TidBITS#695/01-Sep-03
=====================
Is the Internet susceptible to terrorist attack? We talk to an
expert about Internet vulnerabilities and strengths. In lighter
news, we're happy to announce the rebirth of DealBITS, starting
with a Tom Bihn bag giveaway! Also in this issue, Macworld
Expo heads back to Boston (without Apple), Bare Bones releases
Mailsmith 2.0.1, Virtual PC 6.1 becomes part of Office X despite
not working on the Power Mac G5, and Adam is interviewed on
The User Group Report.
Topics:
MailBITS/01-Sep-03
Trying New Revenue Sources
DealBITS Drawing: Tom Bihn Laptop Bags
The Vulnerability of the Internet to Terrorists
Hot Topics in TidBITS Talk/01-Sep-03
<http://www.tidbits.com/tb-issues/TidBITS-695.html>
<ftp://ftp.tidbits.com/issues/2003/TidBITS#695_01-Sep-03.etx>
Copyright 2003 TidBITS Electronic Publishing. All rights reserved.
Information: <[EMAIL PROTECTED]> Comments: <[EMAIL PROTECTED]>
---------------------------------------------------------------
This issue of TidBITS sponsored in part by:
* Make friends and influence people by sponsoring TidBITS!
Put your company and products in front of tens of thousands of
savvy, committed Macintosh users who actually buy stuff.
For more information and rates, email <[EMAIL PROTECTED]>.
* READERS LIKE YOU! Help keep TidBITS great via our voluntary <------ NEW!
contribution program. Special thanks this week to David Illig,
Emko Witteveen, and Michael House for their generous support!
<http://www.tidbits.com/about/support/contributors.html>
* SMALL DOG ELECTRONICS: Great Deals on PowerBooks!
PowerBook G4/1 GHz 17in w/SuperDrive Only $3049! PB G4/867 with
SuperDrive Only $1645! PB G4/867 with Combo Drive Only $1479!
Visit: <http://www.smalldog.com/tb/> 802-496-7171
* SIX DEGREES puts your email back to work for you. It eliminates <-- NEW!
the need to refile email or search for that elusive message.
Your email isn't going away, so you may as well put it to work.
========> <http://www.creo.com/sixdegrees/index.asp?id=tidbits>
* MAC OS X DISASTER RELIEF: When we're trying to troubleshoot Mac <-- NEW!
OS X, we turn to Ted Landau's 660 pages of techniques, tips,
and ways of diagnosing crashes, freezes, and wacky behavior.
30% OFF/FREE SHIPPING! <http://www.tidbits.com/tbp/osxdr.html>
* Get Started with Adam's 10 Quick Steps Guides! PDF or MP3: $9.99 <- NEW!
Avoid Spam and Junk Email! <http://www.10quicksteps.com/spam/>
Make a Wi-Fi Connection Now <http://www.10quicksteps.com/wifi/>
---------------------------------------------------------------
MailBITS/01-Sep-03
------------------
**Adam Interviewed on The User Group Report** -- Tune in (via
streamed QuickTime or downloadable MP3) to the most recent edition
of The User Group Report to listen to host Chuck Joiner, who also
serves as the chairman of the Apple User Group Advisory Board,
interview me about the history of TidBITS, our involvement with
user groups, how we encourage user group publications to reprint
articles from TidBITS, and more. [ACE]
<http://www.mugcenter.com/usergroupreport/2003/313.html>
**Macworld Expo 2004 Set for Boston** -- Boston has certainly seen
its share of conflicts (see "American Revolution, The"), but for
today's Macintosh users the city remains the focus of a tug-of-war
between Apple Computer and Macworld Expo organizer IDG World Expo
(see "Apple, IDG World Expo Play Hardball Over Macworld Expo" in
TidBITS-652_). Last week, IDG World Expo announced that the East
Coast 2004 event will definitely be held in Boston instead of New
York City, from 12-Jul-04 through 15-Jul-04. Shortly after the
announcement, Apple issued a statement to MacCentral reiterating
that it will not participate in a Boston show.
