I'm just curious when or if rules are going to be put up about Internet sovereignty, so that an attack on a website is seen as an act of war.
I can totally see a situation where a US gov't website or economic hub (e.g. stock exchange servers) would get hit by a series of computers based out of N. Korea, the US declares war on N. Korea for violating US internet sovereignty, and the whole thing was a setup by a third party looking to create and exploit a power vacuum.
Maybe I've been reading too many NetForce novels, but the whole idea scares me, and I have the feeling that most people in America wouldn't understand why... particularly the people who make the laws about this kind of thing.
I'm just curious when or if rules are going to be put up about Internet sovereignty, so that an attack on a website is seen as an act of war.
I can totally see a situation where a US gov't website or economic hub (e.g. stock exchange servers) would get hit by a series of computers based out of N. Korea, the US declares war on N. Korea for violating US internet sovereignty, and the whole thing was a setup by a third party looking to create and exploit a power vacuum.
Maybe I've been reading too many NetForce novels, but the whole idea scares me, and I have the feeling that most people in America wouldn't understand why... particularly the people who make the laws about this kind of thing.
What stops people doing that is the same thing that stops them doing it in the physical world. People have been trying to frame others for military attacks since the dawn of human history and the main deterrant is that if it backfires not only will the government become destabilized from within as people oppose the subterfuge but both involved nations with pile on it simultaneously.
Not to mention, even if they succeed, it will come back to haunt them at some later point after their intervention is discovered.
That's actually an interesting brain teaser. On so many levels.
First, nothing's more trivial than to frame someone in such an attack. The computers participating are usually bots, the server is often a hacked box as well (and if not, you can rent one for little money), it's nothing you could easily trace to the source.
Second, will people understand why they should fight and possibly die for a virtual attack, people who don't use a computer and don't know the importance of the internet to modern commerce and
If China gave us clearance to attack North Korea, I would hope that we would start by blowing up the government (using air power). I think the people would get the idea pretty quickly, so I'm not sure a deadly ground war would follow.
All that is required is to pull the damn plug on these bots. Each of these machines has and IP address which it advertises every time it makes an attack. That's right folks: The return IP address is part of the header. You can't route packets without this information.
These feral packets _ALSO_ come into the ISP's routers. It is easy to identify them. Uninfected machines don't normally sit there and hammer away at port Blah. Some of the worst ports are 80 (html), 25 (mail) and 22 (SSH).
One really needs to only look at the ports that the botnet tries to exploit.
A simple solution is to pull the plug. A solution which is slightly more difficult is to block the ports the botnet is trying to attack on and then redirect any web access to a banner page advising the owner their machine is cracked and what to do about it... or a tech could phone the client.
_any_ ISP can do this. If they don't do it then they don't want to. As for consumer rights - crap! Its the ISP's which write the Terms of Service. They can put pretty much any terms they want providing said terms are considered reasonable. The public will probably not object. Spammers might however but then who cares if they can't find an uplink.
So the first place to start is at the ISP level.
Next: I've blocked botnets of more than 50,000 machines. I use OpenBSD on the webservers and on the firewalls. Its not that hard to do. Pf can easily handle this. If the server admins over at the "US Government Web Sites" can't handle this then IMHO they are incompetent. If reference, here is an example of how to block these bots in PF:
Although this might help against some types of denial of service attempt where they're making your machine work harder by servicing what look to be legitimate requests, it does not help against attempts at network saturation from incoming packets unless you can block it at the upstream router.
Yes - we need to block at the upstream router. This is why the ISP who connects the bot to the net has to become proactive and stop burying their collective heads in the sand.
We all know who these ISP's are too. They tend to be the big boys.
The thing is that they can even write into their terms of service that the customer _agrees_ to a reasonable fee to correct zombie machines. Then they can make money on the "service" they provide.
Each of these machines has and IP address which it advertises every time it makes an attack. That's right folks: The return IP address is part of the header. You can't route packets without this information.
