begin quoting Paul G. Allen as of Sun, Nov 25, 2007 at 08:12:31PM -0800: > Andrew Lentvorski wrote: > > > > >Compared to the zillions of zombified Windows machines, I doubt China is > >that impressive. > > Maybe China is counting on all those Windows machines. > > > > >In addition, all of China's traffic gets throttled through a small > >number of optic links, IIRC. > > > >Simply pulling the plug on those links stops anything China wants to do. > > Easier said than done. Not to mention, once an attack has started, > pulling the plug after the fact could do nothing to solve stop it See > below.) > > > > >This is not true for the zombies that already exist in our own country. > > How many of those zombies are (or can be) controlled by the Chinese? How > would we know one way or another? What would it take for the Chinese to > set the zombies off? > > > > >Yes, China has cyber-warfare as one of its goals--*as does our military*. > > China is a lot farther along than we are. > > > > >And, if our military *doesn't* have cyber-warfare as one of its goals, > >then our military is pathetically stupid. > > > > Having worked extensively with the military (Navy, Marines, and Army), I > can attest to the fact that they are indeed stupid. They are very > limited in their training as it seems focused on purely military goals > and systems. Not to mention that the people making the decisions as to > what technology is used have purely political aims in mind. Their most
Thus, the heavy investment into MSWindows machines.... > important systems use insecure Windows operating systems and networks. Sometimes. Sometimes not. The troublesome thing is that the non-MSWindows machines are being aggressively phased out, and any security-related decision has been weakened, watered down, or exempted due to the complaints of the users, EXCEPT the migration to more-and-more MSWindows-centric systems. > They are way behind the curve when it comes to computer and network > security. There are thousands of computers on military bases with access > to military networks that could easily be used in DDoS attacks. Well, there's what they *say*, which isn't all bad, and then there's what they *do*. Awhile back, they sent out a "notice of mandatory online training" via email. The email stressed the importance of taking this 'online training', and recounted a few horror stories about divisions that hadn't give this training due consideration, and were subsequently Blocked From The Internet. The sender didn't delegate to the managers -- they bulk-emailed huge numbers of people. The managers were just as suprised as everyone else. Nobody knew the sender, or knew where the sender was in anyone's chain of command. The email was unsigned. I promptly deleted it. Unsigned security-related email? Can't be. Most people dutifully followed the link and sat thru a two-hour long interactive flash animation "training" them in network and email security. They learned that unsigned security-related emails Did Not Happen, and should be deleted at once. Naturally, my email account was locked, and my Internet access blocked. Why? Because I "did not take the mandatory training", of course. (Oh, and the training sucked. Not in content -- only a few errors, and a bunch of viewpoint-related stuff that is arguably opinion -- but the presentation was *terrible*.) > If I were wanting to effect such an attack on an enemy country, I would > use that countries own weaknesses against them (as I would do as part of > any military strategy). In this case, one large weakness are the > millions of Windows computers in the country and the thousands of > corporate Windows networks. All those zombied machines, all those > systems waiting for my bots to take control and effect a DDoS (or other > cyber warfare). Hel-lo Storm worm! > Now as a Linux user, I don't have to worry about my systems or networks > being compromised and being a part of a DDoS by anyone. Not that a Linux > system can't be compromised, but it's not as trivial as it is with Windows. Maybe. I think it's more a matter of (a) the number of un-locked-down linux machines is by far smaller than the number of un-locked-down MSWindows machines, and (b) when you see your switch and broadband blinkenlights flashing furiously in the night, you'll investigate to see why. Linux, as a desirable fruit, is neither juicy nor plentiful. -- Offer a reward for breaking .gov and .mil machines, and hire the crackers. Stewart Stremler -- KPLUG-List@kernel-panic.org http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
