Behind Cyberwar FUD 98
Nicola Hahn writes "The inevitable occurred this week as The Economist broached the topic of cyberwar with a couple of articles in its July 3rd issue. The first article concludes that 'countries should agree on more modest accords, or even just informal "rules of the road" that would raise the political cost of cyber-attacks.' It also makes vague references to 'greater co-operation between governments and the private sector.' When attribution is a lost cause (and it is), international treaties are meaningless because there's no way to determine if a participant has broken them. The second recommendation is even more alarming because it's using a loaded phrase that, in the past couple of years, has been wielded by those who advocate Orwellian solutions. The other article is a morass of conflicting messages. It presumes to focus on cyberwar, yet the bulk of the material deals with cybercrime and run-of-the-mill espionage. Then there's also the standard ploy of hypothetical scenarios: depicting how we might be attacked and what the potential outcome of these attacks could be. The author concludes with the ominous warning that terrorists 'prefer the gory theatre of suicide-bombings to the anonymity of computer sabotage — for now.' What's truly disturbing is that The Economist never goes beyond a superficial analysis of the topic to examine what's driving all of the fear, uncertainty, and doubt (PDF), a subject dealt with in this Lockdown 2010 white paper."
Re:EVERY media outlet. (Score:2, Informative)
Re:EVERY media outlet. (Score:2, Informative)
They use those DC-10 looking spaceships right?
Re:So you are taking Economist seriously. (Score:5, Informative)
Economist is a private interest mouthpiece that serves whatever their financiers tell them to do, depending on what their backers need as policy at any given period. Judging from the contents of your summary, one can easily say that this time the group they are licking the boots of is RIAA.
The Economist has been around since 1843.
It is anchored in a classically liberal and centrist tradition - and has never been particularly well-known for boot-licking.
Too often when visiting here I find evidence that the eternally adolescent geek simply can't accept that there can be a principled opposition to his own set beliefs.
Re:So you are taking Economist seriously. (Score:5, Informative)
The Economist is the world's best weekly newspaper. If you read what they say about the RIAA [economist.com], including the first article which mentions how the RIAA's agressive tactics aren't working and are a lesson to other industries on what _not_ to do, you'd know that the Economist takes a moderate view on intellectual property.
In particular, they often report on academic research showing that IP laws are too strong. For instance, this article [economist.com] (subscription required) called "Killing Creativity" is about how overly strong IP laws can smother innovation.
Re:"Turn off our electricity" (Score:5, Informative)
The logical conclusion should be, "disconnect security sensitive systems from the Internet, go back to the older ways of managing those systems and design more secure networks for those systems."
The reason that some people give 'cyberwar' more thought than that is that it's not as simple as you make it out to be. I'm a coauthor on a DOE sponsored paper (under security review, so no citation for now) that covers some more subtle aspects of the problem. The electrical grid can be attacked by compromising the control system if that system is internet connected, true. However, if a significant proportion of the electrical load for any one generator can be controlled via the internet, then that generator can be attacked via the internet without requiring any direct internet contact. Case in point, X10, Google, Microsoft, and many other companies are currently looking into home automation and controlling the home's electrical system via the computer. So, what happens the next time there's a runaway MS worm, but instead of just sending spam it gives control of the home automation system to the attacker? Simply by turning the power off in enough houses in an area, an attacker could actually cause physical damage to the power plant.
That's why we can't just dismiss the problem as "unhook the power plants from the internet." In a world that's increasingly hooked to the internet, we can't afford to overlook how the internet-connected components can possibly have an effect on the non-connected components.
Fox news and the right to lie. (Score:3, Informative)
http://en.wikipedia.org/wiki/Jane_Akre [wikipedia.org]
What other "news" organization would go to court to defend their right to lie in a "news" story?
If you tell the viewers what the viewers want to hear (regardless of any factual basis) then you will attract a lot of viewers.
Re:Youre not sure about that ? (Score:1, Informative)
If it gets busted, it can be "liquidated" (cut up). The bad pieces - the debt - can then be bundled separately and shiped off to international central-banks' debts, to be paid off by the people.
Meanwhile, the "good" parts are re-bundled, bought up (with emergency, government-backed loans) and integrated into som lesser company (or agglomeration tereof). Which then becomes "BP" again, with another name, swallowed up from the inside. The same names, however, will crop up in the new boardrooms, and as investors, shareholders, etc. It's sort of an economic "Alien's" game. facehuggers and all.
Northeast Regional Power Outages 1965-2010 (Score:3, Informative)
We've even had the East Coast power grid, which includes part of the midwest and Canada fall down, allegedly related to some idiot using Microsoft products in mission critical situations.
1965 Nov 9 Northeast Blackout [wikipedia.org] Cascading series of transmission line overloads traced to safety relay at Niagara's Adam Beck station. (human error)
1977 July 13 New York City Blackout of 1977 [wikipedia.org] (Lightning strikes take out four transmission lines)
1998 January (ice storms)
1999 July 5 (Boundary Waters-Canadian Derecho)
2003 August 14 Northeast Blackout of 2003 [wikipedia.org]
In February 2004, the U.S.-Canada Power System Outage Task Force released their final report, placing the main cause of the blackout on FirstEnergy Corporation's failure to trim trees in part of its Ohio service area. The report states that a generating plant in Eastlake, Ohio (a suburb of Cleveland) went offline amid high electrical demand, putting a strain on high-voltage power lines (located in a distant rural setting) which later went out of service when they came in contact with "overgrown trees". The cascading effect that resulted ultimately forced the shutdown of more than 100 power plants.
Computer failure
A software bug known as a race condition existed in General Electric Energy's Unix-based XA/21 energy management system. Once triggered, the bug stalled FirstEnergy's control room alarm system for over an hour. System operators were unaware of the malfunction; the failure deprived them of both audio and visual alerts for important changes in system state. After the alarm system failure, unprocessed events queued up and the primary server failed within 30 minutes. Then all applications (including the stalled alarm system) were automatically transferred to the backup server, which itself failed at 14:54. The server failures slowed the screen refresh rate of the operators' computer consoles from 1-3 seconds to 59 seconds per screen. The lack of alarms led operators to dismiss a call from American Electric Power about the tripping and reclosure of a 345 kV shared line in northeast Ohio. Technical support informed control room personnel of the alarm system failure at 15:42.
2003 Sept 29 (Hurricane Isabel)
2005 Dec 19 (ice storms)
2006 July 17-18 (severe thunderstorms)
2006 Oct 12 "October Surprise" (lake-effect snow storm, Buffalo, NY)
List of notable wide-scale power outages [wikipedia.org]
Not one of the - world's great - power outages on the Wikipedia's list is linked in any way to Microsoft or Windows.
On Tuesday, FAA officials had insisted that the more than three-hour system shutdown posed no safety risks. But they acknowledged Wednesday that they were investigating five incidents in which planes lost the required separation distance during the first 15 minutes of the communications breakdown.
In two cases, large airliners -- a UPS cargo plane and a Northwest Airlines flight bound for Southern California airports -- came much closer to small corporate jets than federal guidelines allow, requiring at least one pilot to take corrective action. FAA officials repeated Wednesday that they did not believe lives were ever at risk.
The agency's radio system in Palmdale shut itself down Tuesday afternoon because a technician failed to reset an internal clock -- a routine maintenance procedure required every 30 days by the FAA. Then a backup system failed, also as a result of technician error, officials said.
The radar system in Palmdale, contrary to what some FAA and union officials had said Tuesday, did not shut down.
FAA officials said they had known for more than a year that a software glitch could shut down radio communications and were in the process of fixing it. In the m