Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security IT

Four Threats For '09 You Haven't Heard of 126

ancientribe writes "Security experts are cautiously on the lookout for some lesser-known but potentially lethal threats that could be more difficult to prepare for and defend against in 2009. These aren't your typical enterprise hack attacks. They're mainly large-scale Internet threats — attacks that knock out sections of the Internet infrastructure, radical extremist hackers, Web attacks that adversely affect online ad revenue, and even the unthinkable: human casualties as a result of a cyberattack." Also known as the new group of things the fear mongers will use to make you do their bidding.
This discussion has been archived. No new comments can be posted.

Four Threats For '09 You Haven't Heard of

Comments Filter:
  • Sorry (Score:5, Funny)

    by Anonymous Coward on Friday January 02, 2009 @03:06PM (#26303563)

    But we've heard of them all. What about that super volcano in Yellowstone? Now that is something that no one has heard of and it would be cool if Slashdot posted an article about that.

    • Indeed, but that is also something everyone has heard about... How about one involving the possibility of "Nemesis" [wikipedia.org] existing? I would even settle for an article about a look back at 2008 in viruses/malware...
    • Screw that (Score:3, Insightful)

      by djupedal ( 584558 )
      ...forget the 'un-. What say we start looking out for some of the thinkable, such as the cables that keep getting slashed in the Med, eh?
    • by khasim ( 1285 ) <brandioch.conner@gmail.com> on Friday January 02, 2009 @03:33PM (#26303915)

      From TFA:
      e-bomb
      Middle Eastern cybercartels

      And so forth. Lots of technobabble, not much factual information.

      • BE AFRAID! (Score:2, Insightful)

        by Anonymous Coward

        Be very afraid!

        Good.

        Now I will lead you back to safety if you do whatever I say...

      • by twistah ( 194990 )

        What do you expect from DarkReading, especially when the quotes are coming from firms trying to sell their various cure-all security offerings?

  • "The Unthinkable" (Score:5, Insightful)

    by Knara ( 9377 ) on Friday January 02, 2009 @03:06PM (#26303565)
    Why is "human causalities as the result of cyberattack" supposedly unthinkable?
    • by spazdor ( 902907 ) on Friday January 02, 2009 @03:10PM (#26303597)

      I tried to formulate a response to your question but my mind just won't go there. I'm having trouble figuring out why.

    • Re:"The Unthinkable" (Score:5, Interesting)

      by betterunixthanunix ( 980855 ) on Friday January 02, 2009 @03:16PM (#26303691)
      People often forget that many real world, physical system have internet connections, and therefore many people cannot even fathom the idea of a cyberattack resulting in human death. I read about a hack a few years ago that nearly resulting in a man being shot and killed by a SWAT team: somebody had spoofed the phone system and issued a call to 911 indicating that he was holding a family hostage, and the SWAT team arrived and very nearly shot the father in that house. The kid who executed the hack never even considered the possibility that a SWAT team with automatic weapons might actually fire their guns during the confusion (or so he said when he was arrested by the FBI). TFA indicates that a malware attack hit a UK hospital and shut down the computer systems, forcing doctors and nurses to search for paper records.
    • Why is "human causalities as the result of cyberattack" supposedly unthinkable?

      It's unthinkable the way physically bombing a hospital is unthinkable. It doesn't mean somebody might not think to do it, just that you have to question the perpetrator's humanity if they were to actually go through with it.

      Wiktionary definition: incapable of being believed; incredible; inconceivable or unimaginable; extremely improbable in a way that goes against common sense

      (Of course, if you are using the same definition I am and are still asking that question, I believe that makes you a sociopath...)

      • by ZygnuX ( 1365897 )

        But then again, cyberattacks are of a completely different nature than bombing a hospital.+Ã

        The one danger of malware and viruses, is that they can really get out of hand. Call me alarmist, but i think there are more chances of critical equipment of an hospital causing deaths because of a malware attack that got out of hand (you really dont know how much USB thumbdrives get into places they shouldnt), than say a terrorist bombing the place a-là Joker.