Not necessarily. For SYN flood [wikipedia.org] the src address can be spoofed, since the attacker doesn't care if he gets the SYN-ACK.
What the ISPs could do for this is to filter outbound traffic such that if the src IP is not on their network (i.e., is spoofed) the packet is dropped.
Let's not. See what offends me about this whole thing is that it's so obivious. If they'd just targeted America, it could have been anyone. But 'whoever' it was had to go and hit South Korea too, at the same time. Who hates both the US and South Korea?
By the way, don't say "Chinese Plot", they have nothing to gain from upping tensions at this point. They've been trying to bring the North Koreans into negotiations and they too have issued denounciations against NK by this point. Iran's official line is that the UK is mostly responsible for their problems, they have little to gain from doing something to the Americans and the Russians were just recently in negotiations with Obama that appear to have gone well.
What always bugs me with these "cyberwar" news is that people try to put one country as responsible for them, and its always China or Russia or one of the other "bad guys". Like parent post said, their goverments have no reason to do something like DDOS attacks against US. Who's to say its not just some individual who either is pissed at US/South Korea or has such political views, or does so for whatever reason? Stop blaming countries as a whole if you dont know it.
What always bugs me with these "cyberwar" news is that people try to put one country as responsible for them, and its always China or Russia or one of the other "bad guys". Like parent post said, their goverments have no reason to do something like DDOS attacks against US. Who's to say its not just some individual who either is pissed at US/South Korea or has such political views, or does so for whatever reason? Stop blaming countries as a whole if you dont know it.
But there's two things that are important here..
1. An individual would have to be VERY motivated to attack two countries at once. Especially if those countries are the US and South Korea. The only thing that makes them unique is that they're at war with North Korea. We also know for a fact that the North Korean citizen does not have internet access from reporters inside the country, in fact posessing a device that can access the outside is punishable by death there so it can't have been a NK citizen acting alone. Assuming it was just one citizen from another country they would have to be very dedicated to perform what is basically a military strike against a foreign power. Prepared to risk death to frame North Korea; that would be a very unique combination and it makes little sense.
2. North Korea has recently been upping it's cyberwar capability enough for it to show up in overseas media. They only recently sent teams to participate in international hacking challanges and appear to have done well in them. One of the main reasons I instantly suspected NK is because of this.
So my personal suspicion is based on the fact that they've recently been working hard to build up their capability in this field despite having no internet connectivity for the average citizen and then all of a sudden a cyber strike hits North Korea's enemies at the same time they're conducting missile tests in contravention of UN sanctions.
An individual would have to be VERY motivated to attack two countries at once.
The point of a botnet is they don't have to be very motivated at all. Just bored. Having a list of IP numbers or URLs that includes 2 countries is *not* difficult.
The point of a botnet is they don't have to be very motivated at all. Just bored. Having a list of IP numbers or URLs that includes 2 countries is *not* difficult.
I mean there's a high probability (50%+) that they will spend the rest of their lives inside a prison. Targeting a foreign country's military infastructure is no small thing and their home country is unlikely to go to defend them from something like this. If they're smart enough to pull this off no doubt this would have occured to them as well. Remember the guy that infiltrated NASA got something like 20+ years and that wasn't even military critical, neither did he do damage.
You think for one second that a bored hacker even thinks that far ahead?
And lets get some perceptive here. A few website went down for less than a day. Hardly an attack that anyone should care about. And not national security or military level either.
Really a DDOS attack like this, *is* a small thing.
Why does it have to be a country. What about some dirty hacker somewhere with nothing more than an axe to grind. Or perhaps he/she just doesn't like getting teased at school.
Its not fricken national emergency. Its just a botnet attack. Seriously what are the effects? Some website wasn't available all day? Sounds like just another day on the internet...
Let's not. See what offends me about this whole thing is that it's so obivious. If they'd just targeted America, it could have been anyone. But 'whoever' it was had to go and hit South Korea too, at the same time. Who hates both the US and South Korea?
