Does the mass replication of an exploit really constitute a supercomputer? Has it reached the point where a computing environment capable of supporting programs is created or is it simply a mechanism of attack controlled by a human operator?
Andy On 01/09/07, Jim Lux <[EMAIL PROTECTED]> wrote: > At 06:23 AM 9/1/2007, Robert G. Brown wrote: > >On Fri, 31 Aug 2007, Jim Lux wrote: > > > >Similarly lots of other problems become tractible to a brute force > >search algorithm when you can displose of order of 20 petaclocks worth > >of cycles. (Am I multiplying that out right? 10^7 times 2x10^9 = > >2x10^16, 9 is giga, 12 is tera, 15 is peta. Yup. Petacycles.). Brute > >force searches require minimal IPCs, although I'm sure there are > >interesting problems associated with IPCs and data harvesting when it > >has to be done in "stealth" mode and not lead investigators back to you > >and when you need to make it robust against nodes dropping out (being > >cleaned by their owners) and popping back in (as yet another virus > >propagates). > > There is a fair amount of literature on such communications problems. > For instance, the classic Byzantine Generals problem deals with how > to reliably communicate through (potentially deliberately) unreliable > channels. And if the seamier side of the internet isn't byzantine, what is? > > > > >Then there is denial of service. Everybody knows that this is an > >attack, but few recognize its potential terror value. Just remember the > >>>cost<< of some of the countdown viruses of years past. Some of them > >literally shut down the Internet for close to a day -- clogging all the > >main arteries and switch points until hosts were run down one at a time > >and isolated by their hosting ISPs. The cost of those incidents in real > >dollars, lost productivity, and human misery was easily a billion > >dollars each (I read estimates that were much higher, but I don't want > >to be hyperbolic so let's stay conservative here). > > When speaking or writing of world domination, a bit of hyperbole is > called for, no? > > > > > A bot-cloud attack > >could be far more costly and last far, far longer, in part because if it > >were well-designed it could shape-shift every five minutes and vary e.g. > >IP number, signature, target. It could also turn on and off at random > >times to make it very difficult to track each bot back to its infected > >host. If it times itself to take advantage of one of those two-month > >long window vulnerabilities (yes, a lot of them last for PLENTY of time > >for this to be feasible) so that it can essentially instantly re-infect > >a wide class of hosts at will as they are cleansed, it could force the > >shutdown of nearly every Windows system in the world until it is > >hand-cleaned and patched -- the Internet itself would be useless in > >fixing the problem. The cost of such a complete attack would be > >staggering -- banking, commerce, education, defense -- all at a > >standstill. It would probably trigger a full depression (led of course > >by the complete collapse of Microsoft as the full cost of its appalling > >and perpetual vulnerability is finally laid bare). > > > I'm sure we'll have plenty of time to discuss this through the > chainlink walls of our future accommodation at points south. I hope > hurricane season is over by then. > > > >Truthfully, I've been waiting for foreign terror powers to figure this > >one out and attempt such an attack, but so far we've been lucky. Bot > >driven attacks on individual systems of course happen all the time -- > >check out the logs of pretty much any server and count the number of > >times per day some system in Korea or South America or God Knows Where > >tries to probe its way down your ssh ports and standard accounts in > >search of an idiot who left in a default password (or put a stupid > >password or root). These folks aren't looking for fun, they're looking > >for money. > > And that's the problem. Say you have the ultimate DoS machine. It's > not feasible to call up, say, Bank of America and tell them: send us > X million or we shut down your consumer website (or your intranet, or > whatever). First, you have the classic ransom pickup problem. It's > pretty straightforward to move <$100K without leaving too much of a > trail, much tougher to do it with $100M, unless the recipient has a > substantial investment and preparation, which is hard to do on a "low > budget" sort of scale. And it's tough to move from the $10K to the > $10M bracket without travelling through the $100K-$1M zone without > attracting a lot of attention. Second, if you ask for huge sums from > one victim, they're going to have a big incentive to not pay. So > you're back to the how to extort smallish sums from lots of victims > and get it collected. That's a bigger administrative headache than > running the botnet. > their own. > > > <rgb's description of the immense expense and effort dealing with > this kind of thing> > > So, it seems that while the SuperBotNet is amazingly effective as a > device for forcing millions of dollars of extra sysadmin time in > terms of keeping up with the continuous and pervasive annoyances, > it's not particularly profitable for its operator. In the lingo: > they haven't figured out how to monetize the botnet. > > It's more like one of those James Bond novels where Blofeld creates a > virus that will decimate the world's population of chickens. Unlike > in the novel, though, there's no way to collect the ransom. > > > > > _______________________________________________ > Beowulf mailing list, [email protected] > To change your subscription (digest mode or unsubscribe) visit > http://www.beowulf.org/mailman/listinfo/beowulf > _______________________________________________ Beowulf mailing list, [email protected] To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf
