IP: more on Mind-blowing-- How to own the Internet in yourspare time

[Dave Farber <dave () farber net>]

------ Forwarded Message
From: "Andy Duff" <andy () luddo com>
Date: Wed, 29 May 2002 09:57:24 +0100
To: "David Farber" <dave () farber net>
Subject: RE: Mind-blowing-- How to own the Internet in yourspare time

I sent the Vern Paxson paper to a couple of Network guys I know. Here's
their responses, which I found pretty interesting.


> On Mon 27 May Mike Astle wrote:
>
>
> The CDC part of this article just makes no sense.  The authors spend the
> majority of the paper showing that a worm could infect the entire Internet
> in less than a minute.  They then call for the creation of a body to
> combat infections which are by their own admission "so fast that no
> human-mediated counter-response is possible".
>
> I am convinced that the creation and distribution of a super-virus is
> possible, but I agree with Sam that the virus as described in this paper
> depends on so many assumptions (all neatly stated and then overlooked)
> as to be unlikely.
>
> It is unclear to me who might have an interest in releasing a truly
> destructive virus.  It will still be some time before a disruption of the
> Internet will hamper a country's military, so nations at war are not a
> realistic culprit.  Terrorists?  Seems unlikely.  It would be inconvenient
> to not be able to read slashdot, but I wouldn't feel particularly
> terrorized.  You'd get much more effect out of a few suicide bombers.
> Maybe anti-globalization types?  Financial institutions would take a
> pretty good hit from a loss of Internet connectivity.
>
> On Mon, 27 May 2002, Sam Bennett wrote:
>
> > i was getting bored by the time I was introduced to the whole 'CDC'
> > proposition.
> >
> > i'm certainly no expert, and these guys clearly have a decent
> understanding
> > of their subject, but i'm convinced that the whole thing amounts to a
> > childish attempt to establish a geeky gang of hilariously earnest
> > cyber-heroes.
> >
> > I would find it very difficult to believe that the top dogs in
> the network
> > security industries haven't spent a lot more time and money
> contemplating
> > future exploits (obviously with the somewhat more realistic
> goal of stiffing
> > businesses for as much money as they can) than this bunch.
> >
> > I just can't get away from the image of a drooling, pizza-faced
> ghoul with a
> > cultivated disdain for anyone who can't build a linux kernel,
> managing to
> > whine nasally over IRC about how no-one really understands how
> incredibly
> > inevitable a full-scale internet MELT-DOWN is, considering that he's the
> > only man on the planet to have considered the possibility that
> a Worm could
> > be programmable... uh-huh.
> >
> > Nothing in the article has any real substance - the
> 'mathematical models'
> > seem smugly self-serving, the anticipated propogation of a
> 'Wharhol Worm'
> > being the most indulgent.
> > Who came up with THAT one? It's all approximated, estimated and assumed.
> >
> > We're only titillated because the author throws some big numbers about.
> > Surely, if a worm was very well written to exploit a vulnerability that
> > no-one else had seen, and could infect a target server in one hit, that
> > would be it. Game over. It wouldn't interest you, as the IT
> manager of the
> > infected server to know that the virus had managed to discover
> and attack
> > 100,000,000,000 other servers in the same 15 second slot.
> > No, you'd be panicking because you couldn't log in as root
> anymore and the
> > number of calls requesting files from last nights backup is
> going up by 10
> > every minute.
> >
> > The way I see it, you prevent what you can by trapping vulnerabilities
> > before they can be exploited, securing data and keeping vigil. To the
> > typical business, that just means stringent firewalling, Email
> filtering,
> > regular backups and server maintenance and good virus scanners on
> > everything. If something slips through the net, it's already
> too late for
> > on-the-fly 'human mediation' (whatever he means by that), so
> you've just got
> > to hope you can isolate the attack and establish an effective defence.
> >
> > In a word: unimpressed.
> >
> > :)



------ End of Forwarded Message

For archives see:
http://www.interesting-people.org/archives/interesting-people/