        PS: Why the hell is the preview functio

        • But then again, cyberattacks are of a completely different nature than bombing a hospital.+Ã

          Don't read too much into my original statement, now! My point was just to define how it was unthinkable, not to try to equate two very different kinds of attack.

          The one danger of malware and viruses, is that they can really get out of hand. Call me alarmist, but i think there are more chances of critical equipment of an hospital causing deaths because of a malware attack that got out of hand (you really dont know how much USB thumbdrives get into places they shouldnt), than say a terrorist bombing the place a-là Joker.

          This is a very realistic scenario, but I wouldn't consider it an attack; the word epidemic comes to mind. The idea of malware going haywire, though, is hardly "unthinkable," so I agree with you there.

          Note that the article did describe exactly this scenario as an attack, so perhaps they have a different definition of "unthinkable" than I do.

          PS: Why the hell is the preview function so goddamn slow!

          I dunn

          • Re: (Score:3, Funny)

            by plover ( 150551 ) *

            "He didn't fall? Inconceivable!"

            "You keep using that word. I do not think it means what you think it means."

      • Re: (Score:3, Interesting)

        It's unthinkable the way physically bombing a hospital is unthinkable. It doesn't mean somebody might not think to do it, just that you have to question the perpetrator's humanity if they were to actually go through with it.

        How right you are. [guardian.co.uk]

      • Two things:

        When you are sitting in front of a computer, there doesn't feel like much difference between playing a computer game and doing it for real

        Secondly, I don't think the malware outbreak at the hospital was intentionally directed at the hospital. They try to infect as many people as possible and don't think that some of their victims might be hospitals.

    • It's unthinkable because the IT industry as a whole seems incapable of comprehending the possibility of such an attack. Cities are installing muni-wifis without encryption, military branches are standardizing on Windows, commercial broadband routers/modems continue to be shipped with security off by default, etc.

    • Re: (Score:3, Insightful)

      by rev_sanchez ( 691443 )
      I'm pretty sure this is the plot for nearly every movie involving hackers. I'd say that it's overly thinkable.
    • by Torodung ( 31985 )

      Because it has been proven beyond a shadow of doubt that the "cyberworld" literally can't impinge upon "real life."

      There is a time-tested firewall (of lack of imagination) between the two. For instance: This message I've posted cannot affect "real life" in any way, shape, or form. ;^)

      --
      Toro

    • Why is "human causalities as the result of cyberattack" supposedly unthinkable?

      I think it should be [wikipedia.org] clear [wikipedia.org] by now that our government officials have never seen any of the Terminator [wikipedia.org] movies.

    • by Sloppy ( 14984 )
      Perhaps it's a joke [dagonbytes.com].
    • Why is "human causalities as the result of cyberattack" supposedly unthinkable?

      I know, haven't they seen The Matrix or something?

  • by rs232 ( 849320 ) on Friday January 02, 2009 @03:12PM (#26303631)
    'Three U.K. hospitals were forced to shut down their networks last month after a malware outbreak infiltrated their systems .. Prince says he worries that eventually, human lives could be affected by a cyberattack like that of those hospitals or attacks on national infrastructures such as utilities. "It will happen at some point," he says'

    Have these security professionals ever considered using computers that don't get malware ?

    Anti-virus, Anti-phishing, Spyware [perimeterusa.com]
    • Re: (Score:3, Insightful)

      In the scheme of things, while windows malware (I assume this is what you speak of) is an easy vector, it isn't the only vector. Plain and simple fact is, not everyone who uses a computer is competent, even when they should be (The same goes for car mechanics, doctors, etc).

      Here is a really easy way to root a few Unix(like) boxes. Scan for some FTP servers. Log in and spider the directories. Can you make a file that has the executable bit set? Great! Do some fingerprinting to figure out what OS it is (this
      • Re: (Score:2, Insightful)

        by Anonymous Coward

        Last time i checked FTP didn't have an EXEC method.