Well said. And might i add that we in the past used to blame Canada for all that's wrong. With their beady little eyes and flapping heads so full of lies.
dont be naive. Why would China try to bring NK to the table? They have nothing to gain from that! Of course they pretended, seeing how far the US goes.
The NK pressure clearly causes headaches for US, ergo its good for China.
The Chinese fund something like 9/10th of NK's fuel and 8/10th of their consumer goods, they basically keep the country running and the word I've heard is because they want to both bolster communism in the world and because it buffers the incredibly rich incredibly capitalist South Korea from their borders. If the Americans finally snap and burn North Korea to the ground the Chinese are unlikely to go to bat for them, it's not worth it, the Americans owe them money and being seen to start wars is bad for bu
The best defense is always a good offense. Why not launch an attack on North Korea? We have far more advanced technology and could probably cause more damage to them than they could cause to us. If we are crippling their systems, they won't be able to attack ours. I would love to see our government take off the gloves in the cyber world for a change rather than always invading everyone.
Since they started it, it would only be fair. However, there would definitely be some line about imperialist agression. Still, there's almost no chance they would escalate it to physical conflict. A shot above the bows would be nice for once. It might save us from having to drop the hammer when they finally go too far.
However, do they have enough internet connected infastructure to be worth hitting?
The reason the U.S. wouldn't attack North Korea in a cyber war is the same reason we wouldn't attack Iran. The internet is a far more powerful tool when it is use to sway opinion than it is to cripple systems.
If you want to wage a "real" war for a "virtual" one, you can't win. Hell, NC is so beaten up, any bomb you drop there would only increase land value due to the increase of resources, whatever you might want to bomb is worth less than the bomb you drop on it.
And staying in virtual land... now, what virtual targets of NC do exist, anyway?
That's BS. The best defense is invisibility to the possible attacker.
>We have far more advanced technology... *COUGH* Did you notice, you are being pounded by your own technology? Like in BSG, the least 'advanced' battleship survived the first attack.
Can you say joe job? Also, the FTC website is down? OMG THE FTC WEBSITE IS DOWN!!!! Oh hang on, wait, ermm, world totally failing to collapse here. Can we stop calling this rubbish cyber warfare and call it a middling DoS attack, which is what it is? It's not war, it's pathetic. 4chan could probably do better than this.
Even if the gov't does nothing there will be some vigilante script kiddies that take up the fight and go after anything related to N. Korea... even if no proof the attacks originated from there is ever found.
Of course we could just blame Michael Jackon's funeral for the internet meltdown.
Could always do what Russia does they recruit and help train them and supply them, but never officially support them however they pretty much sick them on people to have their way example with with Georgia.
You're right. The real enemy here is Microsoft! If we stopped Windows, we would stop the attacks. I think we should send the military to liberate Redmond.
"Cyberwar" is a minor inconvenience, unless they DoS GPS and Satellite communications.
It's propaganda, PsyOp distraction from things that matter. If a bunch of government shovelware is unavailable for a few hours, really the folks who benefit are you and me. And the folks who thrive on theses "scares" by setting "Threat Levels".
There is no Computer license to revoke, no background checks for suitability. There certainly should be.
The petrol in my garage is for my mower and my motorcycle. If someone uses it for another use by breaking into my garage and stealing it, that's their problem.
Yes, you can report it stolen, but don't expect an insurance payout.
So, normally I would agree with you hands down, however, I think the issue is that many people are unaware that their computers are being used for malicious purposes.
Case in point: recently I visited a friend of mine to take a look at his computer. He was complaining it was running slow. A quick check showed multiple viruses on his machine. I asked him how long it had been that way, and his response was, "a few months".
The thing is, by far and large a significant portion of the population is more than li
Yes you can say the car was stolen. There are parts of the country that don't lock their doors and leave keys in there ignition. Thats a good thing, it says people are relatively honest in those parts. Should you suddenly be an accomplis a theft if someone steals your car. I think not unless you hand them the key and say steal it. And no leaving your keys in the ignition is Not handing to them, its showing some amount of trust. That justification is a spin done by theives to justify their actions. Well they
> As you have so insightfully put it "How much connectivity does NK have?"