<http://www.macworldexpo.com/>
<http://db.tidbits.com/getbits.acgi?tbart=06966>
<http://maccentral.macworld.com/news/2003/08/29/macworldboston/>
As with this year's New York Macworld Expo, which saw drops in the
numbers of vendors and attendees, it will be interesting to see if
an East Coast expo can survive (see "Macworld Expo New York 2003:
Highly Concentrated" in TidBITS-689_). Of course, the Boston event
is still eleven months away, so it's possible that Apple may
convince IDG World Expo to head back to New York, as it did after
a Boston show was announced in 1999 (see "Follow the Bouncing
Expo" in TidBITS-468_). It's even conceivable that IDG World Expo
would dangle sufficient enticements to convince Apple to attend.
In the meantime, we're looking ahead to the less-contentious
Macworld Expo 2004 in San Francisco, 05-Jan-04 through 09-Jan-04.
[JLC]
<http://db.tidbits.com/getbits.acgi?tbart=07279>
<http://db.tidbits.com/getbits.acgi?tbart=05290>
**Mailsmith 2.0.1 Adds Secure SSL** -- Bare Bones Software has
released Mailsmith 2.0.1, an update to its powerful email client
(see Matt Neuburg's "True Confessions of a Mailsmith Switcher" in
TidBITS-690_). At the top of the list of changes is support for
checking and sending email using secure (SSL) connections to POP
and SMTP servers. Also new in this version is the capability to
perform tests against group memberships in Apple's Address Book
application, more terms for use in Mailsmith's advanced filters
(see our series on Mailsmith distributed filtering), and a number
of tweaks and bug fixes. Mailsmith 2.0.1 also now includes a copy
of Michael Tsai's SpamSieve (see "Tools We Use: SpamSieve" in
TidBITS-667_). Mailsmith 2.0.1 is a 13 MB download, requires Mac
OS X 10.1.5 or later, and is free for owners of Mailsmith 1.5
and later. [JLC]
<http://www.barebones.com/products/mailsmith/>
<http://db.tidbits.com/getbits.acgi?tbart=07289>
<http://db.tidbits.com/getbits.acgi?tbser=1227>
<http://db.tidbits.com/getbits.acgi?tbart=07076>
**Virtual PC Resurfaces in New Office, with a Catch** -- Microsoft
last month revamped its Office X lineup, adding the recently
acquired Virtual PC to a new professional configuration. Office X
Standard Edition, which includes Word, Excel, PowerPoint, and
Entourage, drops to $400 (or $240 for those upgrading from Office
98 or Office 2002). A comparable $150 Student and Teacher Edition
allows licensed installation on up to three computers. The Office
X Professional Edition adds Virtual PC 6.1 for Mac, with Windows
XP Professional pre-installed, and costs $500, roughly $100 off
what the products would have cost separately before. Microsoft
says Virtual PC 6.1 adds no new functionality and is just a
rebranding of the 6.0.2 version released by Connectix. An upgrade
to Virtual PC 6.1 from earlier versions costs $100. Virtual PC
is also available as a $150 stand-alone product; for $220 it
includes Windows XP Home, and for $250 it comes bundled with
Windows XP Pro.
<http://www.microsoft.com/mac/products/virtualpc/virtualpc.aspx>
Unfortunately, these changes come with news that Virtual PC 6.1
for Mac will not work on Apple's new Power Mac G5. Unlike the
PowerPC G3 and G4 chips, the PowerPC G5 processor does not support
a feature known as pseudo little-endian mode, which Virtual PC
uses to emulate a Pentium processor. Microsoft is reportedly
working on a fix, but it requires significant engineering work,
and no time frame has been given. [MHA]
<http://maccentral.macworld.com/news/2003/08/27/virtualpc/>
Trying New Revenue Sources
--------------------------
by Adam C. Engst <[EMAIL PROTECTED]>
As I'm sure you've realized over the last year or two, the slow
economy has affected almost everyone, including TidBITS, since
our primary source of income is our corporate sponsorship program.
We've seen MacFixIt move to a subscription model, and Ric Ford
of MacInTouch recently wrote about his site's difficulties and
announced that he would be taking donations along the lines of
our contribution program.
<http://www.tidbits.com/about/support.html>
<http://www.macintouch.com/future.html>
Contributions from readers have proven extremely welcome in
softening the financial blow for us, and a bit of a rebound for
the sponsorship program might be coming in the final quarter of
2003, but in the meantime, we've decided to broaden our revenue
sources. Here's what we're doing, and I hope you'll find these
changes sufficiently interesting to help make them successful
ways of keeping TidBITS solvent.
<http://www.tidbits.com/about/support/contributors.html>
**DealBITS Drawings** -- Many years ago and for a relatively short
time, we published another newsletter called DealBITS, whose goal
was to attract and publish product discounts for readers, with
companies paying to be included. It wasn't a huge success, in
part because it came too early, and companies hadn't realized
the utility of the Internet for raising awareness and increasing
sales with limited-time discount offers.
Now we're reviving the DealBITS name and aspects of the concept,
though not as a separate newsletter. The end goal remains the
same - to attract discounts for TidBITS readers while raising some
money for TidBITS, with the added bonus that the company providing
the discount will also donate a prize to be awarded randomly to
one of you. To be eligible to win the prize, you will need to
sign up (no purchase necessary, yada yada yada) on a Web form
and explicitly agree to the rules. At the end of the week, we'll
pick a random name from the entries to win the prize; everyone
else who entered will receive the discount code. We'll notify
all entrants and publish the name of the winner in the next
issue of TidBITS (that's an important requirement of the laws
surrounding these sort of drawings).
We've discussed this project a bit on TidBITS Talk, and here are
a few answers to the common questions:
* We must collect email addresses to be able to notify the winner.
However, all personal information is covered by the TidBITS
Privacy Policy and will not be shared with the company providing
the prize or any other company. That said, we must publish the
name of the winner, and we will share the name and email address
of the winner with the company donating the prize for fulfillment
purposes.
<http://www.tidbits.com/about/privacy.html>
* Although we can't be responsible for any wacky local laws that
may make you ineligible, international readers are welcome to
enter unless we specifically note otherwise. The lawyer says
you must be over 18, though.
* Shipping costs shouldn't be an issue because we anticipate
either the prize being a registration code to a downloadable
product or the sponsor bearing the costs, even to international
addresses. The winner will be responsible for any taxes, fees,
or duties.
<http://db.tidbits.com/getbits.acgi?tlkthrd=2008>
Our first DealBITS drawing appears in this issue; future
drawings will occur as we find companies that are interested
in participating. Any company that wants to learn more about
what's involved should send me email at <[EMAIL PROTECTED]>.
So take a look, and for those of you who don't always get around
to reading TidBITS right away, remember that DealBITS drawings
are active only for the week following the issue in which they're
announced. You snooze, you lose.
**Spotlight on Peachpit Books** -- With the trend toward fewer and
slimmer manuals that I identified more than five years ago in
"The Death of Documentation" in TidBITS-428_ continuing unabated,
technical books have become ever more important sources of tested,
organized, and well-presented information. There are times I've
struggled in vain to search the Web for the solution to some
problem, only to find it quickly in a book on my shelf.
<http://db.tidbits.com/getbits.acgi?tbart=04865>
So we're starting a partnership with our friends at Peachpit Press
to spotlight one book a week in the sponsorship area at the top
of each issue. These are recent books we find the most interesting
or useful, and the ones we think you'll want to know about.
They'll all be 30 percent off the cover price, and InformIT
(the fulfillment arm of Peachpit's parent company) offers free
UPS Ground shipping within the U.S., making the overall price
cheaper than most online sources. The only downside is that
their international shipping is usuriously expensive, so we
recommend international readers investigate other methods.
It remains to be seen how helpful this program will be to our
bottom line, since our experience is that affiliate programs
seldom generate significant income. My hope this time is that
by recommending a different book each week, it will prove
sufficiently popular with TidBITS readers to be financially
worthwhile.
**Google AdSense** -- One of the major problems that anyone who
attempts to fund a business via advertising quickly discovers
is that attracting advertisers is extremely difficult. Ad sales
is a specialized field that few people do well. So, what if there
was a service that would go out and find appropriate ads for you?
As you've no doubt realized by now, the search engine company
Google earns money by selling keyword-based ads that appear when
you perform searches - the AdWords program. Since the ads are
(at least theoretically) targeted to match your search, they're
more relevant and thus more successful than standard banner ads.
Google has done a good job of making it easy for businesses to
promote themselves by buying these ads via a process of bidding
to pay a certain amount for each click-through. The higher an
advertiser bids, the higher in the listing their ad appears.
<https://adwords.google.com/>
Google is now making it possible for almost any Web site to
display these appropriately targeted keyword ads via the AdSense
program. Basically, all you, as a site owner, have to do is sign
up with Google and then put a small bit of JavaScript in eligible
pages on your site. Google then compares the text on those pages
with its search database and returns two or four ads to display.
When visitors click the Google ad links, the site owner earns
some money for the click-through.
