13 February 2010

Info wars 2010

Articles on or related to cyber attacks/security:

I had read about Barrett Lyon a few years back when his CSO story was linked around on Slashdot etc. At the time--and this is five years ago--a big enough bot net could take anyone down. Lyon built one of the first (*the* first?) DDoS firewalls to protect gambling sites from, what turned out to be Russian, extortionists. The CSO article ends wryly, noting that companies now pay around $50,000 to protect themselves from having to pay protection. Insert joke here about virus scanners slowing down your machine so that viruses can't.

The fact that Google can be attacked, and that they'd partner with the NSA, illustrates the gravity of the current threat. This time, it's not just thugs but government sanctioned thugs. I've read in Slashdot threads that Russia has the same tactics: leverage their hackers to disrupt Western corporations and governments. It's nice to know that the US doesn't stoop to such measures (insert joke that when *we* do it, it's not torture).

Lyon's company started protecting Scientology sites after Anonymous started their Project Chanology raids in January 2008. Since Anonymous employs multi-honed attacks (DDoS, black faxes, picketing, information) a firewall offers only partial protection. And, as had been shown with the Marblecake hack, sites can be subverted without being taken down. The True/Slant article references a Neuromancer quote as prediction of the decentralized, directed mob that is Anonymous. They're doing what any activists do: bring attention to an injustice. Reading the inevitable panic-stricken comments denouncing Anonymous, it's interesting to note the difference between "activist" and "terrorist".

The internet is at that awkward age of being both fragile and essential. Small groups like Anonymous are leveraging that fragility as much as are governments. Grab some popcorn; watch the show.

[ updated 25 Feb 2010 ]

US unable to win a cyber war [ via Slashdot ] reaffirmed that the US's extra-connectiveness increases its weaknesses. One proffered solution is to give the Pres access to the on/off switch of the internet (Reminding me of a two-panel cartoon I saw on the internet years back showing the difference between defending a cyber attack in the movies and IRL. The movie scene has the hero spewing 24-style techno-babel that barely makes sense in the fictional world. The real scene has the pimply tech grab the router and pull out the network cable. The Slashdot thread has an oddly compelling comment on what will happen when shit gets real.

[ updated 6 Mar 2010 ]

Slashdot posts a rebuttal and declares the concept meaningless.

[ posted by sstrader on 13 February 2010 at 11:50:50 AM in Science & Technology | tagged anonymous ]