4820999
story
Comments: 134 +- IT: Collateral Damage From Cyber Warfare? on Thursday June 11 2009, @10:14AM
background: url(//a.fsdn.com/sd/topics/topicsecurity.gif); width:59px; height:78px;
security
background: url(//a.fsdn.com/sd/topics/topicmilitary.png); width:98px; height:98px;
military
theodp writes "If you're thinking about applying for that open US cyber warfare czar position, Robert X. Cringely points out that you will have to effectively function as a world cyber warfare czar, a fact that neither Republican nor Democratic Administrations have yet been willing to embrace, at least in public. The international nature of today's outsourced-and-offshored IT business has big implications for US security. Try to do a security audit of your company's technical resources in Argentina or Bangladesh, suggests Bob, and see what nightmare is unveiled. Toss some random Code Gods into the mix, says Cringely, and it's really too tough to predict who might win in a game of US vs. Albania."
Related Stories
1.79 x 10^12 furlongs per fortnight -- it's not just a good idea, it's
the law!
All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.
Hmmm... (Score:3, Funny)
Maybe it is time to end this man-made idiocy of nations and borders?
Re: (Score:3, Insightful)
But how will the rich hold on to their power and privilege if there is a real free market in labor, and workers can move wherever pays the most?
Re:Hmmm... (Score:5, Interesting)
Having a real free world market is the rich's wet dream, and they've effectively accomplished it. You have H1-B visas so the rich can hire Indians, who don't have the high prices we do. They use Mexicans here illegally to do jobs that Americans would do if they were paid appropriately.
How is a worker to "move where they pay the most" when he as no job? No job means no money for most people.
In a world you describe it would be a lot easier for the rich to hold their power and privelege. Why do you think the rich lobby for things like NAFTA?
Parent
Re: (Score:3, Interesting)
Don't you understand the one way nature of those regs? They don't want a free market at all. They want control, under the guise of "freedom". That "freedom" is for them only, and we get American Idol. You're not getting it. No borders means freedom for everybody to live where they please, not where the authorities grant you permission for somebody else's profit. Right now you are property of the state.
Re: (Score:2, Interesting)
You know, if us suckers would stop governing our daily affairs with money, we wouldn't have the problem. Giving someone money is like handing them your voice in society. It's like a vote that you never get to take back even when you realize you've been conned. Which means conning suckers and using them harshly is the number one mechanism to achieve power. Is that what you want to support?
The state isn't supposed to rule you. The state is all of you speaking together with one voice. Stop being cowards
Re:Hmmm... (Score:5, Insightful)
I have 9,826,630 square km (3,794,066 sq mi) I can hypothetically live in. But I don't have the freedom to live anywhere in that three million square miles, as I can't live without money. I'm living in Springfield because that's where I found work 20 years ago when I'd been out of a job for a while; I'd rather be living in the St Louis area, where I grew up. Maybe I'll move back there when I retire in a few years, but then again it will depend on money, too. Will I be able to sell my house? Will I be able to afford to buy one there?
Only independantly wealthy people have freedom to live where they want; the homeless do in theory, but in practice they don't have the money needed for travel.
I'm not the property of the state, I'm the property of my employer. The state is also the property of my (and your) employer. The world is and has always been owned and ruled by the very rich.
Parent
Re:Hmmm... (Score:5, Insightful)
You have H1-B visas so the rich can hire Indians, who don't have the high prices we do.
Actually, free trade means you can ship the work off to be done, so you don't even have to hire anyone, just contract.
They use Mexicans here illegally to do jobs that Americans would do if they were paid appropriately.
That's not really free trade either, it's slavery-plus. You underpay the workers, it's actually cheaper than housing them and trying to keep them healthy, and make a return on your investment. At the end of their period of employment you can just deport them and even skip a payment. You don't even have to whip anybody.
In a world you describe it would be a lot easier for the rich to hold their power and privelege. Why do you think the rich lobby for things like NAFTA?
NAFTA is not a free trade agreement, name to the contrary.
If you can come up with some actual examples of large-volume free trade in the USA, I'll be interested. I don't think you can.