That's irrelevant. The bots are not in North Korea and the goverment behind the attack could communicate with the controllers (who could be anywhwere) via short-wave radio. The attacker may not even have created the botnet: they may have purchased it on the open market.
I agree that there is no direct evidence of North Korean involvement, though.
Internet Sovereignty (Score:4, Interesting)
I can totally see a situation where a US gov't website or economic hub (e.g. stock exchange servers) would get hit by a series of computers based out of N. Korea, the US declares war on N. Korea for violating US internet sovereignty, and the whole thing was a setup by a third party looking to create and exploit a power vacuum.
Maybe I've been reading too many NetForce novels, but the whole idea scares me, and I have the feeling that most people in America wouldn't understand why... particularly the people who make the laws about this kind of thing.
Re:Internet Sovereignty (Score:4, Interesting)
I'm just curious when or if rules are going to be put up about Internet sovereignty, so that an attack on a website is seen as an act of war. I can totally see a situation where a US gov't website or economic hub (e.g. stock exchange servers) would get hit by a series of computers based out of N. Korea, the US declares war on N. Korea for violating US internet sovereignty, and the whole thing was a setup by a third party looking to create and exploit a power vacuum. Maybe I've been reading too many NetForce novels, but the whole idea scares me, and I have the feeling that most people in America wouldn't understand why... particularly the people who make the laws about this kind of thing.
What stops people doing that is the same thing that stops them doing it in the physical world. People have been trying to frame others for military attacks since the dawn of human history and the main deterrant is that if it backfires not only will the government become destabilized from within as people oppose the subterfuge but both involved nations with pile on it simultaneously.
Not to mention, even if they succeed, it will come back to haunt them at some later point after their intervention is discovered.
Parent
Re: (Score:2)
That's actually an interesting brain teaser. On so many levels.
First, nothing's more trivial than to frame someone in such an attack. The computers participating are usually bots, the server is often a hacked box as well (and if not, you can rent one for little money), it's nothing you could easily trace to the source.
Second, will people understand why they should fight and possibly die for a virtual attack, people who don't use a computer and don't know the importance of the internet to modern commerce and
Re:Internet Sovereignty (Score:4, Insightful)
If China gave us clearance to attack North Korea, I would hope that we would start by blowing up the government (using air power). I think the people would get the idea pretty quickly, so I'm not sure a deadly ground war would follow.
Yes, because that worked so well in Iraq [wikipedia.org].
Parent
Who Cares? (Score:5, Insightful)
I'm sorry, but if this has nothing to do with Michael Jackson, apparently no one cares.
Re: (Score:3, Funny)
US Government websites attacked... (Score:5, Funny)
I blame Blizzard (Score:3, Funny)
How do you know they went down? (Score:5, Insightful)
Now if google [google.com], wiki [wikipedia.org], or itunes [apple.com] goes down, then PANIC!
Re: (Score:3, Informative)
ftc.gov? Nobody goes to those sites...
I do. It's the home of the National Do Not Call Registry. www.donotcall.gov.
Also notice that registrations there no longer expire every 5 years!
Re: (Score:3, Informative)
Honestly, when was the last time you went to ftc.gov?
I send people here [ftc.gov] all the time to point out credit card misconceptions.
Pull the Gdamn plug! (Score:4, Informative)
All that is required is to pull the damn plug on these bots. Each of these machines has and IP address which it advertises every time it makes an attack. That's right folks: The return IP address is part of the header. You can't route packets without this information.
These feral packets _ALSO_ come into the ISP's routers. It is easy to identify them. Uninfected machines don't normally sit there and hammer away at port Blah. Some of the worst ports are 80 (html), 25 (mail) and 22 (SSH).
One really needs to only look at the ports that the botnet tries to exploit.
A simple solution is to pull the plug. A solution which is slightly more difficult is to block the ports the botnet is trying to attack on and then redirect any web access to a banner page advising the owner their machine is cracked and what to do about it... or a tech could phone the client.
