Re: [PLUG] Article on 'cyberwarfare'

[Christopher Barry <christopher.r.barry@gmail.com>]

On Thu, 29 Jan 2015 13:54:16 -0500
Rich Freeman <r-plug@thefreemanclan.net> wrote:

>On Thu, Jan 29, 2015 at 9:24 AM, Paul Walker
><starsinmypockets@gmail.com> wrote:
>> An interesting read on the militarization of the internet:
>>
>
>I think the really new development here is the concept that everybody
>(individuals and companies and governments) alike are basically all on
>the front lines of this new "battlezone."

um, how is this 'new' again? 

>
>Historically company security was about having a fence and a guard
>watching some cameras who can call the cops if they see something.
>The cops are equipped to handle common thieves.  Anything bigger than
>that is supposed to be kept out at the national border.
>
>Cyberwarfare has changed this paradigm.  Imagine a world in which
>individual property owners were expected to be able to handle a
>platoon of tanks on their own.  That's basically what you get when a
>foreign government can send arbitrary packets to your gateway -
>anybody in the planet can subject you to any attack they wish with no
>outside interference.  Often it is difficult to even determine who was
>responsible for the attack, making even retaliation by a host
>government difficult.

a new-ish buzzword does not change the fact that hacking a remote host
is as old as the Internet itself. nor does it change the fact that
governments have been engaging in this activity since the /dawn/ of the
Internet - and even before. what IS happening, now, is that there is a
media blitz going on designed to further the agendas of the surveillance
states around the world through FUD, e.g. outlawing end-to-end
encryption, forcing backdoors into 'sanctioned' encryption technologies
and operating systems and 'cloud' technologies, slurping up every byte
of traffic in massive dragnet types of data collection, stingrays,
plate readers, location tracking, the proliferation of closed
proprietary firmware, and the very BIOSes of the hardware we use and
ideally can trust. and on, and on...

/this/ is what everyone needs to consider and be concerned about.
if Ed was able to extract and expose an enormous trove of highly
classified data to the world, because he felt everyone needed to be
aware and scared of this activity, how many others you'll never hear of
have already done so, but sold that data to the highest bidders
instead? It's been proven it's possible, and human greed shows it's
pretty likely.

>
>I could actually see a new "great firewall" in everybody's future.
>Perhaps a treaty would be drawn up where countries agree to detect and
>prosecute international computer crimes.  Countries that sign would be
>inside the firewall, and everybody else would be outside it.  Anything
>traversing the firewall would be proxied, and limited to a handful of
>protocols.  This wouldn't be unlike the mail - you can send a letter
>anywhere on Earth for the price of a stamp and almost no interference,
>but once you stick anything other than a piece of paper in the
>envelope you go through the destination country's customs system,
>involving delay, inspection, regulation, and duties.

centralizing security is a fools folly. for every ridiculously
expensive and complex measure is a cheap and simple counter-measure,
and 'bad guys' will always find and exploit it[1][2]. real security
requires that all of the technologies we need to trust are open to
inspection, auditing, and verification, not locked down and concealed
to all except a few that even recent history shows cannot be trusted.


[1] The F-111 fighter bomber used a radar called TFR (terrain following
radar) to fly extremely fast while hugging the treetops, and it cost a
fortune. Pilots relinquished control to this system, as it made
decisions much faster than a human could. In Viet Nam it was capable of
striking targets deep into enemy territory, and the targets had
practically zero warning. Then the Viet Cong began putting lookouts with
radios in ever increasing rings around important targets. when an F-111
flew over, they would vector the flight path, radio ahead to guys that
would fire mortars of chaff into the air. this chaff looked like a
brick wall to the tfr, which on many occasions caused the aircraft to
pitch up so violently that it destroyed it's own airframe and killed
the pilots. after a few of those events, no pilot wanted to use tfr. a
multi-million integrated flight control system thwarted by shredded
metal foil that cost a few bucks - maybe. There's a lesson there.

[2]
http://www.csmonitor.com/World/Middle-East/2011/1215/Exclusive-Iran-hijacked-US-drone-says-Iranian-engineer-Video
and a lesson here too




___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug