Re: [nlug] Internet Kill Switch... Round 3
On Thu, Feb 10, 2011 at 9:41 PM, David R. Wilson da...@wwns.com wrote: Anyone notice that our President now has that available? http://conservativeactionalerts.com/blog_post/show/2011 Of course they are also asking for donations to fuel this machine. Worth a read. Your thoughts? I really did not want to get into the political mud puddle, however the internet kill switch is very much real. While there may be a legitimate reason to try to quarantine future worms like stuxnet, we (geeks collectively) are insane if we don't keep some kind of mesh networking equipment handy. http://openmesh.wordpress.com/ This is a list of mesh protocol implementations. I feel like I've said this already. Also, I have not been able to collaborate that 2/21/2011 date.. Andrew Dave -- You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en -- You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en
Re: [nlug] Internet kill switch
definitely.. Which brings the earlier discussion of we need to have a backbone infrastructure telecommunications the government can't regulate On Tue, Feb 8, 2011 at 11:51 AM, Russ Crawford russ.m.crawf...@gmail.com wrote: Any opinions on an Internet kill switch? http://www.techrepublic.com/blog/security/what-the-experts-think-about-the-viability-of-an-internet-kill-switch/5034?tag=nl.e036 text of Section 1016 of H.R.3162 (USA Patriot Act) http://thomas.loc.gov/cgi-bin/query/F?c107:1:./temp/~c107jJ2pkO:e415432: I am particularly _amused_ by the title of subsection (d): ESTABLISHMENT OF NATIONAL COMPETENCE FOR CRITICAL INFRASTRUCTURE PROTECTION Competence of Federal bureaucracy? Would George Carlin call this an oxymoron? -- Russ Crawford 615/506-4070 -- You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en -- You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en
Re: [nlug] Internet kill switch
I have mixed feelings about this. On the one hand, I don't want our government to be able to pull this business that Egypt pulled to quell rebellion by shutting off the Internet in the entire country (which is stupid and didn't work, anyway.) On the other hand, what if we had some kind of massive cyber attack against our country and the best way to contain the damage was to ask individual ISP's to shut down some or all traffic? (the way the CDC might quarantine a virus outbreak in a city by preventing traffic in or out.) A few years ago, I might have considered this kind of cyber attack science fiction but with the very successful attack by Stuxnet http://en.wikipedia.org/wiki/Stuxnet, I don't consider this just a wild idea but a pretty real concern. Chris On Tue, Feb 8, 2011 at 11:51 AM, Russ Crawford russ.m.crawf...@gmail.comwrote: Any opinions on an Internet kill switch? http://www.techrepublic.com/blog/security/what-the-experts-think-about-the-viability-of-an-internet-kill-switch/5034?tag=nl.e036 text of Section 1016 of H.R.3162 (USA Patriot Act) http://thomas.loc.gov/cgi-bin/query/F?c107:1:./temp/~c107jJ2pkO:e415432: I am particularly _amused_ by the title of subsection (d): ESTABLISHMENT OF NATIONAL COMPETENCE FOR CRITICAL INFRASTRUCTURE PROTECTION Competence of Federal bureaucracy? Would George Carlin call this an oxymoron? -- Russ Crawford +16155064070615/506-4070 +16155064070 -- You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en -- You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en
Re: [nlug] Internet kill switch
- Original Message - I have mixed feelings about this. On the one hand, I don't want our government to be able to pull this business that Egypt pulled to quell rebellion by shutting off the Internet in the entire country (which is stupid and didn't work, anyway.) On the other hand, what if we had some kind of massive cyber attack against our country and the best way to contain the damage was to ask individual ISP's to shut down some or all traffic? (the way the CDC might quarantine a virus outbreak in a city by preventing traffic in or out.) A few years ago, I might have considered this kind of cyber attack science fiction but with the very successful attack by Stuxnet http://en.wikipedia.org/wiki/Stuxnet, I don't consider this just a wild idea but a pretty real concern. How about smart people do not put important pieces of hardware on the open internet. How about smart people not use Microsoft or similar top of the market for exploits software to run important pieces of hardware. Then again, how about we make sure we don't become the nanny state and eliminate personal responsibility for ones actions or inactions. -- Steven Critchfield cri...@basesys.com -- You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en
Re: [nlug] Internet kill switch
On Feb 8, 2011, at 1:18 PM, Steven S. Critchfield cri...@basesys.com wrote: - Original Message - Then again, how about we make sure we don't become the nanny state and eliminate personal responsibility for ones actions or inactions. -- Steven Critchfield cri...@basesys.com Well said. -- You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en
Re: [nlug] Internet kill switch