        I'm guessing you mean pray it has a directory inside a website (then why bother fingerprinting the OS) or you have shell access which just brings up the question of why you bothered ftping a file in the first place your more than halfway there!!

      • then run it

        This step is the hard part: I'm not aware of any FTP server that provides the ability to run arbitrary executables.

      • Re: (Score:2, Funny)

        by Anonymous Coward

          Here's a way to root a box:

          FTP a file to the box
          login as root
          run it

        • by Nebu ( 566313 )

          Here's a way to root a box:

          1. FTP a file to the box
          2. login as root
          3. run it

          We now know what the ever-mysterious step 2 (formally known only as "???") is!

      • Here is a really easy way to root a few Unix(like) boxes. Scan for some FTP servers. Log in and spider the directories. Can you make a file that has the executable bit set? Great! Do some fingerprinting to figure out what OS it is (this may not be necessary), upload an executable, then run it. You will be surprised at what said process can now access.

        Wasn't the article referencing 2009, rather than 1989?

      • They could also physically isolate networks on which lives depend.

    • by betterunixthanunix ( 980855 ) on Friday January 02, 2009 @03:30PM (#26303877)
      That may not be as simple as it sounds. Sure, it is technologically feasible to lock down a computer system, but there are matters of money and politics to consider. Consider the expense of hiring a full time security team that can tune ACLs and security policies and monitor the hospital network for intrusions. Here in America, hospitals, especially public hospitals, often have to fight for every dollar just to afford medical equipment, and there is constant political wrangling about paying for healthcare. Investing millions of dollars per hospital to create a secure IT infrastructure is a difficult move to justify when you are engaged in a battle for money for other equipment, and a lot of people either do not understand or do not care about the risks patients face from IT failures.

      There is also the matter of commercialization of healthcare software. Gone are the days when a hospital's IT staff would roll their own middle tier and front end systems -- healthcare software systems are now purchased from companies that "specialize" in such products. Those companies often market proprietary software, compile it for the world's most popular desktop OS, and send shrink-wrapped copies to hospitals. That software can force choices upon the hospital, like requiring a certain database that only runs on a certain server OS or preventing certain ACLs from being in place because of the manner in which the software utilizes system resources. It is neither malice nor incompetence, it is just a byproduct of the system we have in place for managing our healthcare centers.

      Personally, I have never understood how utilities might wind up in a situation where their systems may be vulnerable to a malware attack. I would think that the critical systems in utilities would be offline and running some sort of highly application-specific software, but I could be wrong.
      • Personally, I have never understood how utilities might wind up in a situation where their systems may be vulnerable to a malware attack. I would think that the critical systems in utilities would be offline and running some sort of highly application-specific software, but I could be wrong.

        Even our (the UK's) national electricity grid (and supergrid) are administered remotely by control centres. A control centre monitors the monitoring stations and controls the various control switches around the country from afar. For this to happen everything has to be online. Although perhaps just not TCP/IP using the phone network, they still need to be online. However I must admit that the control software I saw was on Unix systems and only running the control software (apparently because it had to be re

      • by AvitarX ( 172628 )

        Perhaps the expense of the team is so much it would be un-ethical to waste the money (passing the cost onto everyone who has insurance).

        The value of a human life (in these low probability of trouble situations) is 5-10 million (determined by the choices people make trading safety for savings on a daily basis). If there has not been a death yet (implied by the summery), why should we be spending so much money on the hypothetical. The amount we spend now is obviously proving to be pretty effective, how many

    • i.e. ones which don't run windows.......
    • I know a few medical doctors, including one who went through Computer Science undergraduate with me. They like their Microsoft products.
    • by Gordo_1 ( 256312 ) on Friday January 02, 2009 @04:14PM (#26304359)

      It's not that simple. You forgot about embedded systems. For example, a few years ago as an employee of a security software company, I had a conversation with the head of IT at one of the largest healthcare providers in the U.S. The conversation went something like this (I'm paraphrasing):

      Him: We have a had a heck of a time dealing with systems ping-ponging the Blaster worm at each other. Rebooting them fixes the problem temporarily, but eventually they just get reinfected.