<https://www.google.com/adsense/>
We've redesigned our home page to make room for the Google ads,
and we're testing to see if our traffic and click-through rates
will make it worthwhile to add the Google ads elsewhere on our
site. Anecdotal reports from friends indicate that sites with a
lot of traffic can generate tidy sums of money. I'm not positive
that our site meets the ideal profile, but it's an easy test, and
remember, every time you click one of those ads, TidBITS earns
some money, somewhere between 3 and 65 cents to judge from what
we've seen in testing.
**Try 'Em Out!** All of these efforts are quite new for us, so be
sure to let us know what you think in TidBITS Talk. Here's hoping
they work out, both in terms of providing useful services for you
and helping keep TidBITS in the black.
DealBITS Drawing: Tom Bihn Laptop Bags
--------------------------------------
by Adam C. Engst <[EMAIL PROTECTED]>
Want your PowerBook or iBook to have a well-padded home to
protect it from the cruel outside world? It's worth checking out
the laptop bags, backpacks, and briefcases from Tom Bihn, a maker
of high-quality bags in the Pacific Northwest. (If you're in
downtown Seattle, be sure to check out the first Tom Bihn retail
store, located at 609 Second Avenue near Pioneer Square.) Tom Bihn
himself has been designing bags for over 30 years, and
manufacturing and selling them for over 20 years.
<http://www.tombihn.com/>
In this week's DealBITS drawing, you can enter to win a Tom Bihn
Brain Bag, worth $130, and your choice of either a Monolith ($40)
or Brain Cell ($50) laptop protector. Along with the one lucky
winner, entrants will receive discounts on any Tom Bihn products
when we announce the winner, so you have everything to gain by
entering at the DealBITS page linked below. Be sure to read and
agree to the drawing rules on that page, and rest assured that
all information gathered is covered by our comprehensive privacy
policy.
<http://www.tidbits.com/dealbits/tom-bihn.html>
<http://www.tidbits.com/about/privacy.html>
We'll announce the winner in next week's issue of TidBITS,
and we'll also notify everyone who enters individually.
The Vulnerability of the Internet to Terrorists
-----------------------------------------------
by Adam C. Engst <[EMAIL PROTECTED]>
With terror alert color codes coming and going, and the constant
presence in the news of both terrorist activities and anti-
terrorist efforts, it's hard not to wonder what the vulnerability
of the Internet might be to terrorists. To answer that question,
I turned to Chuck Goolsbee, Vice President of Technical Operations
at the large Web hosting and server colocation firm digital.forest
(where the servers that maintain much of our Internet presence
have lived for years). Founded in 1994, digital.forest has all
the large-scale data center amenities - redundant fiber, multiple
backbone connections, redundant power, secure facility, and so
on - but with the advantages of a small-scale ISP - friendly,
knowledgeable tech support who understand multiple platforms,
personal service, reasonable pricing, and more. digital.forest
also is the oldest and largest Mac-savvy hosting and colocation
facility, housing many well-known Macintosh Internet sites. And
as vice president of technical operations, Chuck pays a lot of
attention to anything that could cause interruptions in
digital.forest's service.
<http://www.forest.net/>
* Adam: Chuck, is there any way terrorists could physically attack
the Internet?
Chuck: In terms of physical locations go, there are so many places
that "are" the Internet that attacking one, or even several at
once, would have negligible overall affect to the entire network.
My point here is that unlike 20 years ago, the Internet is no
longer a bunch of interconnected wires. It is in many ways,
everywhere.
That said, there are a handful of places where too much stuff
is concentrated in one physical location. An inhabitant of the
network operations lists I subscribe to, Sean Gorman, has written
his dissertation documenting the Internet and other infrastructure
items in the U.S. It represents the first ever complete "physical
map" of much of the Internet, and now has been deemed a "security
risk" by some government people who fear exactly what your
question asks about. They see Sean's dissertation as a guide
for attacking the Internet.
<http://www.washingtonpost.com/wp-dyn/articles/A23689-2003Jul7.html>
The irony here is that everything Sean used to make his map is
public information. Some of these places are even geek tourist
spots! I'll admit that I have visited a few locations where
transoceanic cables make landfall, and yes, my wife thought I
was nuts when we drove out to Land's End in the UK to see what
she properly interpreted as a "nondescript concrete box."