This is the Internet we're talking about, not smart people ;) There are a lot of systems connected to the Internet (like power grid systems and nuclear power plants) that certainly SHOULDN'T be connected to the Internet but they are... Chris On Tue, Feb 8, 2011 at 12:59 PM, Steven S. Critchfield cri...@basesys.comwrote: - Original Message - I have mixed feelings about this. On the one hand, I don't want our government to be able to pull this business that Egypt pulled to quell rebellion by shutting off the Internet in the entire country (which is stupid and didn't work, anyway.) On the other hand, what if we had some kind of massive cyber attack against our country and the best way to contain the damage was to ask individual ISP's to shut down some or all traffic? (the way the CDC might quarantine a virus outbreak in a city by preventing traffic in or out.) A few years ago, I might have considered this kind of cyber attack science fiction but with the very successful attack by Stuxnet http://en.wikipedia.org/wiki/Stuxnet, I don't consider this just a wild idea but a pretty real concern. How about smart people do not put important pieces of hardware on the open internet. How about smart people not use Microsoft or similar top of the market for exploits software to run important pieces of hardware. Then again, how about we make sure we don't become the nanny state and eliminate personal responsibility for ones actions or inactions. -- Steven Critchfield cri...@basesys.com -- You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en -- You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en
Re: [nlug] Internet kill switch
- Original Message - This is the Internet we're talking about, not smart people ;) There are a lot of systems connected to the Internet (like power grid systems and nuclear power plants) that certainly SHOULDN'T be connected to the Internet but they are... So, if they are connected and successfully attacked, the people who allowed it to be connected should have their but placed in the lineup of those who get dealt the swift kick in the pants for having made that boneheaded choice. It is a reminder that the internet is not the end-all-be-all network. Some non connected networks are good for us. And if you must make it to one of the not connected networks, maybe you should have a good VPN or similar connection into it. Those who have connected critical infrastructure to the internet and introduce serious consequences for it's failure should be prepared to suffer the consequences of their actions. These are the same people who complain about password complexity requirements and still expect the security to be high. -- Steven Critchfield cri...@basesys.com -- You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en
Re: [nlug] Internet kill switch
On Tue, Feb 8, 2011 at 2:30 PM, Chris McQuistion cmcquist...@watkins.eduwrote: This is the Internet we're talking about, not smart people ;) Sadly, this is true, and what is scary is the following... Consider everyone you know well and interact with on a daily basis. Now consider that these people are ALL above average intelligence. Yes, everyone. If you are dealing with anyone in IT, they are above average. Everyone in the corporate world is above average (Yes, even that ID10T guy). Everyone in the academic world is above average. (Yes, even them) Everyone you run into in your neighborhood is above average (ok, maybe not EVERYONE here, but over 90%) Then consider the fact that for each of these people who are above average intelligence, there is someone just as far below average intelligence out there to balance out to the average. Be afraid... be very afraid. Andy -- You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en
Re: [nlug] Internet kill switch
I thought it was amusing yesterday when I tried to send one of my Congressmen a note about this legislation and how wrong it really is. The web site said my email address was invalid. I guess I am not surprised. Dave On Tue, 2011-02-08 at 11:51 -0600, Russ Crawford wrote: Any opinions on an Internet kill switch? http://www.techrepublic.com/blog/security/what-the-experts-think-about-the-viability-of-an-internet-kill-switch/5034?tag=nl.e036 text of Section 1016 of H.R.3162 (USA Patriot Act) http://thomas.loc.gov/cgi-bin/query/F?c107:1:./temp/~c107jJ2pkO:e415432: I am particularly _amused_ by the title of subsection (d): ESTABLISHMENT OF NATIONAL COMPETENCE FOR CRITICAL INFRASTRUCTURE PROTECTION Competence of Federal bureaucracy? Would George Carlin call this an oxymoron? -- Russ Crawford 615/506-4070 -- You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en
Re: [nlug] Internet kill switch