Parent
Re: (Score:3, Interesting)
You don't even have to whip anybody.
Kinda takes all the fun out of this slavery thing.
Re: (Score:3, Informative)
NAFTA let goods and money flow as if there were no borders, but not poor people. Mexicans with no money still somehow manage to get into the US, disproving your second point. H1-B visas are an example of unfair regulation of the labor market, not a free market.
A real free market requires regulation in order to remain free, but the regulations need to favor the less powerful. Currently they do just the opposite.
how many fallacies can we count? (Score:2)
1. nationalism a populist force. not an artificial force propped up by financial influence
2. the rich are served by poorer workers in other countries. there is in fact a free market in labor, since there are rules on paper, but nothing really stops corporations from shopping for the locations of factories in the countries with the cheapest workers available
3. if workers could move wherever they want, they would all move to the places with the highest salaries. this would dramatically increase the pool of wo
Re:how many fallacies can we count? (Score:5, Insightful)
1.) Nationalism is an invention of the rich intended to make the poor support the interests of the rich. To the poor, one lord is much the same as the next, why should they care who rules them?
2.) Ah, I see. Rules on paper make a free market. Rules that let the rich move their business wherever labor is cheapest, but does not let labor move where the pay is the best.
3.) You've just described how the free market is supposed to work.
Parent
Re: (Score:2)
No, you silly fool. Nationalism is not an invention of the rich. Nationalism is an evolution from feudalism, which evolved from tribalism.
As if human beings could actually invent and implement something as complex as nationalism. HAHA!
Re: (Score:2)
How did Nationalism evolve from feudalism? How did feudalism evolve from tribalism? Who's interest did both events serve? How is a sense of national identity complex?
Your analysis is weak. HAHA!
Re:how many fallacies can we count? (Score:4, Interesting)
Cooperation is no less natural than domination. What's your point? Tribalism evolved from peeing on bushes?
There are two cultures in the world. The culture of feast and the culture of famine. You don't even know what the first one looks like, do you? Read 'The Continuum Concept' for a look at what non starvation oriented human societies look like. Look at the bonobo chimpanzees of South Africa for an animal example.
Everything does NOT try to get as big as it can. The universe is NOT total war of all against all, that is a culture of famine concept. And it is a self reinforcing, self fulfilling concept.
Parent
Re: (Score:3, Insightful)
Nothing can possibly be unnatural. It is important to remember that there is more to nature than competition. Cooperation is at least as important (although some would argue that cooperation is simply a competitive strategy.) Altruism is real, and genetically selected for, because it provides clear benefits to organisms that practice it.
Human nature is complex, and can not be defined outside of the environment humans are enmeshed in. If everyone has the means to punish unfairness and selfishness in others,
nationalism is an invention of the rich? (Score:3, Interesting)
lol!
nationalism is in fact a corrosive force in the world. i share your hatred of it. i share your hatred of the rich too. but at least i understand what nationalism is and what the rich aristocracy is a hell of a lot better than you do. the notion that it is invented by the rich is retarded
nationalism is really just a form of tribalism, extended over a broader area because of commonalities of ethnic allegiance and shared language. it requires a modern media to drive it, and this explains why and how modern
Re:nationalism is an invention of the rich? (Score:4, Insightful)
Who benefits from nationalist sentiment in China and Russia? The rich. Oh, sure, not EVERY rich person, some get skewered by it, but it is still part of the owning class game, a manipulation of the populace, to get them to cheer on their own oppressors.
"He may be a greedy, oppressive bastard, but he's OUR greedy, oppressive bastard!" is the sentiment that nationalism encourages. Really, it's a means of getting the oppressed to lay down their lives defending their oppressors from other oppressors.