But to reiterate, any such physical attacks, even on important
Internet connection points, would be devastating to the companies
directly involved, but the Internet would, as the cliche says,
route around the damage. Even if your packets had to travel three
times the physical distance, they'd still find an interconnect
point that would get them to their final destination.
* Adam: So in the short term, traffic to specific Web sites might
be cut off or at least slowed down by less efficient, but still
functioning, routes?
Chuck: Yes. The Internet is not a single network, it is many
networks, all interconnected, usually at multiple points. The
obvious attack targets are major exchange points where many of
these networks meet. Our local one here in Seattle is a building
downtown called the Westin Building (if I recall correctly, it
is the former headquarters of the Westin hotel chain).
<http://www.westinbuilding.com/>
Virtually every major Internet provider has some or all of their
Pacific Northwest presence there. It makes economic sense to
"meet" in a single location, but if you are thinking in defensive
terms, it is a weakness. Through some luck and a little planning,
only half of digital.forest's upstream bandwidth comes directly
through that building (via a Gigabit Ethernet connection); the
other half comes in via an OC-12/SONET ring from Verizon. The
latter originates in Everett, WA, mostly due to our location
northeast of Seattle. So even if the Westin Building were damaged,
we would have connectivity from alternate sources. In larger terms
the whole Internet works like this, with multiple paths to most
destinations. The routing protocols that manage the Internet's
traffic constantly update and change the pathways for data, so
that when a route disappears, alternatives are ready and traffic
still flows. But honestly, I fear a large scale natural disaster,
such as the earthquake that struck Kobe, Japan, more than I do a
terrorist attack.
* Adam: And how long would it take for more-or-less normal
operations to start up again?
Chuck: That would of course depend on the nature and scale of
the incident. Some operations could be up in just hours, and some
could take weeks. A major earthquake could cause widespread damage
that would make rebuilding that much harder. But since we're
talking about terrorist acts, the September 11th events serve as
a good example. The attack in New York caused significant damage
to major telecommunications facilities in lower Manhattan. Some
services were disrupted for a few hours, most were out for a
period of several days, and a few required weeks to replace or
repair fully. The services on which people depend for critical
communications, such as standard dial tone and 911 emergency
services were the first to be restored. Email and Web traffic
were (justifiably) further down the list. In this case, the
impact was highly localized, being confined to an area
immediately surrounding the World Trade Center.
* Adam: It doesn't sound like a physical attack would do much to
the Internet. What about terrorists releasing worms? What effect
might that have?
Chuck: Take two examples, MSBlaster and SoBig.F, which were
targeted at specific weaknesses in Microsoft Windows's RPC and
Outlook, respectively. The damage they caused as they spread was
basically a denial of service (DoS). MSBlaster was easily defeated
by Microsoft as they removed the target of the planned DoS attack.
SoBig.F's ultimate purpose is not yet known. What the press
thought was the attack was really just the spread... the massive
amount of traffic caused as these worms propagated through the
Windows machines connected to the Internet. No specific damage
happened other than to networks that were completely unprepared.
However, if core functionality such as DNS was disrupted in a
serious manner, the damage would be global in scale. Without DNS
the Internet loses its human-readable nature. I may know that
216.168.37.138 is www.forest.net but very few other people do;
DNS does the necessary lookups behind the scenes.
Also, those sorts of worms and viruses usually don't have a
political agenda behind them, beyond pointing out the flaws in
running code. I can't see them meeting the goals of a terrorist
organization - even if the worm displayed some sort of political
message, it would exist only for a relatively short time until
the anti-virus software and firewalls were updated.
* Adam: Let's focus on DNS then. How hard would it be to bring
down DNS?
Chuck: Very difficult, because DNS is a resilient system that was
designed from the start to be massively distributed. Also, one of
the frustrations of dealing with DNS is propagation time, the time
it takes for changes made to DNS to become usable across the whole
Internet. That built-in delay makes attacking the DNS system as
a whole extremely difficult.
* Adam: But as much as DNS is distributed, aren't there root
servers that are more important than any ISP's DNS servers?
Chuck: Yes, DNS does have a weakness in that all DNS servers defer
to a system of root servers that ultimately control which lower-
level DNS servers have authority over which domain names. Last I
checked there are 13 root servers distributed around the world in
obvious high traffic Internet exchange locations. The organization
that oversees their operation has made efforts to secure them by
making their operating systems and DNS software be more diverse,
and therefore less susceptible to attack. They have also built
mirrors and clones of root servers in physically diverse
locations. There have been distributed denial of service attacks
made on the root servers, but to my knowledge these attacks
have usually been stopped before they can do any real damage.
