RTFA, then RT_other_FA. Wired is falsifying statements, and the submitter is lying about USAF's desires to make a botnet of non-USAF machines.
The Wired title should be "Air Force Aims for 'Full Control' of techniques to access 'Any and All' types of Computers", which, considering they're trying to make an offensive(for deterrent, supposedly) botnet out of _only_USAF_computers_, seems like reasonable goal. It would be kind of silly if they made a botnet of USAF computers and only used them for a DDOS.
The Air Force has already announced their desire to manage an offensive BotNet, comprised of unwitting participatory computers. How long before they slip a root kit on you? The submitter cited a slashdot page with a bunch of hand-wringing as evidence that the USAF wanted to make a botnet out of your and your neighbors' computers. This, despite what the original article states:
The U.S. would not, and need not, infect unwitting computers as zombies. We can build enough power over time from our own resources. Of course, I could be incorrect, and the Trolling might be from timothy (I didn't see any quote bars...)
Agreed, Pogo's stuff is good, and their people know what they're doing there. Plus, you can buy servers and workstations with or without the MS tax; your choice.
We'd all be stuck with member-funded PBS Where's the catch?:-P 75% of the member funding would be from Bill Gates, and the other 25% would be from higher tax dollars (30% of which would also be from Bill Gates).
Believe it or not, I've had
$> yum install [package]
$> yum remove [package]
fail on RHEL 5.1 x86_64 with some development package where *yum* installed both 32bit and 64bit versions. It couldn't figure out what to do with the remove statement, and I had to use rpm to nuke the packages.
They may be counting on that. Much easier than sending people to your door.
Their documents are probably mostly benign (albeit private) compared to Scientology's stuff.
This guy is a bit unhinged and it harms his case. He really goes nonlinear about 12 paragraphs down when after tries to rip RMS a new one and says
If proprietary software is half as good as free software at aiding children's learning, you're damn right it makes the world a better place to get the software out to children. Hell, if it doesn't actively inhibit learning, it makes the world a better place. The worst part about this quote from TFA, is that it's kind of like the thinking of the Generals in Myanmar/Burma: "If [rotten food] is [marginally as nutritional] as [U.N. biscuits], you're damn right it makes [Myanmar] a better place to get the [rotten food] out to [disaster victims]. Hell, if it doesn't actively [kill them], it makes [Myanmar] a better place [but we, the Generals of Myanmar, hope it kills them]."
Besides, you can use a computer to learn about things other than the computer itself, right? There are other things than just my computer? Well, I suppose I know "I" exist because I'm interacting with the computer...
As were LCD watches. Oh my gosh, I just realized how advanced we really are now; no one buys LCD watches any more. Galactic Civilization, here we come!
As already mentioned, this effects all of the ssl stuff. Even if it were just ssh though, you'd want to be aware that a lot of servers you connect to might be changing their keys (if they're debian boxes), so you may have to muck around with your ~/.ssh/known_hosts file a few times.
Ever played the latest Prince of Persia (Sands of Time) series? They were 3D games where you had to use another dimension (time travel) to navigate puzzles because things were [un]available in different times. Heck, go back to Zelda series for a 2D game where travel to a dream-world allows more freedom of movement.
I believe you misunderstood me. The USAFnet has no need to hide. Storm and its pals do. That means in a criminal botnet, (almost) every node needs to be able to affect the other nodes, otherwise the controlling computer(s) might eventually go offline, or worse (for the originating criminal): a pattern of usage could be detected and lead back to the criminal.
The USAF doesn't have to worry about the above scenario because they _want_ everyone to know they have a botnet, so they don't have to have the remote chance that someone could use a compromised node against the rest of USAFnet.
Botnets can't 'defeat' each other. The bandwidth used in the attack comes out of OUR infrastructure as well as theirs. The idea is nothing but f[s]cking stupid and would do nothing but harm to everyone. Nobody wins. Nobody winning is better than one side winning. Mutually assured destruction was a nice deterrent during the first Cold War. The U.S.'s problem currently is that its economy depends too much on the internet. With less local factory production, the U.S. is very idea based. If those ideas can not be transferred easily, then countries with strong manufacturing capabilities become kings.
If the U.S. government starts targeting botnet clients within U.S. borders, I say it's a good use of my tax dollars. Even better if they can provide educational public service announcements about computer security.