Parent
Re: (Score:3, Insightful)
Funny how none of your examples ended up benefiting the poor, and simply ended up trading one set of oppressors for another. But that couldn't have been on purpose, nope.
exactly (Score:2, Insightful)
and whatever you are fighting for would equally be eventually corrupted and serve only an entrenched aristocracy, and equally require revolution in order to right injustices. this is the inevitable cycle of history. every revolution is fought by the commoners in the name of righting injustice by the ruling class, and every revolution eventually decays into nothing more than a new ruling class. this observation applies equally to whatever the hell you think you are fighting for
that's why its called history,
Re: (Score:3, Insightful)
Re: (Score:2)
Your comment is very confusing. What country do you live in? It's clearly not the USA, because our national borders certainly haven't prevented us from becoming the world police, a job to which we are highly unsuited.
Re:Hmmm... (Score:4, Insightful)
Are you sure that we aren't suited to being the world police? Our police state techniques are pretty damn good. We have a higher percentage of our population incarcerated or otherwise caught up in the penal system (parole and probation) than any other developed country. I'd say that when it comes to disenfranchising huge portions of the population, we're doing pretty darn well.
How do you prevent change in a political system? Strip the rights of everyone who runs afoul of it and might be inclined to change it.
Parent
Re: (Score:2)
We're well-suited to be the next world conquerors, but that's not who I want to be the world police. I want the police to help keep the peace, not to go to war on freedom.
Re: (Score:2)
It's not that we trump your sovereignty, it's the fact that you wanted a piece of the pie that we created (and controlled) in the first place.
Back then, it was simply a business matter. These days, it shouldn't be treated as such.
It needs to be treated like a political matter. You have your territory, and we have ours, just as you have your infrastructure in your country, and we have ours.
By the way, we aren't the world police if we haven't been acting as such. 3 generations ago, perhaps we did, but our
Re: (Score:3, Insightful)
Maybe it is time to end this man-made idiocy of nations and borders?
That's a great idea, let's make the UN a real world government with the authority and ability to enforce laws. And to make sure the laws are reasonably and fairly enforced, we'll get the Human Rights Council to oversee that (you know the one that has China and Cuba on it--such fine upstanding respecters of human rights).
Re: (Score:3, Interesting)
And to make sure the laws are reasonably and fairly enforced, we'll get the Human Rights Council to oversee that (you know the one that has China and Cuba on it--such fine upstanding respecters of human rights).
And USA and Britain for that matter; another two Nations with a far from flawless Human Rights record. Though if we really wanted point out the irony of the Human Rights Council not only are China, Cuba, USA and the UK on it but it also include; Saudi Arabia, Russian Federation, Egypt and Pakistan (and others who I don't really know anything about but I am sure have their share of closeted skeletons).
Re: (Score:2)
Re: (Score:2)
Without borders how can China and Cuba exist as anything separate from the rest of the world?
I always thought it might have something to do with having lots of tanks, bullets, and the ability to employ or force people to use them. You can declare borders illegal tomorrow but that won't stop groups from reimposing them. And in the absence of nations, who is going to stop them?
Re: (Score:3, Funny)
I called Princess Peach, My Little Pony and The Care Bears and they're on it.
Consider it done.
Re: (Score:2)
Re: (Score:3, Funny)
I for one welcome our pink, floating overlord.
Arrogant (Score:2)
They could probably make a better claim to the WORLD position (after all, it's not like the WORLD series - where only americans take part), having as they do, the great population size and a lot more cyber security already in place.
But then again, I suppose Cringely is pandering to an audience, who just want to be told that they're (still) king of the world - no matter what the reality
The internet is a bunch of insecure nodes (Score:2)
None of the widely used operating systems out there is secure. Until we embrace microkernels which have been proven to be secure, along with default usage of the object capability model, we'll never be safe.
It's possible to secure a computer to withstand the full force of the internet, even with normal users... but not with the code we have now.
Tannenbaum is right about microkernels... and Linus has reached the wrong conclusion.
Re: (Score:2)
Re: (Score:2, Funny)
"The internet is a bunch of insecure nodes"
No no no. It's a series of tubes, powered by hampsters running in rotating wheels. You're right about these microkernels you speak of--we must "embrace" them, for they are the food that power the hampsters. With the power of the microkernals, these super hampsters can then secure the internets from "enormous amounts of material, enormous amounts of material," and soon the internet will become a big truck that you can dump anything on.
