends me about this whole thing is that it's so obivious. If they'd just targeted America, it could have been anyone. But 'whoever' it was had to go and hit South Korea too, at the same time. Who hates both the US and South Korea?
By the way, don't say "Chinese Plot", they have nothing to gain from upping tensions at this point. They've been trying to bring the North Koreans into negotiations and they too have issued denounciations against NK by this point. Iran's official line is that the UK is mostly responsible for their problems, they have little to gain from doing something to the Americans and the Russians were just recently in negotiations with Obama that appear to have gone well.
Slashdot Mirror
Presumably the people sharing will be posting these images on sites that don't do all of these things.
My problem with it was that it seemed like 90% of the world was slimy underbelly and only the top 10% was actually comfortable. This was portrayed as a "good" thing, for social stability.
Also language has been changed in the new law text possibly making it legal to eavesdrop private communications like email for antipiracy purposes.
On that note, how much effort is required to get a license to eavesdrop without the police looking over your shoulder, it sounds like someone could get into the e-mail of the people behind this relatively easily. Would be a great PR boost.
Hah! It might be different were you come from but in both my native country as well as the one I am now residing in the top newspapers feature articles along those lines regularly. During the Conficker debacle it was next to impossible to avoid reading articles about the importance to update your system, get AV and Firewall switch to alternative browsers etc.
Things are different here. My argument carries weight still.
You replied to a comment and write "Linux users". I don't know what language you speak but in English this is called stereotyping since that comment does not reflect all Linux users. And about your car analogy the same rule applies. You can't assume that all Toyota owners act a certain way simply because one did.
That is true. I was wrong to stereotype.
Yeah you're not stereotyping at all.
No I'm really not. I'm responding directly to a comment expressing joy at the possible destruction of my work since the last backup. Especially since that comment was rated 5, indicating at least some agreement from bystanders. If you drive a Toyota it's bad from to cheer when a different brand of car's brakes jam and it goes off a cliff with people inside.
It's not that we don't care. We care deeply. But these users have been told - again and again and again - that Windows is insecure, to run anti-virus software and keep their systems up-to-date, and make regular backups.
I doubt the users have been told at all. The non-technical individual will most likely never see even ONE of the sites that say these things nor are they likely to have the full ramifications explained to them in a way that they will understand.
Mainstream media tells people to run anti-virus software and patch their systems.
Anti-virus is massively slow, each one has a mostly overlapping subset of viruses that they catch and almost none of them can catch new viruses while generating a massive amount of false positives. It's no wonder people don't use them.
Linux people tell them they should run linux, not Windows.
I won't argue generalities. As the poster below me said, we all use systems for a reason. I use Windows despite having experience with Ubuntu, Gentoo and Debian because it suits my purposes in a way Linux does not. All the talk of "Linux does x,y and z that can be thrown my way is not helpful because it doesn't run the closed source Windows-only drivers from a third party company that I need.
Now I'd like to think that should my work all be destroyed, despite my care, the helpful Linux users won't openly cheer to my face.
If their so-called "security patches" didn't contain anti-competitor tricks (changing default settings from FF to IE, Google to Bing, etc.), "anti-piracy" trojans and other crap so often, then their users might have more motivation to install the patches. Me, I stopped running the updater when IE7 came out, and spent the rest of my time on Windows figuring out how to migrate (now using Ubuntu).
Yeah you have to wonder what they were thinking when they made the judgment call to start changing defaults. But I doubt most users consider this when deciding to patch.
Having said that, counter-hacking might be a useful investigative technique. If it was legal.
Since the pundits are saying that it could be a foreign government, and that the attackers struck at military targets; legality is less applicable that it would normally be.
Or to put it another way. If you were assaulted in the street by someone, the police would deal with it. If the Argentinian government sent a spy to assault you in the street. It's no longer a police matter.
Most likely it will at best lead to a compromised host which is being controlled remotely. Very likely the loss of the actual original control system where the bot herder is sitting would not be a big deal.
Even failure will reveal useful information about the opponent's capabilities. Before it was just posturing but if it is the NKs then this is the first time that they have hindered a foreign government. Information about them would be really useful about now.
about time windows boxes self destructed... people might start to question windows security issues more if their boxes died rather than just slowed down...
Now I for one am GLAD that Linux users care so deeply about the suffering of others. It's posts like this that led me to believe that Linux propagation is less about improving the world's computer safety and more about showing everyone up.
