Join 3,438 readers in helping fund MetaFilter (Hide)


Cybarmageddon!
March 2, 2010 9:30 AM   Subscribe

Cyberwar Hype Intended to Destroy the Open Internet. "The biggest threat to the open internet is not Chinese government hackers or greedy anti-net-neutrality ISPs, it’s Michael McConnell, the former director of national intelligence..." [Via]
posted by homunculus (29 comments total) 9 users marked this as a favorite

 
Run for your lives! We're losing the cyberwar!
posted by Salvor Hardin at 9:48 AM on March 2, 2010 [1 favorite]


I always figured the designated bogeyman for destroying an open Internet would be child pornographers.

I don't mind if they want to make it the Chinese instead. I just hope they don't get offended and stop paying for our wars and stuff.
posted by Joe Beese at 10:03 AM on March 2, 2010


I keep seeing articles saying things like "cyberterrorists could bring down our systems/national power grids/etc. AT ANY MOMENT!!!" and can't help thinking skeptically that if they really were capable of that, they'd have probably done so already.
posted by Greg_Ace at 10:07 AM on March 2, 2010 [3 favorites]


What is it with these greedhead Bushies and their short sighted power- and money-mania? Do some sort of soul-killing centipedes crawl into their ears around the campfires at the Bohemian Grove?
posted by longsleeves at 10:08 AM on March 2, 2010 [2 favorites]


The sad thing is, the demographic of people who don't understand how the internet works or why it's important to keep it open and free, is Most People In The World, including the people who vote against that freedom/openness, and the people who vote those people into office. Sadly, Most People In The World are easily duped and haven't learned that "honest politician" is an oxymoron.

It's a terrible idea to rush into legislating* something you don't really understand. Yet it happens all the time, and unintended consequences abound. Worst of all, once the change has taken effect, good luck getting it repealed in your lifetime. Once you're at that point, the real battle will be preventing it from sliding even further down the slippery slope of precedent.

*or taking government action of any kind, as the case may be
posted by The Winsome Parker Lewis at 10:11 AM on March 2, 2010 [2 favorites]


We have always been at cyberwar with Cybereurasia.
posted by GuyZero at 10:13 AM on March 2, 2010 [4 favorites]


Good use of the Hype tag; it can be equally applied to the language and tenor of this article.

Rather than go through and list the myriad sections of questionable inferences and conclusions that need to be sifted from the legitimate facts in this article—and there are legitimate points to be made—I'm just going to say that, generally, it's hard to write an objective piece where your central premise is that your subject is using hyperbole in promoting his position, when you then turn around and use language like: It's good to be ever-vigilant against government incursions into the 'free' internet. But this stuff is largely business as usual, and I don't think the grandiose fear-mongering in the article helps its credibility, any more than the fear-mongering of the government's side does.
posted by Brak at 10:14 AM on March 2, 2010 [1 favorite]


It's a terrible idea to rush into legislating* something you don't really understand. Yet it happens all the time, and unintended consequences abound.

Back in the day in British Columbia, we had a Provincial Government headed by genius named Bill Vanderzalm who operated more or less by this principal. The local media eventually dubbed them THE READY-FIRE-AIM GANG.

I'm still smiling.
posted by philip-random at 10:34 AM on March 2, 2010 [1 favorite]


if they really were capable of that, they'd have probably done so already.

They're just waiting for the Fire Sale, everyone knows that.
posted by quin at 10:34 AM on March 2, 2010


Totally with Brak on this one - the article is nearly hysterical in its tone.
posted by awesomebrad at 10:52 AM on March 2, 2010


Brak,
When I was taking security classes recently in college, there was a lot of recruiting going on for the NSA and the Air Force's new "Cyber Defense Force" or some nonsense like that. I'm talking free ride scholarships and everything. Pile on organizations like InfraGard that everyone is encouraged to join. And then we were being told stories about the Chinese almost launching and crashing a space shuttle from remote (but don't tell anyone we told you!) During those classes I really felt like there was an attempt to get some sort of militarization going, and ramping up the fear was a major part of it. There may have been hyperbole in this article, but just barely in my view.
posted by charred husk at 10:56 AM on March 2, 2010 [1 favorite]