      Me: Sounds pretty straight forward, we can help you remove malware from infected systems.

      Him: Well, a lot of our "Windows systems" are actually portable medical devices like kidney dialysis, heart monitors and life support machines running embedded Windows NT. They are built by the manufacturer with a particular software load and certified by the Department of Health. I can't change so much as a registry key on them or they will no longer be certified for use in a hospital.

      Me: So let me get this straight, you're saying that you have life support systems that are infected with worms and you can't disinfect them because the procedure would make the life support system less safe than it is with active malware on it?

      Him: Beyond rebooting and using external firewalls to block worm packets, my hands are tied so long as the system continues to perform its primary function.

      Me: Have you considered just disconnecting them from the network?

      Him: No can do. We need to monitor status and administer remotely.

      Now, I'm not saying that this situation is still true today or even that it was representative of the state of the healthcare industry at the time, but I find it highly believable that a virus/malware/worm outbreak somewhere *has* had an impact on someone's life.

      • Re: (Score:3, Insightful)

        by segra ( 867730 )
        so who certified the malware ??
      • by tekrat ( 242117 )

        That sounds like an absolutely plausible conversation. It's not an issue with malware, it's an issue of pointy-headed-bosses and sheer beaurocracy. The tech was right. If he changes ANYTHING on the embedded box, he'll be fired because the device will no longer be certified.

        That's the way this stuff works. In a hospital, proper paperwork is more important than actually saving lives. That's why I have to laugh every time I watch "House" and that doctor does something that no hospital would allow him to do.

        I k

        • by nuknuk ( 97188 )

          It sounds like rebooting the device actually clears the worm but they have so much malware traffic in the network that it gets reinfected due to them being unable to update the software w/ the fix...

          Seems like the best solution would be a handy network engineer blocking these communications at layer 4...then you reboot the devices at your leisure and eventually you should be relatively clean.

          (this assumes a lot, it's hard to say what shape the environment was in)

          • Assuming that rebooting the device did flush the worm (very doubtful), an IPS would help clear up the problem and would have helped prevent it in the first place. No need to modify the device itself. These days, I find it surprising that an IPS isn't standard network security equipment at hospitals.
      • When the FDA approves a medical device, your hands are really tied as to what modifications you can make to it, either as an end-user or even as the original supplier patching the system after release.

        A better solution would be to build the devices on a more secure platform right from the initial design and development stage, and get FDA approval for it on that platform... but then if it was a simple as that, somebody would already be doing it, right?

        K.

  • by account_deleted ( 4530225 ) * on Friday January 02, 2009 @03:14PM (#26303655)
    Comment removed based on user account deletion
  • by Seakip18 ( 1106315 ) on Friday January 02, 2009 @03:15PM (#26303677) Journal

    Reader's clicking on infected links because they're articles are so full of ads, they can't tell where the "Next Page" link is anymore.

    My solution is thus. [darkreading.com]

    I think the biggest threat is our own idiocy, rather than some ominous force.

  • are government and corporate interests that don't like the "leveling" effects of the internet. In eventual effect, how different is a DDOS attack from a Great Firewall. (not necessarily "of China") I know DDOS and filtering have different immediate effects, but I'm thinking of the social and political utility here, as well.

  • Unlikely (Score:5, Funny)

    by Crudely_Indecent ( 739699 ) on Friday January 02, 2009 @03:16PM (#26303689) Journal

    the unthinkable: human casualties as a result of a cyberattack.

