Realize that he first wrote about the raw sockets in 2001. Back then most people were NOT behind NATs or firewalls. Most users didn't even know what they were and their only experience was hooking their computer up directly to the net using a modem. Now, they are doing the same process but using an always on broadband connection.
Couple that with the ease of hacking and taking control of windows PCs and the ability to create raw sockets and you have a potential nightmare. Have you forgotten about the massive worm attacks that partially crippled parts of the net a few years ago? And yes, getting massive zombie swarms to use in an attack is much easier but IP spoofing is still a huge advantage. If I am getting attacked from a set of machines, I can just tell my ISP or firewall to filter out packets from those specific addresses. Attack over. But if each of those zombies is spoofing a random IP address and keeps changing it every few seconds, now I can't filter the attack as easily. And did you even read the section about spoofing the addresses of the hub routers? That was the second attack that hit him, using spoofed packets. Sure, the doomsday scenario he predicted didn't come totally true. Why? Because there is no incentive. Instead of evolving towards malicious destruction of the net, the hacker community has evolved towards MAKING MONEY. Nowadays, all the exploits, hacks, and attacks you see are mainly aimed towards getting code installed for the purpose of delivering adware, spyware, or malware. There is still some DDoS attacks that are done for profit or ransom, but there is a whole lot more money to be made in the other rackets. And I really believe that is why Gibson's prediction of mass DDoS attacks never came true. Of course his predictions about spyware and the such DID come true. Shields Up isn't the best program out right now, but a few years ago it was the ONLY program and it was pretty damn good for its time. Once again the market evolved and now there are tons of companies making anti-spyware, malware, and adware products. All of them are building on the original concept and work that Gibson did. I am willing to overlook Gibson's flair for the dramatic, the occasional pimping of his products, and him being wrong on a few details. Name one site on the net that doesn't do those things. And most of his products he doesn't charge for - like the software he wrote to detect the WMF bug. I still find his dissection of internet and computer security issues very interesting and very useful. -- Brian