While I agree with your assessment, you have to consider that a serious cyber attack could (and probably would) include multiple vectors and have multiple delivery mechanisms. We can't just blame the guy with a 10 year old Windows XP machine with no firewall. One thing Stuxnet taught us is that machines that AREN'T connected to the Internet can be successfully attacked by using spearphishing and different delivery mechanisms. Stuxnet is considered by some to not even be very advanced. God help us if we get something really advanced created and aimed at us! Chris On Tue, Feb 8, 2011 at 1:18 PM, Steven S. Critchfield cri...@basesys.comwrote: - Original Message - This is the Internet we're talking about, not smart people ;) There are a lot of systems connected to the Internet (like power grid systems and nuclear power plants) that certainly SHOULDN'T be connected to the Internet but they are... So, if they are connected and successfully attacked, the people who allowed it to be connected should have their but placed in the lineup of those who get dealt the swift kick in the pants for having made that boneheaded choice. It is a reminder that the internet is not the end-all-be-all network. Some non connected networks are good for us. And if you must make it to one of the not connected networks, maybe you should have a good VPN or similar connection into it. Those who have connected critical infrastructure to the internet and introduce serious consequences for it's failure should be prepared to suffer the consequences of their actions. These are the same people who complain about password complexity requirements and still expect the security to be high. -- Steven Critchfield cri...@basesys.com -- You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en -- You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en
Re: [nlug] Internet kill switch
Your opinion is contrary. Your argument is invalid. Chris :) On Tue, Feb 8, 2011 at 1:46 PM, David R. Wilson da...@wwns.com wrote: I thought it was amusing yesterday when I tried to send one of my Congressmen a note about this legislation and how wrong it really is. The web site said my email address was invalid. I guess I am not surprised. Dave On Tue, 2011-02-08 at 11:51 -0600, Russ Crawford wrote: Any opinions on an Internet kill switch? http://www.techrepublic.com/blog/security/what-the-experts-think-about-the-viability-of-an-internet-kill-switch/5034?tag=nl.e036 text of Section 1016 of H.R.3162 (USA Patriot Act) http://thomas.loc.gov/cgi-bin/query/F?c107:1:./temp/~c107jJ2pkO:e415432: I am particularly _amused_ by the title of subsection (d): ESTABLISHMENT OF NATIONAL COMPETENCE FOR CRITICAL INFRASTRUCTURE PROTECTION Competence of Federal bureaucracy? Would George Carlin call this an oxymoron? -- Russ Crawford 615/506-4070 +16155064070 -- You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en -- You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en
Re: [nlug] Internet kill switch
Sounds like a good reason to switch support to another politician. Andy On Tue, Feb 8, 2011 at 2:46 PM, David R. Wilson da...@wwns.com wrote: I thought it was amusing yesterday when I tried to send one of my Congressmen a note about this legislation and how wrong it really is. The web site said my email address was invalid. I guess I am not surprised. Dave On Tue, 2011-02-08 at 11:51 -0600, Russ Crawford wrote: Any opinions on an Internet kill switch? http://www.techrepublic.com/blog/security/what-the-experts-think-about-the-viability-of-an-internet-kill-switch/5034?tag=nl.e036 text of Section 1016 of H.R.3162 (USA Patriot Act) http://thomas.loc.gov/cgi-bin/query/F?c107:1:./temp/~c107jJ2pkO:e415432: I am particularly _amused_ by the title of subsection (d): ESTABLISHMENT OF NATIONAL COMPETENCE FOR CRITICAL INFRASTRUCTURE PROTECTION Competence of Federal bureaucracy? Would George Carlin call this an oxymoron? -- Russ Crawford 615/506-4070 -- You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en -- You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en
Re: [nlug] Internet kill switch
On Tuesday 08 February 2011 13:18:41 Steven S. Critchfield wrote: - Original Message - This is the Internet we're talking about, not smart people ;) There are a lot of systems connected to the Internet (like power grid systems and nuclear power plants) that certainly SHOULDN'T be connected to the Internet but they are... So, if they are connected and successfully attacked, the people who allowed it to be connected should have their but placed in the lineup of those who get dealt the swift kick in the pants for having made that boneheaded choice. Yes, but the problem is that we're talking about systems which, if they were to go critical, the guy at fault for hooking it up to the network is very likely already dead, along with several million of the populace. That is why an after-the-fact solution won't work. OTOH, giving the president the power to just blindly shut off the network might also prevent the right person from getting in and defusing the electronic worm. I think we're much better off with the current ambiguous situation, where the president needs to use his powers of persuasion to convince a network operator to shut down a link in the best way possible, rather than the force of law (which usually convinces people to do dumb shit in the name of legal compliance). -- Tilghman -- You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en
Re: [nlug] Internet kill switch