    My daughter tries to play this card. She says "If I can't get on myspace and talk to my friends, I'll just die." (She never dies)

  • by Samschnooks ( 1415697 ) on Friday January 02, 2009 @03:24PM (#26303803)

    One U.S. hospital was recently hit with a denial-of-service attack that knocked its critical services offline temporarily. "There have been several close calls" including that one, notes Perimeter eSecurity's Prince, who couldn't reveal details about the attack on the hospital. Prince says the hospital was able to deploy some redundant power sources to keep its operations going during the attack on its network. But Prince says he worries that eventually, human lives could be affected by a cyberattack like that of those hospitals or attacks on national infrastructures such as utilities. "It will happen at some point," he says.

    Of course you do. Got to keep those customers coming in.

    The hospital I'm familiar with has an internal LAN with the Life or Death systems on it. The Docs that have access to it go through their gateway. In other words, a DOS attack would keep folks from seeing the hospital's website that has their marketing stuff, job listings, location, etc... nothing that would kill anyone.

    See, the IT folks there are actually pretty smart and read the security journals and some even come from defense contractors. Imagine that. This hyperbole is just a PR statement to get the suits and their lawyers all worked up to hire people like that for very large fees.

    • A malware attack on a hospital may very well affect life-or-death systems, if it is carried into the hospital on a USB key. Some doctor is reviewing patient records, brings it all home on his USB key for some reason, and brings that key back into the office -- now the malware is inside, on that internal LAN. It may not infect the life critical systems, but it may clog the network and prevent those hosts from communicating with whatever other systems they need to communicate with. My hope would be that th
      • Re: (Score:3, Interesting)

        by plover ( 150551 ) *

        Actually, it probably wasn't as expensive as you might think. Hang Wi-Fi access points around the place and let those get to the "untrustworthy" network. Use the physical Ethernet jacks installed 10 years ago to access the critical network. Pile the rules into the routers to permit only the business ports to and from the business machines. And set IDS systems to keep watch for suspicious traffic there, too.

        If data transfer to and from the critical network is a requirement, such as exchanging X-rays w

  • by PingXao ( 153057 ) on Friday January 02, 2009 @03:25PM (#26303811)

    First and foremost they're someone's push to get a .gov contract. Second, the scenarios outlined represent sensationalized what-if's that, if they ever happened, would be just as much the responsibility of the people who got hacked. You just can't put things on the internet and expect them to be secure. You can't. If you do, you're an idiot and you deserve to lose your job, get sued, and even go to prison for monumental stupidity.

  • by Anonymous Coward on Friday January 02, 2009 @03:27PM (#26303831)

    There is precious little new in this story, just a little present-day Nostradamus mixed in with a conspiracy theory, alarmism, and an admission that the enemies of the western world are not stupid and know how to use computers.

    If we want to go beyond panic stories, we have to start treating such attacks, any attacks, as real crimes. That means FBI needs to get involved, and there must be a serious effort at apprehension. Once apprehended, those folks must be treated like criminals, that means orange jumpsuites (not three-piece suites) and long prison terms. This must be publicized.

    As far as foreign threats, we need to work with local authorities. If those actitivites are conducted from within war zones, they need to be treated as enemy saboteurs and shot.

    It's time to stop distinguishing between "computer crime" and regular crime. The consequences are the same, the victims are the same, the costs are the same. Therefore, the penalties must also be the same.

    • Bloody hell. Why does /. sometime mark posts as Anonymous when I am clearly logged in? Anyway, the above "Need to stop treating computer crime as separate" post is by 'hwyhobo'. I don't waste my time posting anonymously.
  • Mytob? (Score:3, Insightful)

    by jav1231 ( 539129 ) on Friday January 02, 2009 @03:29PM (#26303859)
    Okay so Mytob shuts down a hospital. Frankly, hospitals and other public health entities shouldn't be running Windows. It's vulnerable and proven so time and again. Had they been on any *NIX-based system the spread of such a worm would have been mitigated.

    I know, a tired old point but I'm frankly sick of hearing about government entities and public works entities being brought down because they've bought into the Windows-everywhere philosophy.
    • Re: (Score:1, Insightful)

      by Anonymous Coward

      And I'm tired of lunix trolls claiming that everything open source is 100% secure out of the box with no configuration required. All unix based systems are completely invulnerable to every attack ever conceived huh? Fucking delusion morons.