A successful attack on the root servers would be very difficult
to achieve, but significant in its effects.
<http://root-servers.org/>
* Adam: Interesting - running multiple operating systems increases
the overall resiliency of the system, since most attacks are
specific to an operating system or will affect different operating
systems differently.
Chuck: Precisely. The DNS system and others like it are resilient,
but I think that's mostly due to the nature of the people who
operate them. These are, for the most part, smart and resourceful
folks. Systems, when they are virtual in nature, can usually be
reconstructed swiftly when interrupted - there are always multiple
backups. Think about it, even a worst-case scenario: if every DNS
root server were destroyed, they would likely be replaced and
operational within a reasonable amount of time. It might be days,
or even a week or two at most, but that's it.
* Adam: What about denial of service attacks - could terrorists
use them successfully? I remember some a few years ago that caused
significant problems for Yahoo and a few other major Internet
companies for a while. And distributed denial of service attacks
wouldn't require nearly the same level of knowledge as attacking
root servers.
Chuck: Remember that DoS attacks are basically noise - high
volumes of traffic directed at a target to overwhelm it, or its
network connection, thus rendering it unusable or unavailable. It
is relatively easy, trivial even, to bring down even a major site
temporarily with a DoS attack. However they are also difficult to
sustain for long periods of time because network operators (those
smart and resourceful people I mentioned) have built and continue
to maintain loose, but well connected communication networks.
These human networks cooperate to identify and stop DoS attacks.
DoS attacks are ugly and frustrating, and just about all of us who
run networks have experienced them first-hand, so we do our best
to stop them when we can. One of the current worries in the
operational community is that SoBig.F is really designed to
turn infected Windows machines into zombies for carrying out
distributed denial of service attacks (which originate from many
machines all at once and are more difficult to combat that normal
denial of service attacks). But to answer your question: Sure a
terrorist could DoS somebody, but a DoS attack is probably not
the sort of highly visual, news-making media event that terrorists
use. It is devastating to the victim, but invisible to everyone
else.
* Adam: Let's go back to this concept of resilient systems. Is
a highly resilient system thus 100 percent reliable?
Chuck: No, not at all. Internet users have to understand that
the Internet's resiliency stems from its distributed and complex
interconnected nature. These sort of systems are never 100 percent
reliable. They are not designed to be. They _are_ designed to
continue to function while parts are not working. One of my
favorite quotes comes from a network operator named Sean Donelan,
who said, "Murphy's revenge: The more reliable you make a system,
the longer it will take you to figure out what's wrong when it
breaks." It's funny because it's true, resilient systems can
still function even when "broken."
Even the September 11th attacks, which caused the complete
disruption of air travel for a few days, couldn't really stop
air travel completely. The system adapted and continued. Security
screening is more stringent, some airlines and aerospace related
businesses are still feeling the effects, but we consumers can
still fly.
So even if there were some attack that successfully targeted some
core system of the Internet, it could not stop it for very long.
Some companies doing business on the Internet would suffer, and
users would probably be confused and irritated for a while, but
overall the incident would just be that, an incident.
* Adam: But many people have become accustomed to the Internet
just working all the time.
Chuck: Indeed. I work in the uptime business. I know that our
clients fully expect 24/7 uptime so their Web sites and email
servers are always online. We had an outage in March of 2003 that
lasted 55 minutes. It was the most agonizing 55 minutes of my
life, and many of our clients were furious about it. It was the
first serious unplanned outage we had experienced in over four
years, but it still cost us much in terms of money and credibility
with our clients. In the aftermath we have made many changes,
technical, staffing, and procedural, based on lessons learned.
I have spoken with many clients and appreciate why they require
that uptime.
The hardest part of my job is explaining to clients the definition
of uptime. Frequently the issue is something that we have no
control over, like a fiber cut in Utah that forces packets through
Dallas instead of Chicago. People assume that "It is the Internet,
it is always _on_, right?" The reality is that parts of it are
always _off_ at any given moment of every day, and that while
the Internet will route around damage, the result is that it
may take a while, or things may not work as they did even a few
moments ago.
* Adam: Okay, but let's take the other point of view. How
important is uninterrupted Internet accessibility? I'm talking
about life and death stuff here, not just someone being unable
to check headlines on CNN or have customers come to a Web site.
