----- Original Message ----
From: Bob La Quey <[EMAIL PROTECTED]>
To: Main Discussion List for KPLUG <[email protected]>
Sent: Monday, November 26, 2007 12:08:45 AM
Subject: Re: China has the largest (DoS) Denial of service capability....!
On Nov 25, 2007 9:54 PM, Randall Shimizu
<[EMAIL PROTECTED]> wrote:
----- Original Message ----
From: Paul G. Allen <[EMAIL PROTECTED]>
To: Main Discussion List for KPLUG <[email protected]>
Sent: Sunday, November 25, 2007 8:12:31 PM
Subject: Re: China has the largest (DoS) Denial of service
capability....!
Andrew Lentvorski wrote:
Compared to the zillions of zombified Windows machines, I doubt
China is
that impressive.
Maybe China is counting on all those Windows machines.
Only an idiot would not. I do not think the Chinese are idiots.
In addition, all of China's traffic gets throttled through a small
number of optic links, IIRC.
Simply pulling the plug on those links stops anything China wants
to
do.
Easier said than done. Not to mention, once an attack has started,
pulling the plug after the fact could do nothing to solve stop it See
below.)
Yep. The corollary is that China's widely heralded firewall is leaky
as hell. All those factory managers and the colonels that "controll"
them in South China want ther porn. They have a gazillion ways to get
net from the world. I do not expect the Chinese firewall to work any
better than the Great Wall did. See
Far from it being unbreachable, Chinese emperors relied on the wall
only as a last resort to fend off their enemies. (The Ming dynasty,
for instance, found it useless against the victorious Manchus, who
merely bribed the gatekeepers to let them in.)
http://www.amazon.com/Great-Wall-China-Against-World/dp/0802118143
When one has Sex versus Facism I will bet on Sex. And bribery, its
constant companion.
This is not true for the zombies that already exist in our own
country.
How many of those zombies are (or can be) controlled by the Chinese?
How would we know one way or another? What would it take for the
Chinese to set the zombies off?
Yes, China has cyber-warfare as one of its goals--*as does our
military*.
China's military is probably ahead, but it's hard to tell how
their hacking skills compare with the skills that exist in the US today. I
can certainly see however that a organized force could be more
effective.
China is a lot farther along than we are.
Would you care to support that statement? Even a few
factual references of almost any kind would be appreciated.
I do _not_ consider PGA's assertions facts.
And, if our military *doesn't* have cyber-warfare as one of its
goals,
then our military is pathetically stupid.
One problem is that that military's cyber warfare is not
coordinated
among the Navy, Army and Air Force. It's hard to see why the
military
is still using Windows on their critical systems. The militiary
however
is putting a lot of effort into securing their systems. The
military
has a set of guides called the STIG's (standard implementation
guidelines).
The US military's advantage is experience. The US military has decades of
computing experience. China's advantage is that they are highly focused on
cyber warfare and so are we. So therefore the degree of focus and resource
allocation is the key. One study noted that China is will align all it's
resources when it wants to achieve a goal. The other factor is number of new
engineers it can throw at cyber warfare.
The budget of any one of those branches is larger than most
of the world's military budget's put together. So the fact
that we have multiple competing strategies could be viewed
as an advantage.
Here BTW is a reference to Security Technical Implementation Guides
http://iase.disa.mil/stigs/stig/index.html
Disclaimer: I do _not_ have a clue what is in these documents.
Having worked extensively with the military (Navy, Marines, and
Army),
I can attest to the fact that they are indeed stupid. They are very
limited in their training as it seems focused on purely military
goals
and systems. Not to mention that the people making the decisions as
to
what technology is used have purely political aims in mind. Their
most
important systems use insecure Windows operating systems and
networks.
They are way behind the curve when it comes to computer and network
security. There are thousands of computers on military bases with
access to military networks that could easily be used in DDoS
attacks.
While I agree that the military is not dominated by brilliance
I would point out that _you_ are missing one hell of an opportunity
to cash in on this ignorance. Write me privately for how.
If I were wanting to effect such an attack on an enemy country, I
would
use that countries own weaknesses against them (as I would do as part
of
any military strategy). In this case, one large weakness are the
millions of Windows computers in the country and the thousands of
corporate Windows networks. All those zombied machines, all those
systems waiting for my bots to take control and effect a DDoS (or
other
cyber warfare).
Agreed. Still, this is hardly a new insight. Sun Tzu understood this
thousands of years ago.
Now as a Linux user, I don't have to worry about my systems or
networks
being compromised and being a part of a DDoS by anyone. Not that a
Linux system can't be compromised, but it's not as trivial as it is
with
Windows.
Again agreed.
What is remiss in all of this is a fundamental assumption. You seem
to think that the purpose of the DOD and the entire military-industrial
complex that controls the DOD is to "defend America." I suggest that
is _not_ the case.
The purpose is to defend the profits of a number of large players in
this game. The players are transnational. They will and do sell weapons
of all kinds to all comers. They _do_ have some inhibitions about
nuclear weapons. Why? Because nukes are _so_ destabilizing.
The defense of a declining nation state is far less important than
the positioning of the corporation to take advantage of the emerging
world order which will likely be far different than the American
hegemony that has characterized the last sixty years since WWII.
This is worth a read
http://en.wikipedia.org/wiki/Hegemony
BobLQ "Born skeptical, I cannot help but question assumptions."