      • Re: (Score:2, Insightful)

        by Lord Jester ( 88423 )

        It was not stated that it would be immune to attacks, rather the worm threat would be mitigating the threat of this worm.

        Also, he did not say Linux, he said a *nix based system. Which, until NT, most systems in such entities were.

        *nix based systems are not invulnerable, but it takes a lot more than a script-kiddie with a script generator to penetrate and subvert than in *nix based systems.

        But, regardless of your OS predilection, you should be able to admit that Windows based systems have an extremely highe

    • Re: (Score:3, Informative)

      by rev_sanchez ( 691443 )
      In modern health care IT systems you have multiple pieces of fairly complicated software generally coming from 1/2 a dozen vendors or so and a user population that is not that technically savvy but is familiar with Windows. Those vendors won't retool their software for market share that currently doesn't exist. It's easy to say that they should use something that isn't as susceptible to malware but that's the only part that's easy.
    • Ok - so that Might spare it from being collateral damage of whatever the latest worm might be, but that does nothing to prevent the hospital from being compromised when targeted. Since such a change would likely be wide spread (To create sufficient demand for software customizations) you aren't even getting much more diversity than you get now ...

    • by Spad ( 470073 )

      Correction, they were brought down because they had underfunded and/or under-qualified IT departments.

      I know of 2 NHS trusts in my local area that were hit by worms (Blaster and Mytob); the former because they weren't running any edge firewalls - left alone internal ones - and believed that the NHS N3 network was secure (It really, really isn't) and the latter because they didn't check to make sure that their AV software was actually updating itself.

      A lot of IT "departments" in the NHS are actually made up

  • Here is a quote from the article:

    David Maynor, CTO with Errata Security, says '09 could be the year when the first large-scale and widespread attack occurs on the Internet's infrastructure. "I think with the [hacking] work being done on Cisco and routing gear in general we'll see the first wide-scale 'e-bomb' that will break peering between ISPs and make large portions of the Internet unreachable," Maynor says.

    Obama's IT security plan (seen here: http://www.csis.org/media/csis/pubs/081208_securingcy [csis.org]
    • Yeah it's not well thought out. Why would the owner of a large botnet try and knock out peering when that'd just interfere with the flow of highly profitable spam?

      • Perhaps as part of a blackmail threat? A while back, botnet owners were blackmailing gambling site owners into paying them money to prevent a DDOS attack on their servers.

  • Pathetic. (Score:3, Informative)

    by fuzzyfuzzyfungus ( 1223518 ) on Friday January 02, 2009 @03:43PM (#26304021) Journal
    Even by the (low) standards of fear-mongering this is utter drivel. Pop-up blockers are an apocalyptic threat to the internet now?
  • This sounds like the "normal" threats that governments have been telling us all to be scared of for years. All this bunch have done is put an internet "spin" on them.
    • e-bombs? yeah - right
    • extremists: (yawn!)
    • economic downturn: puh-leeze
    • casualties: huh?

    Now, I'm all for taking sensible precautions, such as keeping my wallet in an inside pocket and locking the house before going out. However, I refuse to be bullied into changing my lifestyle just in case the one-in-a-billion chance that something bad, but fores

    • by plover ( 150551 ) *

      You're mixing physical threats with electronic threats, and not properly sorting out the risk differences between them.

      Anything connected to a network can be "attacked" by another node on the network, if proper precautions aren't taken. On the bare Internet, malware attacks come knocking about once a minute as all the botnets come around probing for weaknesses. That's not a one-in-a-billion chance, it's a demonstrable fact. Sensible precautions there include firewalls, fully patched machines, intrusio

  • It seems like for the last decade, that security ppl scream that Linux virus are everywhere. I am guessing that they are now screaming the same for new items.
  • Could an event like this be the potential kick in the ass that we need to receive to make people realize that security on the internet needs to be taken seriously? Think about how many credit card #'s are stolen/year, and how common it is to hear about identity theft. Despite this, little is being done to prevent these rampant crimes outside of gimmicky solutions that are little more than band-aids.