_any_ ISP can do this. If they don't do it then they don't want to. As for consumer rights - crap! Its the ISP's which write the Terms of Service. They can put pretty much any terms they want providing said terms are considered reasonable. The public will probably not object. Spammers might however but then who cares if they can't find an uplink.
So the first place to start is at the ISP level.
Next: I've blocked botnets of more than 50,000 machines. I use OpenBSD on the webservers and on the firewalls. Its not that hard to do. Pf can easily handle this. If the server admins over at the "US Government Web Sites" can't handle this then IMHO they are incompetent. If reference, here is an example of how to block these bots in PF:
pfctl -t spammers -T add 190.174.220.241
pfctl -t spammers -T add 67.10.200.220
pfctl -t spammers -T add 125.161.37.199
pfctl -t spammers -T add 71.218.209.198
pfctl -t spammers -T add 202.28.120.19
This is a shell script BTW. extracting the list of bots can be done by scanning the appropriate logs.
Re:Pull the Gdamn plug! (Score:4, Insightful)
Although this might help against some types of denial of service attempt where they're making your machine work harder by servicing what look to be legitimate requests, it does not help against attempts at network saturation from incoming packets unless you can block it at the upstream router.
Parent
Re: (Score:3, Insightful)
unless you can block it at the upstream router.
Yes - we need to block at the upstream router. This is why the ISP who connects the bot to the net has to become proactive and stop burying their collective heads in the sand.
We all know who these ISP's are too. They tend to be the big boys.
The thing is that they can even write into their terms of service that the customer _agrees_ to a reasonable fee to correct zombie machines. Then they can make money on the "service" they provide.
OTOH... let me advise o
Re:Pull the Gdamn plug! (Score:5, Informative)
Each of these machines has and IP address which it advertises every time it makes an attack. That's right folks: The return IP address is part of the header. You can't route packets without this information.
Not necessarily. For SYN flood [wikipedia.org] the src address can be spoofed, since the attacker doesn't care if he gets the SYN-ACK.
What the ISPs could do for this is to filter outbound traffic such that if the src IP is not on their network (i.e., is spoofed) the packet is dropped.
Parent
Re: (Score:3, Insightful)
I cannot think of one legitimate case where spoofed IPs is legitimate.
Re:blame China (Score:5, Insightful)
ok let's blame China now for this.
Let's not. See what offends me about this whole thing is that it's so obivious. If they'd just targeted America, it could have been anyone. But 'whoever' it was had to go and hit South Korea too, at the same time. Who hates both the US and South Korea?
By the way, don't say "Chinese Plot", they have nothing to gain from upping tensions at this point. They've been trying to bring the North Koreans into negotiations and they too have issued denounciations against NK by this point. Iran's official line is that the UK is mostly responsible for their problems, they have little to gain from doing something to the Americans and the Russians were just recently in negotiations with Obama that appear to have gone well.
Parent
Re:blame China (Score:5, Insightful)
What always bugs me with these "cyberwar" news is that people try to put one country as responsible for them, and its always China or Russia or one of the other "bad guys". Like parent post said, their goverments have no reason to do something like DDOS attacks against US. Who's to say its not just some individual who either is pissed at US/South Korea or has such political views, or does so for whatever reason? Stop blaming countries as a whole if you dont know it.
Parent
Re:blame China (Score:4, Insightful)
What always bugs me with these "cyberwar" news is that people try to put one country as responsible for them, and its always China or Russia or one of the other "bad guys". Like parent post said, their goverments have no reason to do something like DDOS attacks against US. Who's to say its not just some individual who either is pissed at US/South Korea or has such political views, or does so for whatever reason? Stop blaming countries as a whole if you dont know it.
But there's two things that are important here..