InfraGard? Is the UltraGard next? X-Gard? It's like I live in a comic book.
posted by GuyZero at 11:03 AM on March 2, 2010


Booz Allen Hamilton is the axis of evil? Around my part of DoD they are just another beltway bandit former accounting now consulting firm that crunches numbers for us.
posted by fixedgear at 11:33 AM on March 2, 2010


Here's the thing: the Internet really is terribly insecure. The fundamental technologies — BGP, DNS, IP — they really are awful if your goal is to authenticate someone you're communicating with, or trace the source of an attack, or.. I'm not saying the solution is to turn the net into some set of locked down secure protocols, and I'm just as suspicious as the Wired journalist about McConnell's motivations and methods here.

But it's just way too hard right now to build reliable, secure systems on the Internet for critical functions. Right now we layer technologies on top of the core Internet, particularly SSL, and that sort of works. But there's pretty much no meaningful protection against denial of service attacks. And SSL is pretty fragile and awkward, particularly if you're considering something like a power grid infrastructure where defending against active attacks is literally a matter of life and death.

Botnets, DOS attacks for the lulz, and directed espionage by government and corporate groups are only going to get worse on the Internet. What do we do?
posted by Nelson at 11:45 AM on March 2, 2010


I had the image of these WWII newsreels: America's new Cyber Army fighting alongside our Marines in the Battlefield of the Future! Look at this newly minted cadet, or N00b, just getting out of basic training, he can't wait to tell his parents that he got accepted into the prestigious Meh Infantry Division. Be sure to send us letters once you get to Second Life! And here's Cisco Susie doing the "config t" while her boys are away, thanks for keeping things working at home. And look here's the outspoken leader of the Meh Corps, General Jobs, is it true when they wanted to install Flash your response was, "Nuts" ? Oh too busy to talk to us Genearl, well take care, and that's the news from the cyber front!
posted by geoff. at 12:23 PM on March 2, 2010 [4 favorites]


I haven't gotten around to reading this yet (I know, RTFA!), but I have to say I have some pretty well grounded fears about where the Web is heading. From the cooperation of Google with the Chinese, to the constant efforts of the US Government to log and examine everyone's browsing, All this talk about cyberwarfare sounds a lot like Buck Turgidson raving about the "mineshaft gap". in Dr Strangelove. And then there's the apparent desire of the telecommunications companies and the "entertainment industry" to monetize and limit choice wherever possible.

I really feel like we're being herded towards some sort of an end. I get the feeling the Internet in 5 years or so is going to be turned into the equivalent of cable tv, only with more channels, and a fee for everything you want to watch, read, or download.
posted by cybrcamper at 1:09 PM on March 2, 2010 [2 favorites]


Nelson is right when he points out insecurities in BGP, DNS, etc... but the really big problem is the mass of insecure nodes connected to the internet in the form of personal computer. If we could get them secured, it would eliminate a lot of the problems we're currently having.

It can be done, it requires operating systems that enforce the principle of least privilege, and/or capability based security. The concepts have been around since the 1960s. In summary a list of permitted actions for a given task is maintained by the operating system kernel.

A new OS has to be written, but odds are very good we could get our apps to run in a virtual machine inside of it. The other good news is that since we could ditch virus scanners along the way, our existing hardware would run things faster. (Especially Windows boxen)
posted by MikeWarot at 2:02 PM on March 2, 2010


I really feel like we're being herded towards some sort of an end. I get the feeling the Internet in 5 years or so is going to be turned into the equivalent of cable tv, only with more channels, and a fee for everything you want to watch, read, or download.
posted by cybrcamper at 4:09 PM on March 2 [1 favorite +] [!]