Yes, True, but unfortunately that was one of the friendlies. I suspect someone in IT (running one of those closed OSs) had something to do with that. Dave On Tue, 2011-02-08 at 14:57 -0500, Andrew Farnsworth wrote: Sounds like a good reason to switch support to another politician. Andy On Tue, Feb 8, 2011 at 2:46 PM, David R. Wilson da...@wwns.com wrote: I thought it was amusing yesterday when I tried to send one of my Congressmen a note about this legislation and how wrong it really is. The web site said my email address was invalid. I guess I am not surprised. Dave On Tue, 2011-02-08 at 11:51 -0600, Russ Crawford wrote: Any opinions on an Internet kill switch? http://www.techrepublic.com/blog/security/what-the-experts-think-about-the-viability-of-an-internet-kill-switch/5034?tag=nl.e036 text of Section 1016 of H.R.3162 (USA Patriot Act) http://thomas.loc.gov/cgi-bin/query/F?c107:1:./temp/~c107jJ2pkO:e415432: I am particularly _amused_ by the title of subsection (d): ESTABLISHMENT OF NATIONAL COMPETENCE FOR CRITICAL INFRASTRUCTURE PROTECTION Competence of Federal bureaucracy? Would George Carlin call this an oxymoron? -- Russ Crawford 615/506-4070 -- You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk +unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en -- You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk +unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en -- You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en
Re: [nlug] Internet kill switch
Very good points Tilghman. If there is one thing we can (probably) all agree on, it is that making more laws doesn't necessarily make things better! Chris On Tue, Feb 8, 2011 at 2:03 PM, Tilghman Lesher tilgh...@meg.abyt.eswrote: On Tuesday 08 February 2011 13:18:41 Steven S. Critchfield wrote: - Original Message - This is the Internet we're talking about, not smart people ;) There are a lot of systems connected to the Internet (like power grid systems and nuclear power plants) that certainly SHOULDN'T be connected to the Internet but they are... So, if they are connected and successfully attacked, the people who allowed it to be connected should have their but placed in the lineup of those who get dealt the swift kick in the pants for having made that boneheaded choice. Yes, but the problem is that we're talking about systems which, if they were to go critical, the guy at fault for hooking it up to the network is very likely already dead, along with several million of the populace. That is why an after-the-fact solution won't work. OTOH, giving the president the power to just blindly shut off the network might also prevent the right person from getting in and defusing the electronic worm. I think we're much better off with the current ambiguous situation, where the president needs to use his powers of persuasion to convince a network operator to shut down a link in the best way possible, rather than the force of law (which usually convinces people to do dumb shit in the name of legal compliance). -- Tilghman -- You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en -- You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en
Re: [nlug] Internet kill switch
On Tue, Feb 8, 2011 at 3:01 PM, Will Drewry w...@gmail.com wrote: On Tue, Feb 8, 2011 at 1:48 PM, Chris McQuistion cmcquist...@watkins.edu wrote: While I agree with your assessment, you have to consider that a serious cyber attack could (and probably would) include multiple vectors and have multiple delivery mechanisms. We can't just blame the guy with a 10 year old Windows XP machine with no firewall. One thing Stuxnet taught us is that machines that AREN'T connected to the Internet can be successfully attacked by using spearphishing and different delivery mechanisms. Stuxnet is considered by some to not even be very advanced. God help us if we get something really advanced created and aimed at us! It also shows that the consumer (and industrial .. thanks stuxnet) computing world right now has a big, soft underbelly. There's no evidence to say that more computers that do industrial control, that are home desktops, that are DoD owned, etc aren't infected with more targeted malware. Nor it there any way to prove that there haven't been manufacturing line code injection into firmware or hosting compromises for widely used software. The more you think about security and privacy with computing, the sadder it'll probably make you. There's certainly nothing our government is going to be able to do in the short term to magically change this. :/ At least with the extra interest in security these days, maybe we'll see some improvement driven by consumers ... right? ;) I've had similar thoughts for years. I finally came to the conclusion that you have to trust that other people will find and alert proper people, and that other coders have at least thought about security and how their code could be attacked and taken appropriate steps. Dell (and other companies) computers are largely if not entirely manufactured in China these days. I've long wondered what would prevent the Chinese government from altering BIOS or other components' code to put a back door, kill switch, worm, etc. in most computers in the world. Most PCs are connected to the internet these days, so it wouldn't take much to activate and coordinate an targeted attack. I finally figured out you have to trust that others have written their code in the most secure way they know, and haven't hidden anything unexpected. Paul Boniol -- You received this message because you are subscribed to the Google Groups NLUG group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en