I could be wrong but I was led to believe that there's already a patch for this exploit, so it's not Microsoft's fault except in that they didn't force people to patch against their will.
This sounds like an excellent opportunity four a counter-hack. If you follow the chain of computers back to the source, won't it end up in the opponent's critical systems? By placing a backdoor in the target, we would be able to study their technique and objectives.
So where should they develop to? Windows is "as good as it gets". What should they include in the system to have another "must have" seller? I can't see anything the average user could want.
Well I could come up with a few things that I would enjoy seeing in XP..
* Kernel use for SSE3 and additional processor instructions when available.
* Support for Vista drivers in XP
* Strip out the unnecessary services and operations to streamline Xp for most people's use. It's been around for a while and MS could do a lot.
* Add a disk scheduler like Linux uses
* Better 64 bit driver support
* 64GB memory support out of the box for the 32 bit edition
I've probably missed a few things. But Xp could be better still and if they add a few of the nicer options I would even be willing to buy a new version.
There goes the male sex...? :P
My vast powers predicted this post from the very time I saw it on google's feed. I've also got a response. "I don't exist just for the sake of making children.".
it's well known that the US would be in big trouble if it was forced to fight two major conflicts ... i.e., if we engaged n. korea. so yes, forcing the US into that could very well unbalance it. anything that raises tensions between the US and n. korea furthers that end. if china considers n. korea an ally (do they?), it's only because of proximity and because "the enemy of my enemy is my friend". i seriously doubt that would stop them from using n. korea to further their goals. as for why n. korea ... 1) they are technologically backwards and probably aren't up to disproving the claim and 2) they are one of a few nations that we could believe would make such an attack.
They're all good points. But in the last Korean war, the American forces faced off against the Korean and Chinese armies and utterly slaughtered them. Despite being vastly outnumbered the American force sustained some obscenely small amount of casualties and proceeded from one end of the country to the other in record time. During the intervening period, the Americans have become far more advanced and the Koreans wouldn't have the Chinese backing them.
The stuff I've read suggests that an attack by the NK army would flood over the demilitarized zone and flatten Seul with artillery (if it's still there), but the American reprisal would mow through NK without even slowing down. I maintain despite your points that it's still not worth it for China.
china gains by stressing it's enemies. assuming they consider the US an enemy, raising tensiosn with n. korea destabilizes the US because it's already up to it's neck in afghanistan and iraq. i'm not accusing china, jut making an observation.
Yes, true. But it doesn't seem worth it. In this case China doesn't actually gain anything, it doensn't do enough damage or strain things to the point where America unbalances. However there is massive potential for backlash. Also, China seems unlikely to frame it's own ally; they would pick someone else to take the fall.
While the US and South Korea have been at war with North Korea in the past, and quite possibly the near future, it's not correct to say we are presently at war with them. Perhaps you meant "they were" instead of "they're" - the contraction for "they are"?
For one thing the war never officially ended. America didn't sign anything and South Korea signed a cease fire. North Korea recently stated that the cease fire is no longer valid. Therefore, according to them, North Korea is at war with America and South Korea. Although that doesn't stop them from talking about Imperialist provocation.
except that the reichstag fire worked, the gulf of tonkin worked, many others worked.
They do work, otherwise people would never do it. However when your country stands to suffer from the fallout, the risk/reward balance is heavily skewed. If it is a third party, eventually they will be found out. If they had succeeded in starting a war, the fallout would be crushing.
Could always do what Russia does they recruit and help train them and supply them, but never officially support them however they pretty much sick them on people to have their way example with with Georgia.
That carries the same problems; people find out and the fallout comes back home sooner or later.
You think for one second that a bored hacker even thinks that far ahead? And lets get some perceptive here. A few website went down for less than a day. Hardly an attack that anyone should care about. And not national security or military level either. Really a DDOS attack like this, *is* a small thing.
I'm not disagreeing, it's entirely possible. I merely think it's unlikely. The scale of the attack does appear small, but the NASA example I used was nothing to care about, intent to attack matters.
The point of a botnet is they don't have to be very motivated at all. Just bored. Having a list of IP numbers or URLs that includes 2 countries is *not* difficult.