1. An individual would have to be VERY motivated to attack two countries at once. Especially if those countries are the US and South Korea. The only thing that makes them unique is that they're at war with North Korea. We also know for a fact that the North Korean citizen does not have internet access from reporters inside the country, in fact posessing a device that can access the outside is punishable by death there so it can't have been a NK citizen acting alone. Assuming it was just one citizen from another country they would have to be very dedicated to perform what is basically a military strike against a foreign power. Prepared to risk death to frame North Korea; that would be a very unique combination and it makes little sense.
2. North Korea has recently been upping it's cyberwar capability enough for it to show up in overseas media. They only recently sent teams to participate in international hacking challanges and appear to have done well in them. One of the main reasons I instantly suspected NK is because of this.
So my personal suspicion is based on the fact that they've recently been working hard to build up their capability in this field despite having no internet connectivity for the average citizen and then all of a sudden a cyber strike hits North Korea's enemies at the same time they're conducting missile tests in contravention of UN sanctions.
Parent
Re: (Score:3, Interesting)
An individual would have to be VERY motivated to attack two countries at once.
The point of a botnet is they don't have to be very motivated at all. Just bored. Having a list of IP numbers or URLs that includes 2 countries is *not* difficult.
Re: (Score:3, Interesting)
The point of a botnet is they don't have to be very motivated at all. Just bored. Having a list of IP numbers or URLs that includes 2 countries is *not* difficult.
I mean there's a high probability (50%+) that they will spend the rest of their lives inside a prison. Targeting a foreign country's military infastructure is no small thing and their home country is unlikely to go to defend them from something like this. If they're smart enough to pull this off no doubt this would have occured to them as well. Remember the guy that infiltrated NASA got something like 20+ years and that wasn't even military critical, neither did he do damage.
Re:blame China (Score:4, Insightful)
And lets get some perceptive here. A few website went down for less than a day. Hardly an attack that anyone should care about. And not national security or military level either.
Really a DDOS attack like this, *is* a small thing.
Parent
Re: (Score:3, Informative)
purple monkey dishwasher
Re: (Score:2)
Its not fricken national emergency. Its just a botnet attack. Seriously what are the effects? Some website wasn't available all day? Sounds like just another day on the internet...
Re: (Score:2)
Let's not. See what offends me about this whole thing is that it's so obivious. If they'd just targeted America, it could have been anyone. But 'whoever' it was had to go and hit South Korea too, at the same time. Who hates both the US and South Korea?
It could be the Martians.
Re: (Score:2)
Well said. And might i add that we in the past used to blame Canada for all that's wrong. With their beady little eyes and flapping heads so full of lies.
Re:blame China (Score:4, Funny)
Who hates both the US and South Korea?
Democrats
Parent
Re: (Score:2)
dont be naive. Why would China try to bring NK to the table? They have nothing to gain from that! Of course they pretended, seeing how far the US goes. The NK pressure clearly causes headaches for US, ergo its good for China.
The Chinese fund something like 9/10th of NK's fuel and 8/10th of their consumer goods, they basically keep the country running and the word I've heard is because they want to both bolster communism in the world and because it buffers the incredibly rich incredibly capitalist South Korea from their borders. If the Americans finally snap and burn North Korea to the ground the Chinese are unlikely to go to bat for them, it's not worth it, the Americans owe them money and being seen to start wars is bad for bu
Re:blame China (Score:4, Informative)
Parent
Re: (Score:2)
Re: (Score:3, Funny)
No, it's the PFUWU-ML (People's Front of Unpatched Windows Users - Microsoft Legacy).
Re: (Score:2)
It was a communication problem between the botnet control servers. They just didn't get the update.
Re:blame China (Score:5, Interesting)
I've heard this theory before and my first thought was: "Do they even have internet in North Korea?"
Well, do they?
Parent
Re: (Score:3, Insightful)
The best defense is always a good offense. Why not launch an attack on North Korea? We have far more advanced technology and could probably cause more damage to them than they could cause to us. If we are crippling their systems, they won't be able to attack ours. I would love to see our government take off the gloves in the cyber world for a change rather than always invading everyone.
