Keith C. Perry on 30 Jan 2015 08:08:36 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Article on 'cyberwarfare'

As with all things this isn't a "this or that" situation.  It will be a combination of things as it is now.  The evolution of new ideas and products doesn't change the ideology behind good security design.  However, the real "revolution" will come when the social engineering of security takes effect.  People, especially Americans think the US is inherently secure.  That's a laugh- a huge one.  That fallacy stems from the fact that people equate "safe" with "secure" and that's not the case when you dig into the semantics- 'too much work for populus that is addicted to things reality TV and the goal of accumulating Facebook friends but I digress...

Once people accept that their security is their responsibility first then the best possible security structures can be built out from that.  Until then, there won't be any net gains on the cyberwarfare battlefield.

~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ 
Keith C. Perry, MS E.E. 
Owner, DAO Technologies LLC 
(O) +1.215.525.4165 x2033 
(M) +1.215.432.5167

----- Original Message -----
From: "Rich Freeman" <>
To: "Philadelphia Linux User's Group Discussion List" <>
Sent: Thursday, January 29, 2015 10:26:12 PM
Subject: Re: [PLUG] Article on 'cyberwarfare'

On Thu, Jan 29, 2015 at 4:44 PM, Christopher Barry
<> wrote:
> what IS happening, now, is that there is a
> media blitz going on designed to further the agendas of the surveillance
> states around the world through FUD, e.g. outlawing end-to-end
> encryption, forcing backdoors into 'sanctioned' encryption technologies
> and operating systems and 'cloud' technologies, slurping up every byte
> of traffic in massive dragnet types of data collection, stingrays,
> plate readers, location tracking, the proliferation of closed
> proprietary firmware, and the very BIOSes of the hardware we use and
> ideally can trust. and on, and on...

The other new development is that there is far more data with
connectivity to the internet, and that recent attacks include
provisions for penetrating sneakernets.

The whole Sony attack is the first attack of that kind of magnitude,
and is a VERY real threat for any business.  People seem to pick on
them, but every large business I've seen is in a very similar security
state - typically a decent firewall and almost nothing past that with
every workstation/server reachable from anywhere on the network.

Large scale data breaches are becoming commonplace, and the whole
design of our credit card system seems to be nearing the breaking
point (the shared secret that you share with everybody).

Attacks are also becoming more targeted.  These days it isn't just
script kiddies and hackers interested in a challenge.  Now you have
corporate espionage, national espionage, and ransom being conducted by
organized groups.  Hacking has become a profession.

So, sure, network intrusions have been happening forever, but the
impact of that is growing both due to the purposefulness of the
attacks, and the criticality of the resources being attacked.

> centralizing security is a fools folly. for every ridiculously
> expensive and complex measure is a cheap and simple counter-measure,
> and 'bad guys' will always find and exploit it[1][2].

It has worked just fine for national borders.  Your corporate security
department doesn't have to worry about confronting a main battle tank
at the guardhouse.

A "great firewall" wouldn't be just perimeter defense either.  The
whole point is to have a two-tier system.  On the border you keep the
bad guys out.  On the inside you detect and prosecute computer crimes.
If you hack into a company from a US ISP, you're almost certainly
going to get caught by the FBI and locked up.  The problem is that
many attacks are mounted from countries that do not effectively
prosecute computer crimes.  If those countries were not connected to
the network, then you wouldn't have the same kind of risks.  Sure,
they could mail you a USB drive, or try to sneak somebody into a
public WiFi, but it isn't the same as just having an office building
full of black hats in some foreign country.

> Then the Viet Cong began putting lookouts with
> radios in ever increasing rings around important targets. when an F-111
> flew over, they would vector the flight path, radio ahead to guys that
> would fire mortars of chaff into the air.

Cite?  I couldn't find anything about this online.

Also, you're talking about war here.  If you fly high, some pilots are
going to die.  If you fly low, some pilots are going to die.  If
pilots dying was the primary concern, they wouldn't have been sent
into a warzone.  In the end you need to look at what kind of
technology and tactics result in the greatest impact on the enemy at a
reasonable cost to your own forces.

> [2]
> and a lesson here too

Yeah, don't believe everything the Iraqi information minister says.  :)

There are no credible sources for this as far as I'm aware, and which
seems more likely to anybody who has flown a plane and worked in IT:
1. A single-engine aircraft suffered some kind of mechanical problem
resulting in a forced landing and a dictatorship decided to take the
credit for downing it.
2. The Iranians managed to hack the encrypted and authenticated
communications and navigation systems on exactly one state-of-the-art
military drone.

I'm sure these systems were audited by the NSA, and out-witting them
on an encryption system seems fairly unlikely.  People mention GPS
spoofing, but GPS also has authentication available for military
receivers (but not civilian ones).

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --
Philadelphia Linux Users Group         --
Announcements -
General Discussion  --