Re: Cyberattack FUD
On Fri, 22 Nov 2002 16:31:30 -0800 (PST), Vadim Antonov wrote: >In the "regular" skyjacking the attackers want to get ransom, or divert an >airplane to someplace. They'll get cooperation from pilots, too - without >any need to be present in the cockpit. So if it is known that the policy >is not to let anyone in, no matter what happens to passengers, the >attackers wouldn't even try. In fact, they don't, on airlines which have >this policy. Letting deranged people in cockpit, in fact, places _all_ >passengers at risk of an unintended crash (imagine an attacker getting >agitated and killing pilots, or simply pulling knobs - there were >incidents when _little kids_ allowed to cockpit crashed the commercial >planes). > >The rules of engagement were patently absurd Let me see if I understand you correctly. You have a mentally disturbed man with two guns and a belt full of bullets on a plane. He wants to speak to the pilot face-to-face. He says if the pilots don't come out, he's going to shoot the 236 passengers one-by-one. If you were the pilot, before 9/11, how many passengers would you let him shoot before you came out? And what consequences would you expect to face when/if you landed safely? I'm sorry, your reasoning might apply to some fantasy world but it would not have seemed sensible to any rational person in the United States prior to those terrorist attacks.They succeeded because nobody was expecting them. As soon as anyone expected them, they failed. This is why Todd Beamer's plane didn't reach its target. [snip] As for your arguments about the benefits of government intervention in the computer market and other types of social engineering, I just hope people like you stay out of power. At least Microsoft only uses their own resources to push their vision of the future. You are welcome to use yours to push yours. DS
Re: Cyberattack FUD
On Thu, 21 Nov 2002, David Schwartz wrote: > Suppose, for example, we'd had closed cockpit doors. The 9/11 terrorists > would have threatened the lives of the passengers and crew to induce the > pilots to open the doors. The pilots would have opened the doors because the > reasoning until that time was that you did whatever the hostages told you to > do until you could get the plane on the ground. > > It was the rules of engagement that failed. Nothing more, nothing less. In the "regular" skyjacking the attackers want to get ransom, or divert an airplane to someplace. They'll get cooperation from pilots, too - without any need to be present in the cockpit. So if it is known that the policy is not to let anyone in, no matter what happens to passengers, the attackers wouldn't even try. In fact, they don't, on airlines which have this policy. Letting deranged people in cockpit, in fact, places _all_ passengers at risk of an unintended crash (imagine an attacker getting agitated and killing pilots, or simply pulling knobs - there were incidents when _little kids_ allowed to cockpit crashed the commercial planes). The rules of engagement were patently absurd > >and then by making life truly miserable for > >those who wish or have to travel, in a fit of post-disaster paranoia. > > The airline industry did that? Your mileage may wary, but I do not find pleasure in being stripped in public just because I've got long hair. As I result I'm avoiding all air travel, if I can. I'm sure a lot of other people do that too. > >It is not enemies who are savvy, it is managers who are stupid. Like, the > >"crash airplane into some high-value target" scenario was well-aired more > >than decade ago > > Not the "crash jetliner full of passengers into high-value target" > scenario. Heh. Our friends Chechens told than in a TV interview back in 1995 that they intend to do precisely that. They identified Kremlin as a target, though. And Israelis as a matter of fact assume that attackers are on a suicide mission. And the fact that US does not exactly inspire adoration in mid-Eastern parts of the world isn't any news, too. > If you were able to make the decision to shoot down or not shoot down the two > jetliners before either struck a building, knowing only that they were not > responding and probably hijaacked, what would you have done? I'd have doors in place, so as to avoid the whole situation. As I told, it is the standard procedure (keep cockpit doors closed) in much of the world outside US. > Again, it's the rules of engagement that failed. Rules are formulated by someone, they are not God-given. That someone is patently incompetent - in both failing to notice explicit early warnings, and failing to follow on the best practices of his peers. > So tell me what they should have done differently. Not allowed knives on the > plane? The terrorists would have used their bare hands. Strip searched every > passenger? Arm their pilots -- they weren't allowed to. I repeat: have doors closed, period. As for "they weren't allowed" part - don't be ridiculous. This is an oligopoly situation, and so they pretty much can get their terms from the government - just look at those multibillion handouts. > > I hope that US airlines > >go out of business and El Al moves in; isn't that what competition is > >supposed to be about? > > Except that there is no competition. Airlines don't get to make their own > security rules, they're largely preempted by the government ownership and > control of airports and the FARs. It takes two to tango. If those large businesses cannot get the reasonable rules from the government, their lobbying groups are incompetent (and so they deserve to go out of business). More likely, they didn't ask. Competition is not only about having seats filled - it is also about dealing with governments, courts, media, etc. > >The same holds for the Internet (with special thanks to the toothless > >antimonopoly enforcement which allowed operating systems to become a > >monoculture). > > This is a great bit of double-think. It has nothing to do with the fact that > people overwhelmingly prefer to have compatible operating systems, it's the > fact that nobody forced them to diversify against their will. Huh? MS was found guilty of monopolistic practices - repeatedly. They also are quite ruthless in going out and strangling competition (just watch their anti-Linux FUD campaign). If you think they are deterred, just take a look at the Palladium thingie - a sure-fire public domain OS killer. In fact, given the enormous positive network externalities associated with the operating systems, it would make a lot of sense to the government to level the playing field with affirmative action - for example, by differential taxation of dominant and sub-dominant vendors. The government procurement could've been more intent on having se
Re: Cyberattack FUD
On Thu, 21 Nov 2002 20:12:20 -0800 (PST), Vadim Antonov wrote: >On Thu, 21 Nov 2002, Barry Shein wrote: >>The attack on the WTC not only took out the WTC, it essentially has >>taken out our airline industry. >It may be argued that airline industry has taken out itself by first not >having elementary precautions (like closed cockpit doors and having pilots >to carry guns, with adequate training) which are standard in less >complacent parts of the world, I've heard this argument many times, but it's just plain false. And so obviously false that I always look for an ulterior motive when I hear it. Suppose, for example, we'd had closed cockpit doors. The 9/11 terrorists would have threatened the lives of the passengers and crew to induce the pilots to open the doors. The pilots would have opened the doors because the reasoning until that time was that you did whatever the hostages told you to do until you could get the plane on the ground. It was the rules of engagement that failed. Nothing more, nothing less. >and then by making life truly miserable for >those who wish or have to travel, in a fit of post-disaster paranoia. The airline industry did that? >It is not enemies who are savvy, it is managers who are stupid. Like, the >"crash airplane into some high-value target" scenario was well-aired more >than decade ago Not the "crash jetliner full of passengers into high-value target" scenario. If you were able to make the decision to shoot down or not shoot down the two jetliners before either struck a building, knowing only that they were not responding and probably hijaacked, what would you have done? Imagine if the U.S. had shot down all the planes. What would people be saying about all the innocent people the military had murdered? Again, it's the rules of engagement that failed. >- and it is only due to total incompetence of airline >security people that this was allowed to happen. So tell me what they should have done differently. Not allowed knives on the plane? The terrorists would have used their bare hands. Strip searched every passenger? Arm their pilots -- they weren't allowed to. > I hope that US airlines >go out of business and El Al moves in; isn't that what competition is >supposed to be about? Except that there is no competition. Airlines don't get to make their own security rules, they're largely preempted by the government ownership and control of airports and the FARs. >The same holds for the Internet (with special thanks to the toothless >antimonopoly enforcement which allowed operating systems to become a >monoculture). This is a great bit of double-think. It has nothing to do with the fact that people overwhelmingly prefer to have compatible operating systems, it's the fact that nobody forced them to diversify against their will. DS
Re: Cyberattack FUD
On Thu, 21 Nov 2002, Barry Shein wrote: > The attack on the WTC not only took out the WTC, it essentially has > taken out our airline industry. It may be argued that airline industry has taken out itself by first not having elementary precautions (like closed cockpit doors and having pilots to carry guns, with adequate training) which are standard in less complacent parts of the world, and then by making life truly miserable for those who wish or have to travel, in a fit of post-disaster paranoia. It is not enemies who are savvy, it is managers who are stupid. Like, the "crash airplane into some high-value target" scenario was well-aired more than decade ago - and it is only due to total incompetence of airline security people that this was allowed to happen. I hope that US airlines go out of business and El Al moves in; isn't that what competition is supposed to be about? The same holds for the Internet (with special thanks to the toothless antimonopoly enforcement which allowed operating systems to become a monoculture). --vadim
Re: Cyberattack FUD
Given the attacks and scale of attacks, such as 300+ broken into servers simultaneously spewing the same spam (we've experienced this) recently described here, I think it would be very naive to shrug it all off as mere obnoxiousness. The attack on the WTC not only took out the WTC, it essentially has taken out our airline industry. Many bombings and similar have been targetted at tourist locations in countries sensitive to tourist income. This enemy is very savvy about economics. Their general terrorist technique is to scare or discourage the general populace out from under some economic base. It's nearly impossible to believe they haven't figured out that poisoning the internet with spam, worms, viruses etc will drive the public away, as it has. One of our worst problems has been we (i.e., the targets) have been relatively slow to "get it" and prefer to dismiss attacks as random events by sociopaths rather than concerted efforts by true and viable enemies. Final food for thought: Just because spam actually seems to advertise something doesn't prove it's innocent. Remember that Al Qaida was funding millions of dollars per month via discount coupon fraud in the US. Just because they were real coupons for real and innocent looking products didn't mean there wasn't evil afoot. How much is really known about the spammers? That they may be roping in dopes to pay them doesn't particularly exonerate them in my mind. In fact, it would tend to fit their MO (i.e., don't just wreck things, try to make some money wrecking things!) -- -Barry Shein Software Tool & Die| [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202| Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*