Since they started it, it would only be fair. However, there would definitely be some line about imperialist agression. Still, there's almost no chance they would escalate it to physical conflict. A shot above the bows would be nice for once. It might save us from having to drop the hammer when they finally go too far.
However, do they have enough internet connected infastructure to be worth hitting?
Re:Counter attack (Score:5, Insightful)
The reason the U.S. wouldn't attack North Korea in a cyber war is the same reason we wouldn't attack Iran. The internet is a far more powerful tool when it is use to sway opinion than it is to cripple systems.
Parent
Re:Counter attack (Score:4, Insightful)
Other than Lil Kim's xbox, how much is there to attack?
Seriously, NK is dirt poor and supremely paranoid. It's not like their economy depends on the internet in any way.
And if you attack their military computers then you quickly escalate things to a very dangerous level.
Parent
Re: (Score:2)
You can't really win that war.
If you want to wage a "real" war for a "virtual" one, you can't win. Hell, NC is so beaten up, any bomb you drop there would only increase land value due to the increase of resources, whatever you might want to bomb is worth less than the bomb you drop on it.
And staying in virtual land... now, what virtual targets of NC do exist, anyway?
Re: (Score:2)
Could I just hate you for being a bully?
Re:Counter attack (Score:5, Funny)
Do you seriously think that North Korea has any significant systems exposed on public networks?
You could probably deface their Wikipedia entry, though. Go hog wild.
Parent
Re: (Score:2)
That's BS.
The best defense is invisibility to the possible attacker.
>We have far more advanced technology...
*COUGH*
Did you notice, you are being pounded by your own technology?
Like in BSG, the least 'advanced' battleship survived the first attack.
Re: (Score:2)
Re: (Score:2)
Of course we could just blame Michael Jackon's funeral for the internet meltdown.
Re: (Score:2)
Re:Intensifying the conflict much? (Score:5, Interesting)
You're right. The real enemy here is Microsoft! If we stopped Windows, we would stop the attacks. I think we should send the military to liberate Redmond.
Parent
Re: (Score:2, Insightful)
"Cyberwar" is a minor inconvenience, unless they DoS GPS and Satellite communications.
It's propaganda, PsyOp distraction from things that matter. If a bunch of government shovelware is unavailable for a few hours, really the folks who benefit are you and me. And the folks who thrive on theses "scares" by setting "Threat Levels".
You want to know what you should REALLY be worried about? Stuff like this:
http://colonelsabow.com/home.html [colonelsabow.com]
Re: (Score:2)
I don't think anyone should be attacked for being a suspect, it doesn't seem fair.
Why not. It worked when we "suspected" Iraq of having WMDs?
Re: (Score:2)
The petrol in my garage is for my mower and my motorcycle. If someone uses it for another use by breaking into my garage and stealing it, that's their problem.
Yes, you can report it stolen, but don't expect an insurance payout.
Re: (Score:3, Interesting)
So, normally I would agree with you hands down, however, I think the issue is that many people are unaware that their computers are being used for malicious purposes.
Case in point: recently I visited a friend of mine to take a look at his computer. He was complaining it was running slow. A quick check showed multiple viruses on his machine. I asked him how long it had been that way, and his response was, "a few months".
The thing is, by far and large a significant portion of the population is more than li
Re: (Score:3, Insightful)
Yes you can say the car was stolen. There are parts of the country that don't lock their doors and leave keys in there ignition. Thats a good thing, it says people are relatively honest in those parts. Should you suddenly be an accomplis a theft if someone steals your car. I think not unless you hand them the key and say steal it. And no leaving your keys in the ignition is Not handing to them, its showing some amount of trust. That justification is a spin done by theives to justify their actions. Well they
Re: (Score:3, Informative)
> As you have so insightfully put it "How much connectivity does NK have?"
That's irrelevant. The bots are not in North Korea and the goverment behind the attack could communicate with the controllers (who could be anywhwere) via short-wave radio. The attacker may not even have created the botnet: they may have purchased it on the open market.
I agree that there is no direct evidence of North Korean involvement, though.