A few ways... (Score:2)
Countries? (Score:2)
Let's be serious here (Score:2)
I propose the opposite... (Score:3, Insightful)
I'm tired of the resources of my nation being used to protect the world. I would really rather see our Cyber Czar take the opposite approach:
Secure our stuff, and let the rest of the world deal with their own problems in the way they best see fit.
This would require a moderate paradigm shift, to be sure, for example:
1) US-based corps that choose to outsource will need to factor this into their costs. Perhaps a US-based callcenter, backed by our security efforts, would be a better investment.
2) The original concept of the 'net would need to be reinstated - where if one or many nodes go down, the bulk of it remains functional.
3) Vendors inside the US would need to be encouraged to step it up and provide equivalent IT products to those available overseas. ...and so on, and so on...
I propose we look at the US in much the way any Security Pro looks at his sponsoring company. I can't be concerned with securing everyone on my same internet subnet. That's their deal. I wouldn't propose to use services and resources on those (presumably unsecured) nodes. Only my own IP's are my concern. The opposite is insanity, and is simply not in the best interests of those paying my paycheck. Same for our government, IMHO.
Likewise, where exactly in the Constitution is 'policing Pakistan's internet' supported? Are we still talking about the Commerce Clause? Because at some point it is going to logically fail. You can't just keep expanding power without putting paper behind it, unless we're ready to scrap the whole notion of a common set of national guidelines for what our government should and should not be.
Re: (Score:2)
'I'm tired of the resources of my nation being used to protect the world.'
Don't worry, they're not being so used.
Cyber Warfare (Score:3)
If you haven't seen Die Hard IV: Revenge of the Nerds [wikipedia.org], you should. It's a great nerd movie (at least, the unrated version is, the theatrical release was more like a censored for TV version).
Almost all the characters except John McClain are nerds. "Freddy", AKA "W4rlock", is the stereotypical uber-nerd, living in his mom's basement. In the movie, America's infrastructure is attacked programatticaly. As McClain and Farrell (a former black hat who has turned white hat) are flying the helicoppter over the darkened city (the bad guys have killed all the electricity) trying to find w4rlock, McClain asks him how they're going to find his house. "Easy, it'll be the one with the lights on".
The premise of the movie is a "fire sale" - everything must go. The bad guys turn all the traffic lights green, causing massive traffic accidents, then have the stock market boards show losses in all stocks, causing wall street panic, kill the electricity, etc.
It's great mindless fun about cyber-warfare. From the wikipedia article about the film [wikipedia.org]
After a real, 'hot' cyberwar... (Score:2)
...you will long for bullets, bombs, and nukes.
It will be nasty beyond measure. Worse than anything save nukes.
We need to accept this, and prepare for the inevitable.
Idiots. Outsourcing, offshoring etc irrelevant (Score:2, Insightful)
Who would win in any given matchup are underground groups. not any countries. no resources a formal government is able to muster can top the able hackers of underground scenes. this has been the case all along. us, china, russia, any of them has been hacked by these people wantonly, at will. neither this will change with applicatio of a 'cybersecurity tzar' or any such absurd official, or mustering of millions of $ and hundreds of men in any country's 'cyberwarfare unit'.
hacking, cracking, infiltration, sec
The hell ? (Score:2)
why the HELL are countries connecting their sensitive networks and data to internet ANYWAY ? it doesnt take millions of bucks and hundreds of it people and a 'cybersecurity tzar' to realize that ANYthing sensitive that is connected to internet is hackable, REGARDLESS of you outsource, offshore, implement hard, tight, restrictive internet controls and protocols, or track every move of every goddamn person on the internet or not.
if you want security, DONT CONNECT YOUR SENSITIVE NETWORKS TO INTERNET. period.
Why the hell do we accept Cringley articles? (Score:5, Insightful)
The man is a tremendous douche who always writes ridiculous articles so that people get their dander up and drive traffic. He's nothing more than a journo-troll.