I mean there's a high probability (50%+) that they will spend the rest of their lives inside a prison. Targeting a foreign country's military infastructure is no small thing and their home country is unlikely to go to defend them from something like this. If they're smart enough to pull this off no doubt this would have occured to them as well. Remember the guy that infiltrated NASA got something like 20+ years and that wasn't even military critical, neither did he do damage.
dont be naive. Why would China try to bring NK to the table? They have nothing to gain from that! Of course they pretended, seeing how far the US goes. The NK pressure clearly causes headaches for US, ergo its good for China.
The Chinese fund something like 9/10th of NK's fuel and 8/10th of their consumer goods, they basically keep the country running and the word I've heard is because they want to both bolster communism in the world and because it buffers the incredibly rich incredibly capitalist South Korea from their borders. If the Americans finally snap and burn North Korea to the ground the Chinese are unlikely to go to bat for them, it's not worth it, the Americans owe them money and being seen to start wars is bad for business. The end result would be the ultra capitalist South right up against China's borders plus hundreds of thousands of North Korean refugees rushing into China.
What always bugs me with these "cyberwar" news is that people try to put one country as responsible for them, and its always China or Russia or one of the other "bad guys". Like parent post said, their goverments have no reason to do something like DDOS attacks against US. Who's to say its not just some individual who either is pissed at US/South Korea or has such political views, or does so for whatever reason? Stop blaming countries as a whole if you dont know it.
But there's two things that are important here..
1. An individual would have to be VERY motivated to attack two countries at once. Especially if those countries are the US and South Korea. The only thing that makes them unique is that they're at war with North Korea. We also know for a fact that the North Korean citizen does not have internet access from reporters inside the country, in fact posessing a device that can access the outside is punishable by death there so it can't have been a NK citizen acting alone. Assuming it was just one citizen from another country they would have to be very dedicated to perform what is basically a military strike against a foreign power. Prepared to risk death to frame North Korea; that would be a very unique combination and it makes little sense.
2. North Korea has recently been upping it's cyberwar capability enough for it to show up in overseas media. They only recently sent teams to participate in international hacking challanges and appear to have done well in them. One of the main reasons I instantly suspected NK is because of this.
So my personal suspicion is based on the fact that they've recently been working hard to build up their capability in this field despite having no internet connectivity for the average citizen and then all of a sudden a cyber strike hits North Korea's enemies at the same time they're conducting missile tests in contravention of UN sanctions.
I'm just curious when or if rules are going to be put up about Internet sovereignty, so that an attack on a website is seen as an act of war. I can totally see a situation where a US gov't website or economic hub (e.g. stock exchange servers) would get hit by a series of computers based out of N. Korea, the US declares war on N. Korea for violating US internet sovereignty, and the whole thing was a setup by a third party looking to create and exploit a power vacuum. Maybe I've been reading too many NetForce novels, but the whole idea scares me, and I have the feeling that most people in America wouldn't understand why... particularly the people who make the laws about this kind of thing.
What stops people doing that is the same thing that stops them doing it in the physical world. People have been trying to frame others for military attacks since the dawn of human history and the main deterrant is that if it backfires not only will the government become destabilized from within as people oppose the subterfuge but both involved nations with pile on it simultaneously.
Not to mention, even if they succeed, it will come back to haunt them at some later point after their intervention is discovered.
The best defense is always a good offense. Why not launch an attack on North Korea? We have far more advanced technology and could probably cause more damage to them than they could cause to us. If we are crippling their systems, they won't be able to attack ours. I would love to see our government take off the gloves in the cyber world for a change rather than always invading everyone.
Since they started it, it would only be fair. However, there would definitely be some line about imperialist agression. Still, there's almost no chance they would escalate it to physical conflict. A shot above the bows would be nice for once. It might save us from having to drop the hammer when they finally go too far.
However, do they have enough internet connected infastructure to be worth hitting?
ok let's blame China now for this.
Let's not. See what offends me about this whole thing is that it's so obivious. If they'd just targeted America, it could have been anyone. But 'whoever' it was had to go and hit South Korea too, at the same time. Who hates both the US and South Korea?
By the way, don't say "Chinese Plot", they have nothing to gain from upping tensions at this point. They've been trying to bring the North Koreans into negotiations and they too have issued denounciations against NK by this point. Iran's official line is that the UK is mostly responsible for their problems, they have little to gain from doing something to the Americans and the Russians were just recently in negotiations with Obama that appear to have gone well.