    I almost feel like if something occurred and caught the attention of the news for a few days, it may make co

  • Cutting Cables (Score:2, Insightful)

    by Jafar00 ( 673457 )
    I wanna know who keeps cutting the cables to Egypt and the rest of the Middle East. Talk about knocking out sections of infrastructure.
    • that's easy, most were done by anchors of willfully ignorant ship's crew. Quite common. Just think what someone with actual hostile intent could do with the nav charts those ships are supposed to be using.

  • by thetoadwarrior ( 1268702 ) on Friday January 02, 2009 @04:33PM (#26304587) Homepage
    The biggest threat facing the internet in 2009 is pointless scaremongering laid out on more pages than it should be to get more ad revenue.
  • Anchors.... (Score:3, Funny)

    by cbiltcliffe ( 186293 ) on Friday January 02, 2009 @04:55PM (#26304825) Homepage Journal

    They're mainly large-scale Internet threats â" attacks that knock out sections of the Internet infrastructure,

    Otherwise known as "anchors".....

  • ...just wait until that terrorist with a load of Sony laptop-batteries strapped around his waist come calling in a populated area near you.
  • It is as predictable as April Fools -- media content-fillers try to fill the newsvoid with non-news. The press is a giant maw that needs feeding daily. Nevermind the quality of the feed. Ink and photons must be sold on sched!

    The web is _slightly_ kinder since it does not have press- or airtime deadlines. The hits just drop off. Yet electrons need to be sold too!

  • Cause if they attack the tubes, those things will collapse under the pressure and that will increase global warming, as well as depressurize most skyscrapers worldwide.

    And nobody likes to see a 300 story skyscraper collapse into a 12 story puddle of goo.

    And then where will we be?

  • Back in 99? I had a philosophy teacher who was crazy smart and did crazy things right. He was always talking about how great the "internet" was because of all the things you can do on it (like getting around censoring).

    So I told him about an idea of how you could "cripple" the inet. My idea came from netsplits on a fairly large IRC network. When I explained it to him, he said "that can't happen because of redundancy." Well, IRC networks have redundancy too. But that's the point, not to eliminate it but d
  • The little boat flipped over. [moviequotes.com] A virus in the Gibson computer system claimed responsibility.
  • by Aram Fingal ( 576822 ) on Friday January 02, 2009 @08:48PM (#26307699)
    From TFA:

    One casualty of the jump in Web attacks and threats could be Internet ads, as enterprises and users increasingly begin to deploy technologies that block third-party content.

    Third-party content is ultimately not necessary for web ads. Advertisers could submit ads to be published by the sites themselves the way it's done in every other form of media. I suppose that there is some convenience in just serving ads from a third party but is that really worth the security and privacy costs? The main point of third-party content is to track users. Again, this isn't necessary. It's only done because one advertising agency is at a disadvantage if they don't do it while their competitors do. I realy don't see any great benefit to society from advertisers being able to profile people and deliver more and more targeted ads to them. Certainly, for my part, I don't think it's worth the loss of privacy and I've been blocking some kinds of third-party content for years because of it.

  • Bigger Fish..... (Score:3, Insightful)

    by IHC Navistar ( 967161 ) on Friday January 02, 2009 @08:50PM (#26307719)

    Even bigger threats:

    1) Undersea cable cuts

    2) Hub Power Outages

    3) Botnets

    Seeing as how *no* skills are required to execute the first two of the aforementioned items, I'd say that those are the biggest things to watch out for.

  • by FiloEleven ( 602040 ) on Friday January 02, 2009 @11:15PM (#26308775)

    but it doesn't seem to show up...

"The vast majority of successful major crimes against property are perpetrated by individuals abusing positions of trust." -- Lawrence Dalzell

Working...