And this whole cyber-crap thing misses the mark. First off, nix the cyber. Nothing makes you sound less knowledgeable than using cyber when talking about computers. Second off, computer warfare is just another way of fucking with the enemy's infrastructure. If anything, you could classify it a subset of cold warfare. That's anything that's indirect, doesn't involve the acting killing of others, but is a true struggle between nations. Economic warfare is the usual manifestation with trade wars, resource wars, and political maneuvering. It's not some crazy new thing that's all black leather and sexy computer chicks.
Did you steal info from a poorly-secured computer system? Great, that's just digital espionage. You could have sent a guy in with a camera to photograph stuff 30 years ago but you did it with a computer now. Same idea, different tools. Did you crash his telcom system? Great. Could have been done with a saboteur 30 years ago (generally poor luck with that sort of thing) but you managed it from your desk. Excellent.
While there will always be security holes in software, most of this exposure can be mitigated against with simple, sensible procedures. The thing we tend to forget is real life ain't like Hollywood. It may be cool in Chuck to think that a guy with a supercomputer armband can hijack a Predator whenever he feels like it but that's not reality. It may be cool to think that a hacker could pick any target he wants and break in but it's usually more a matter of running scripts and finding holes where you can get them, very luck of the draw.
When it comes to infrastructure attacks, I'm far less concerned with computer attacks. Throughout this country, we have a number of single points of failure that would be difficult to replace. Any civil engineer could draw up a hitlist in five minutes far more knowledgeable than I'm going to suggest here.
1. Long-haul transmission lines. It wouldn't take that much explosive to bring a tower down and they're often running through isolated areas. Knock a few towers down, then we're stuck spending billions to guard the rest.
2. While everyone is preoccupied with towers, hit the ...crap, I'm forgetting the name. My memory is wonky here but there's some expensive stuff used in electrical distribution that has very long lead times for ordering replacements. Blow up one of these, it could be a year before the new one arrives.
3. While everyone is preoccupied with that, send a few Lee Malvo teams to randomly snipe people around the country. Doesn't matter that the average commuter is ten times more likely to die in a crash that day than get sniped, everyone will panic.
4. While everyone is preoccupied with snipers, one of the other soft targets can be hit. Seriously, one electrical line failing took out New York. Making that happen again would have to be easier than plots like blowing up tanker trucks in the tunnels.
By all means, let's protect the computers but it's attacks like I've outlined above that I think would prove far more deadly. Of course, if I were the terrorist, I'd rather fart around with computer attacks from the safety of my cave than risk entering the target country but that's just me. I think people should be ridiculed for their political views, not killed. I'd make a lousy terrorist.
Re:Why the hell do we accept Cringley articles? (Score:5, Insightful)
There are very many easy-to-destroy terrorist targets all over the USA which would kill many people or cripple infrastructure for long periods of time. The fact that this doesn't happen continually is a testament to just how few real terrorists there are out there.
Parent
Politics (Score:2)
What we've already observed is the fact that cyber-warfare is a very real reality. Sure, it hasn't become a problem for the lowest common denominator, but there is no un-crossing that line, and no amount of pretending can make that potential threat go away. We can prevent cyber-warfare, or we can promote it.
One of the simplest ways to promote it is to treat it like "anything goes". Rules (including social rules!) have to apply; and politics has shown us a way. Treaties, alliances, and all that good stuf
Wall Street downtime (Score:3, Interesting)
What worries me is an attack that takes Wall Street down for three weeks. When it comes back up, the US will no longer be the financial center of the world. Singapore, Beijing, and Dubai will have taken up the load.
That wasn't possible in 2001, by the way; the other trading centers didn't have the capacity or the capital backing. Now they do.
Then again, Beijing is going to displace New York within a decade anyway. The US is now a debtor nation, and trading moves away from debtor nations.
Re: (Score:2)
It's just going to outline the way things are slowly proceeding:
ideas that are cultural are being blended. USA was the melting pot, the world is becoming the melting pot. What this means is that things such a religions, values that are specific to a culture, are all going to have to be thrown out. Giant culture shock, but that is the way that it goes.
Re: (Score:2)
Considering how much we depend on computers these days for increasingly vital stuff (read: power, water, hospital/medical records, etc...), people could very well die in a cyber war from the collateral damage if nothing else.