Remember: Only you can prevent firewire.
This is your computer. This is your computer in a botnet.
Got v146rA?....Please, buy your pharmaceuticals from a pharmacy, not junk email.
The thing about this proposed botnet though, is that its control nexus can be known. Part of the other botnets is that the controller wants to remain anonymous. The U.S. military won't care about anonymity. I'm not perfectly sure what this means in terms of security of the CNC, but my gut feeling is that it should make some part of the system easier to design.
You wouldn't take a fox's vegetarian food recipes without a barrel of salt either, would you. I don't know... Regurgitated grass doesn't sound like it needs any seasoning.
A sysadmin I know runs maia mailguard (with spamassassin, clam-av[?]) on his small-midsize network, and since the users train it, and also get to see all their spam (if they want), they get to feel in control. Of course getting users to train it is a social issue.
http://www.maiamailguard.com/
RTFA, then RT_other_FA. Wired is falsifying statements, and the submitter is lying about USAF's desires to make a botnet of non-USAF machines. The Wired title should be "Air Force Aims for 'Full Control' of techniques to access 'Any and All' types of Computers", which, considering they're trying to make an offensive(for deterrent, supposedly) botnet out of _only_USAF_computers_, seems like reasonable goal. It would be kind of silly if they made a botnet of USAF computers and only used them for a DDOS.
My computers have flat feet, except one that has casters. The one with casters has a Windows partition though, so it conscientiously objects a lot.
Agreed, Pogo's stuff is good, and their people know what they're doing there. Plus, you can buy servers and workstations with or without the MS tax; your choice.
Believe it or not, I've had
$> yum install [package]
$> yum remove [package]
fail on RHEL 5.1 x86_64 with some development package where *yum* installed both 32bit and 64bit versions. It couldn't figure out what to do with the remove statement, and I had to use rpm to nuke the packages.
When your keyboard and language doesn't use accented characters, yes. Yes it is.
Then short ads at the beginning of free music files... I'm so glad I don't listen to music.
Maybe they object to the filename having "Mormon" in it.
They may be counting on that. Much easier than sending people to your door.
Their documents are probably mostly benign (albeit private) compared to Scientology's stuff.
Only regenerate if you made your keys post 2006 though. Any made prior to the removal of the random seed would be fine.
As already mentioned, this effects all of the ssl stuff. Even if it were just ssh though, you'd want to be aware that a lot of servers you connect to might be changing their keys (if they're debian boxes), so you may have to muck around with your ~/.ssh/known_hosts file a few times.
Ever played the latest Prince of Persia (Sands of Time) series? They were 3D games where you had to use another dimension (time travel) to navigate puzzles because things were [un]available in different times. Heck, go back to Zelda series for a 2D game where travel to a dream-world allows more freedom of movement.
But what C coder doesn't understand the difference between using a randomized (from HID input) seed and a static seed?
Hardy... Har Har!
I believe you misunderstood me. The USAFnet has no need to hide. Storm and its pals do. That means in a criminal botnet, (almost) every node needs to be able to affect the other nodes, otherwise the controlling computer(s) might eventually go offline, or worse (for the originating criminal): a pattern of usage could be detected and lead back to the criminal.
The USAF doesn't have to worry about the above scenario because they _want_ everyone to know they have a botnet, so they don't have to have the remote chance that someone could use a compromised node against the rest of USAFnet.
If the U.S. government starts targeting botnet clients within U.S. borders, I say it's a good use of my tax dollars.
....Please, buy your pharmaceuticals from a pharmacy, not junk email.
Even better if they can provide educational public service announcements about computer security.
Remember: Only you can prevent firewire.
This is your computer. This is your computer in a botnet.
Got v146rA?
The thing about this proposed botnet though, is that its control nexus can be known. Part of the other botnets is that the controller wants to remain anonymous. The U.S. military won't care about anonymity. I'm not perfectly sure what this means in terms of security of the CNC, but my gut feeling is that it should make some part of the system easier to design.
A sysadmin I know runs maia mailguard (with spamassassin, clam-av[?]) on his small-midsize network, and since the users train it, and also get to see all their spam (if they want), they get to feel in control. Of course getting users to train it is a social issue. http://www.maiamailguard.com/