I don't believe this for a second. The pay-to-play magnates have ALWAYS been lightyears behind the share-for-free unwashed masses. The bigger the pay-wall barrier is between the population and the information, the harder the hackers will push to find ways around, over, through it.

The larger internet exchanges are possible vulnerable points as far as the freedom of the internet is concerned, but if totalitarian forces try to control the internet in that manner, I think it will just get less centralized.

I'm not saying we shouldn't be vigilant about keeping the web free, but I don't believe there is any power on the planet that has the technical capability to make a lasting dent in the internet in terms of espionage or censorship.
posted by Salvor Hardin at 2:12 PM on March 2, 2010


There's a growing recognition among the INFOSEC community that much of the US's computer infrasructure (thousands of companies & an unknown number of government systems) is infested & controlled by what's being called Advanced Persistent Threats, most of which uses a common methodology & appears to be linked to China.

There's a real problem here that needs to be solved. It won't be simple, cheap or quick. We can debate the best approach but we need to start by acknowledging the reality of the situation we're in. We've been owned on a massive scale.
posted by scalefree at 2:38 PM on March 2, 2010


I had the image of these WWII newsreels: America's new Cyber Army fighting alongside our Marines in the Battlefield of the Future! Look at this newly minted cadet, or N00b, just getting out of basic training, he can't wait to tell his parents that he got accepted into the prestigious Meh Infantry Division.

The Meh Infantry Division? Are they related to the 101st Fighting Keyboarders?
posted by homunculus at 2:39 PM on March 2, 2010


It can be done, it requires operating systems that enforce the principle of least privilege, and/or capability based security. The concepts have been around since the 1960s. In summary a list of permitted actions for a given task is maintained by the operating system kernel.

The sad irony is that every operating system in common usage today has that capability. The WinNT kernel has a sophisticated capability architecture. So do most Unixes, including Linux. It's just no one uses it. In the Windows case it's because the user interface to manage capabilities is way too complicated. You think UAC is bad? And in the Unix case it's because few people see the benefit, just the hassle.

Anyway I don't think securing all the PCs in the world solves the biggest security issues. The botnets are bad, and slowing down their growth would help. But we also need better security technology for specific high value systems.
posted by Nelson at 3:33 PM on March 2, 2010


Doesn't sound at all exaggerated to me. After all, it's not like their trying to scare us into submission with the war on terror or anything, right!? Actually, this is rather terrifying, something that I'm not too surprised is happening but desperately hoped would not.

First they came for the pedophiles, then they came for the scammers, then they came for the Chinese...
posted by blue shadows at 8:57 PM on March 2, 2010


US Gov't. Ending Its Hands-Off-the-Internet Stance: "According to Assistant Secretary Larry Strickling, Obama's top official at the Department of Commerce, the US government's policy of leaving the Internet alone is over. Instead, an 'Internet Policy 3.0' approach will see policy discussions between government agencies, foreign governments, and key Internet constituencies, with those discussions covering issues such as privacy, child protection, cybersecurity, copyright protection, and Internet governance."

oh and btw...
US Government Begins Largest IT Consolidation in History

coincidence? i think not!

Cyber Warriors, prepare your engines :P
posted by kliuless at 8:08 AM on March 7, 2010


right, time to port over to the mobile platform, then?
posted by infini at 12:19 PM on March 13, 2010


Cyber Army?
posted by Grangousier at 12:28 PM on March 13, 2010


Security industry faces attacks it cannot stop.
posted by scalefree at 12:43 PM on March 13, 2010


Dismantling of Saudi-CIA Web site illustrates need for clearer cyberwar policies
posted by homunculus at 3:20 PM on March 20, 2010


Mike McConnell, the WashPost & the dangers of sleazy corporatism
posted by homunculus at 11:10 AM on March 29, 2010


Federal Judge Finds N.S.A. Wiretaps Were Illegal
posted by homunculus at 12:15 PM on April 1, 2010


« Older Waka Waka Hey Hey...  |  Poland's late, great, legendar... Newer »


This thread has been archived and is closed to new comments