[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: engineering infowar disasters (was Re: How the FBI/NSA forces can further twist SAFE)





Phillip Hallam-Baker <[email protected]> writes:
> On Saturday, September 27, 1997 7:57 PM, Adam Back [SMTP:[email protected]] wrote:
> > Reckon cypherpunks can knock up a few of those.
> > 
> > So lets here some ideas for good photogenic infowar attacks which show
> > that the lack of crypto is dangerous.
> 
> I suggest unless people want to hand the FBI an excuse
> to harass everyone that they don't enter into this discussion.
> 
> There are plenty of conspiracy laws on the book. Infrastructure
> attacks are illegal and exactly the kind of thing that gets long
> jail sentences.

Uh, I think you are over-reacting.

It really depends how the engineered "infowar disaster" is presented
in the press, ranging from say:

	Dr Adam Back, a computer security researcher at Exeter
	University highlighted a fundamental weakness in DNS security
	which he demonstrates can be easily exploited.  "This is
	entirely avoidable", said Back, "the only reason that global
	infrastructure is left vulnerable, is that the wire-tapping
	extremists and intelligence special groups are being allowed
	to jeopardise national security to protect their jobs in their
	now redundant function in a post-cold war era."

or

	An anonymous cypherpunk took down half of the internet
	yesterday, with an estimated loss to business of $50 million.
	The cypherpunk hacker terrorist issued a manifesto claiming
	that his motives were to highlight insecurities in the DNS.
	Whether his motives were pure or not, the incident does
	highlight the vulnerabilities in our infrastructure, something
	infowar researchers have been arguing.

either one I can't see getting me or anyone else in trouble.

I didn't do it, no one saw me do it, you can't prove a thing, etc.  ie
actually I don't really know much about DNS mechanics, and am not
personally planning to perpetrate the attack, nor develop the
software, but why should I disclaim all that each time I write
something?  The other infowarers aren't in their academic papers...

They guy who wrote the SYN flood attack is none the worse for wear, it
was released in a phrack article, and I don't think there was any
secret as to who authored the software.

> More to the point it is completely counterproductive. Even now 
> there is probably some FBI junior waving Back's message in
> the air as if he has won the pools, probable cause for wiretaps
> I would say.

Ah, fuck that.  The FBI and spooks wiretap any one they want to
anyway, probably cause, feh.  Mealy mouthed disclaimers at the bottom
of each point in a discussion is a prior restraing on academic
research.  Cypherpunks have just as much right to discuss and develop
attacks demonstrating infowar vulnerabilities as Mr Winn "hype hype
hype" Schwartau (sp), or anyone else.

I'd suggest a good target for DNS jamming would be to take out .mil
TLD servers.  Not as if they're doing anything useful, and won't
adversely affect anyone else, whilst it will be a wake up call to the
SIGINT side of the GAK argument that they are jeopardising the
national infrastructure security side.  Perhaps we could even draw the
otherside into the argument.

> I suspect I'm not the only person on the list who is responsible 
> for a service that is a regular hacker target. If I catch someone I 
> really don't care what the motive for the attack was. I'm going to
> look to make that person serve jail time.

Your argument seems to be that if you legislate against OS bugs, that
they will go away.

Well, go ahead if your idea of computer security is to legislate
against security flaws.  Reminiscent of the politician who offered to
repeal a few laws of physics to help out the physicists.

I would point out that the hackers who change your web page, or
exploit OS bugs you haven't applied patches, and send you taunting
messages telling what's wrong with your setup, are probably doing you
a service.  If you have something of real value to secure, you'd
rather know about it from a few harmless hackers, than an industrial
spy who takes the farm, and covers up his tracks so well that you
don't even notice.

Adam
-- 
Now officially an EAR violation...
Have *you* violated EAR today? --> http://www.dcs.ex.ac.uk/~aba/rsa/

print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`