Re: Cyberattack FUD
William Waites wrote: > Taking the fear mongering and sabre rattling too seriously is much > more dangerous than any possible network outage. > -w The context may be different, however, the following two stories tell yet other sides of cyber security problem. In this case, it is not the net but the users of the net, both the public (govt.) http://zdnet.com.com/2100-1105-966444.html and private sector seem susceptible. http://computerworld.com/securitytopics/security/cybercrime/story/0,10801,76071,00.html Don't know whether this fear mongering/saber rattling or something else. -raj = http://computerworld.com/securitytopics/security/cybercrime/story/0,10801,76071,00.html http://zdnet.com.com/2100-1105-966444.html
Re: Cyberattack FUD
Kurt> I am not sure what you mean with 25% of the Internet? What Kurt> connectivity would degrade? From where to where? If you randomly select nodes to remove, by the time you have removed 25% of them, the network breaks up into many isolated islands. As Sean Well, depending on topology and where you shut things off - you could make one new island per node I take away. I don't see anything relatively new to this. All networking people at the larger ISPs have a pretty good knowledge of exactly which nodes to take out to... pointed out, the CAIDA study considered a sample of the 50k most connected nodes. So a successful attack aimed at 12500 big routers simultaneously would break the Internet into little pieces. To be honest - you would need to go for far less than 12500 routers if you know what you are doing. That everything worked well on the Internet on 9-11 most likely comes from comparing it with the phone network. The "Internet" (rather specific networks) where affected by 9-11 and only stayed up due to co-operation among a lot of people. Taking the fear mongering and sabre rattling too seriously is much more dangerous than any possible network outage. Although I generally agree with this - there is a large risk with underestimating the problem as well. We have for the last few years been busy catching up with the attackers, mostly because of sloppiness and laziness on the operators side. no ip directed broadcast and more recently the discussions of ingress-filtering are just examples of this. - kurtis -
Re: Cyberattack FUD
Well said - the radical elements get a lot more bang for their buck with well placed media stories, than they would ever likely get from a cyber attack on the Internet. The one point to consider is that there are critical networks for the economy that run on shared infrastructure also used by the Internet. Hence studying the susceptibility of the Internet can be more than an exercise is guarateeing porn availability. Proprietary issues aside there is a lot to be learned and for fairly good reasons. Micro-biologists study the neural network of the c.elgans worm not because they give a crap about worm brains but because it gives insight to a bigger picture. Not the best analogy but ya get the drift. - Original Message - From: William Waites <[EMAIL PROTECTED]> Date: Wednesday, November 20, 2002 8:35 pm Subject: Re: Cyberattack FUD > > >>> "Kurt" == Kurt Erik Lindqvist <[EMAIL PROTECTED]> writes: > >Kurt> I am not sure what you mean with 25% of the Internet? What >Kurt> connectivity would degrade? From where to where? > > If you randomly select nodes to remove, by the time you have removed > 25% of them, the network breaks up into many isolated islands. As Sean > pointed out, the CAIDA study considered a sample of the 50k most > connected nodes. So a successful attack aimed at 12500 big routers > simultaneously would break the Internet into little pieces. > > If more strategy is used in the selection process, you get localized > outages -- i.e. disabling everything in 60 Hudson or 151 > Front is > likely to cause significant problems in New York or Toronto but you'll > probably be able to see the rest of the world just fine from > Sweden. > > A distributed physical attack against a large number of Telco Hotels > and trans-oceanic fibre landing points would be somewhat > worse. It > would also be very difficult to do from a laptop. > > With the exception of E911 service (which normally doesn't > use IP > anyways), any such disruption is unlikely to really hurt anyone. Such > hand-wringing whenever someone threatens to break the Internet > is > maybe a sign of an unhealthy dependence on a medium that is younger > than most of the people on this list? > > Taking the fear mongering and sabre rattling too seriously is much > more dangerous than any possible network outage. > > -w > >
Re: Cyberattack FUD
>>> "Kurt" == Kurt Erik Lindqvist <[EMAIL PROTECTED]> writes: Kurt> I am not sure what you mean with 25% of the Internet? What Kurt> connectivity would degrade? From where to where? If you randomly select nodes to remove, by the time you have removed 25% of them, the network breaks up into many isolated islands. As Sean pointed out, the CAIDA study considered a sample of the 50k most connected nodes. So a successful attack aimed at 12500 big routers simultaneously would break the Internet into little pieces. If more strategy is used in the selection process, you get localized outages -- i.e. disabling everything in 60 Hudson or 151 Front is likely to cause significant problems in New York or Toronto but you'll probably be able to see the rest of the world just fine from Sweden. A distributed physical attack against a large number of Telco Hotels and trans-oceanic fibre landing points would be somewhat worse. It would also be very difficult to do from a laptop. With the exception of E911 service (which normally doesn't use IP anyways), any such disruption is unlikely to really hurt anyone. Such hand-wringing whenever someone threatens to break the Internet is maybe a sign of an unhealthy dependence on a medium that is younger than most of the people on this list? Taking the fear mongering and sabre rattling too seriously is much more dangerous than any possible network outage. -w