Interesting People mailing list archives
IP: more on Mind-blowing-- How to own the Internet in yourspare time
From: Dave Farber <dave () farber net>
Date: Wed, 29 May 2002 07:38:56 -0400
------ Forwarded Message From: "Andy Duff" <andy () luddo com> Date: Wed, 29 May 2002 09:57:24 +0100 To: "David Farber" <dave () farber net> Subject: RE: Mind-blowing-- How to own the Internet in yourspare time I sent the Vern Paxson paper to a couple of Network guys I know. Here's their responses, which I found pretty interesting.
On Mon 27 May Mike Astle wrote: The CDC part of this article just makes no sense. The authors spend the majority of the paper showing that a worm could infect the entire Internet in less than a minute. They then call for the creation of a body to combat infections which are by their own admission "so fast that no human-mediated counter-response is possible". I am convinced that the creation and distribution of a super-virus is possible, but I agree with Sam that the virus as described in this paper depends on so many assumptions (all neatly stated and then overlooked) as to be unlikely. It is unclear to me who might have an interest in releasing a truly destructive virus. It will still be some time before a disruption of the Internet will hamper a country's military, so nations at war are not a realistic culprit. Terrorists? Seems unlikely. It would be inconvenient to not be able to read slashdot, but I wouldn't feel particularly terrorized. You'd get much more effect out of a few suicide bombers. Maybe anti-globalization types? Financial institutions would take a pretty good hit from a loss of Internet connectivity. On Mon, 27 May 2002, Sam Bennett wrote:i was getting bored by the time I was introduced to the whole 'CDC' proposition. i'm certainly no expert, and these guys clearly have a decentunderstandingof their subject, but i'm convinced that the whole thing amounts to a childish attempt to establish a geeky gang of hilariously earnest cyber-heroes. I would find it very difficult to believe that the top dogs inthe networksecurity industries haven't spent a lot more time and moneycontemplatingfuture exploits (obviously with the somewhat more realisticgoal of stiffingbusinesses for as much money as they can) than this bunch. I just can't get away from the image of a drooling, pizza-facedghoul with acultivated disdain for anyone who can't build a linux kernel,managing towhine nasally over IRC about how no-one really understands howincrediblyinevitable a full-scale internet MELT-DOWN is, considering that he's the only man on the planet to have considered the possibility thata Worm couldbe programmable... uh-huh. Nothing in the article has any real substance - the'mathematical models'seem smugly self-serving, the anticipated propogation of a'Wharhol Worm'being the most indulgent. Who came up with THAT one? It's all approximated, estimated and assumed. We're only titillated because the author throws some big numbers about. Surely, if a worm was very well written to exploit a vulnerability that no-one else had seen, and could infect a target server in one hit, that would be it. Game over. It wouldn't interest you, as the ITmanager of theinfected server to know that the virus had managed to discoverand attack100,000,000,000 other servers in the same 15 second slot. No, you'd be panicking because you couldn't log in as rootanymore and thenumber of calls requesting files from last nights backup isgoing up by 10every minute. The way I see it, you prevent what you can by trapping vulnerabilities before they can be exploited, securing data and keeping vigil. To the typical business, that just means stringent firewalling, Emailfiltering,regular backups and server maintenance and good virus scanners on everything. If something slips through the net, it's alreadytoo late foron-the-fly 'human mediation' (whatever he means by that), soyou've just gotto hope you can isolate the attack and establish an effective defence. In a word: unimpressed. :)
------ End of Forwarded Message For archives see: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- IP: more on Mind-blowing-- How to own the Internet in yourspare time Dave Farber (May 29)