Chuck: Much as it may not seem like it sometimes, uninterrupted
Internet accessibility is not really a matter of life and death.
Like other accoutrements of modern life - televisions, telephones,
and so on - the Internet is not something that is required to
sustain life, no matter what some geeks may think. Yes, it has
economic and social value, but it is not, as far as I know,
required to maintain life. So while damage that occurs from an
attack on the Internet can have real financial and even emotional
effects, it's important to maintain a sense of perspective.
* Adam: From what you're saying, it doesn't seem as though the
Internet makes a particularly attractive terrorist target.
Chuck: I guess that depends on the nature of the Internet as a
target. The September 11th attacks were aimed at targets with
high visibility and symbolic representations of U.S. economic
and government power. I have a hard time thinking of the Internet
in those terms. The Internet is really more of an infrastructure
item than a symbolic one, and terror's goal is visibility.
Infrastructure becomes a target when nation-states are at war
with one another; terror does not usually fall within that
definition. Bruce Schneier made this point well in an editorial
a few months ago.
<http://www.counterpane.com/crypto-gram-0306.html#1>
* Adam: What about defacement of Web sites? Would it be a problem
if the White House Web site, or other high profile sites like
Yahoo, Amazon, and eBay, were attacked and used to disseminate
political propaganda?
Chuck: Web site defacement is basically digital graffiti. It can
be an embarrassment, but it doesn't have any operational impact on
how packets move around the network. I also believe the Internet
is a secondary news source, meaning I doubt that most people
use it as their only source of news, especially news of their
government. Defacing, or changing the content of all media;
newspaper, TV, radio, Web sites, etc., borders on the impossible.
Web site defacement is more of a prank than a terrorist threat.
* Adam: So in the end, from the perspective of Internet users, the
worst the Internet is likely to suffer at the hands of terrorists
would be a major inconvenience attack. That's overly glib, of
course, since a physical attack could result in casualties, and
even these inconvenience attacks cost money to stop. Nonetheless,
Chuck, thanks for enlightening us about this situation.
PayBITS: If Chuck's interview helped put your mind at ease,
contribute to TidBITS so we can bring you great interviews.
<http://www.tidbits.com/about/support/contributors.html>
Read more about PayBITS: <http://www.tidbits.com/paybits/>
Hot Topics in TidBITS Talk/01-Sep-03
------------------------------------
by TidBITS Staff <[EMAIL PROTECTED]>
**Antenna coverage patterns** -- Most discussion of the coverage
area of antennas (such as WiFi-extending varieties) concerns
horizontal area, but what about vertical coverage such as between
floors in a house or office? (2 messages)
<http://db.tidbits.com/getbits.acgi?tlkthrd=2048>
**Salling Clicker and other stupid phone tricks** -- Joe Kissell's
article on Salling Clicker prompted this discussion of Bluetooth
proximity and how the wireless protocol affects battery life
in Bluetooth-enabled phones when used with Salling Clicker.
(5 messages)
<http://db.tidbits.com/getbits.acgi?tlkthrd=2047>
**Aliasing complex Unix commands** -- For those worried about
making mistakes with powerful Unix commands such as those
Kirk McElhearn explained in his article on command line file
manipulation, Unix-minded readers explain how to use a ".cshrc"
file to create safer versions of dangerous commands. (12 messages)
<http://db.tidbits.com/getbits.acgi?tlkthrd=2046>
**Serious data archiving** -- Data archiving doesn't revolve
entirely around backing up your computers. Readers talk about
making digital archives of paper data. (21 messages)
<http://db.tidbits.com/getbits.acgi?tlkthrd=2036>
$$
Non-profit, non-commercial publications may reprint articles if
full credit is given. Others please contact us. We don't guarantee
accuracy of articles. Caveat lector. Publication, product, and
company names may be registered trademarks of their companies.
This file is formatted as setext. For more information send email
to <[EMAIL PROTECTED]>. A file will be returned shortly.
For information: how to subscribe, where to find back issues,
and more, email <[EMAIL PROTECTED]>. TidBITS ISSN 1090-7017.
Send comments and editorial submissions to: <[EMAIL PROTECTED]>
Back issues available at: <http://www.tidbits.com/tb-issues/>
And: <ftp://ftp.tidbits.com/issues/>
Full text searching available at: <http://www.tidbits.com/search/>
-------------------------------------------------------------------
