USAF Considers Creation of Military Botnet 440
sowjetarschbajazzo writes "Air Force Col. Charles W. Williamson III believes that the United States military should maintain its own botnet, both as a deterrent towards those who would attempt to DDoS government networks, and an offensive weapon to be used against the networks of unfriendly nations, criminal groups, or terrorist organizations.
"Some people would fear the possibility of botnet attacks on innocent parties. If the botnet is used in a strictly offensive manner, civilian computers may be attacked, but only if the enemy compels us. The U.S. will perform the same target preparation as for traditional targets and respect the law of armed conflict as Defense Department policy requires by analyzing necessity, proportionality and distinction among military, dual-use or civilian targets. But neither the law of armed conflict nor common sense would allow belligerents to hide behind the skirts of its civilians. If the enemy is using civilian computers in his country so as to cause us harm, then we may attack them." What does Slashdot think of this proposal?"
Re:The path... (Score:5, Informative)
It specifically states, in no uncertain terms that they will only use USAF computers for this. And that it will be a way to use retired computers from other sections of the government that would normally be slated for destruction.
He is NOT proposing the use of malware (Score:5, Informative)
Re:I'm Suprised (Score:5, Informative)
Re:Go for it (Score:3, Informative)
Well since no one else will say it... (Score:2, Informative)
"If the botnet is used in a strictly offensive manner, civilian computers may be attacked, but only if the enemy compels us."
In other words, there will be massive civilian collateral damage that we can't control. It's the electronic equivalent of nuclear, chemical, or biological warfare. How wonderful.
Bill Joy's excellent (albeit dystopian) article "Why the future doesn't need us" talked about this. He said "Thus we have the possibility not just of weapons of mass destruction but of knowledge-enabled mass destruction (KMD), this destructiveness hugely amplified by the power of self-replication." He also pointed out that unlike NBC warfare, the tools required for KMD aren't large, expensive, or hard to get. You need a plant to build a nuclear bomb. You need a good lab to create chemical or biological weapons. You need a cheap computer and a minor internet connection to create a knowledge-based weapon, i.e. a botnet.
It's crap. The international community needs to get together and stop this nonsense before they 'try it out' a few times. With strong international laws and buy-in, they'd also have a better chance at fighting the Russian crime gangs responsible for the existing botnets.
Enlist only US computers? (Score:3, Informative)
The geo-location algorithms are only so accurate.
Chip H.
Re:Using bots in S.American countries (Score:5, Informative)
Did you know that they really don't protect civilians under "contemporary" conditions ? It specifically states that if "the enemy" (anyone whom you're at war with) does not clearly identify itself (which is defined to mean military bases OUTSIDE of population centers and CLEARLY uniformed troops) that civilians, enemy troops AND casualties are fair game ?
As in, if there is a faction using people as human shields, any army fighting them is completely within their rights to shoot all the human shields first. (think about what rights this theoretically gives Israel in fighting Gaza, they go above and beyond what Geneva requires of them, since a genocide in Gaza would be clearly within Israel's rights under the Geneva conventions)
Even in an open war a military is completely within their rights to let a civilian population starve. Everything except direct, unprovoked attacks is not the subject of the Geneva conventions.
The convention also CLEARLY states who gets to judge (obviously without possibility of appeal) whether the provisions of the Geneva conventions allow you to shoot a certain person : the field commander. His decision is final, and he gets to be judge, jury and executioner.
Besides, there isn't a single warring faction in the world today, except the United States (and Israel, Turkey and "maybe" China (insofar you call Tibet a war, besides I doubt you will find China respecting Geneva in Africa)), that even pretend to respect the Geneva conventions. E.g. hezbollah has declared upon multiple occasions that it doesn't, nor does it ever intend to (and then they say something about some prophet not respecting them as justification).
Lots of other warring parties don't respect Geneva : the islamist government of Sudan, Egypt (in it's south), Iran, Pakistan,
Never mind civilian computers being fair game. These conventions date from immediately after WWII (not that anyone really thinks Hitler would have respected them if they existed, in fact he would probably have used them to his advantage, but hey, one can hope, right ?)
Also let's not forget, article 29(3) of the Human Rights :
"(3) These rights and freedoms may in no case be exercised contrary to the purposes and principles of the United Nations."
In other words, anyone attempting to abolish the human rights treaty (one obvious party would be islamists) does not have any human rights.
In practice you will find provisions like that in just about any constitution, in constitutions as varied as both the US constitution and the Iranian one (you know the one that requires the state to execute gays).
Re:I'm Suprised (Score:5, Informative)
Part of the strength - and 100% of the resilience - of a bot net lies in compromising trusted computers and networks. A bot net built on every army base in the nation would be within the governments military domain space, which would be really only trusted by those within the United States government itself.
Overflowing computers in other countries via DDoS attacks could easily be thwarted by simply blocking incoming packets from those military bases - or all incoming requests from any US domain. If you tried to avoid this block by bouncing these packets somewhere along the way to the attacked computer from the US, then you are involving civilian computers somehow, foreign or US. So you risk bombing either a) US civilian computers , or b) foreign innocent civilian computers, since the military's traffic would have to go through some civilian computer at some point even if it was originally funneled through dark fiber (like Internet 2), and its well within the realm of possibility that the civilian computer would not be able to handle the incoming storm of packets before said storm got to it's intended target, so you would completely miss your objective while simultaneously tanking a potentially friendly system.
You could build it without using a civilian computer, but you couldn't use it without effecting a civilian computer, and the odds of hitting an innocent would be huge. It sounds like they are considering "Counter DDoSing" people that attempt too "DDoS", which personally sounds like a really, really dumb idea. It could potentially cause a lot of collateral damage. Conventional military thinking does not apply analogously to the internet; you can return fire in real life, but returning fire on the internet isn't always a smart decision.
Re:Using bots in S.American countries (Score:2, Informative)
It is prohibited to attack, destroy, remove or render useless objects indispensable to the survival of the civilian population, such as foodstuffs, agricultural areas for the production of foodstuffs, crops, livestock, drinking water installations and supplies and irrigation works, for the specific purpose of denying them for their sustenance value to the civilian population or to the adverse Party, whatever the motive, whether in order to starve out civilians, to cause them to move away, or for any other motive."
Text available at http://deoxy.org/wc/wc-proto.htm
Re:I'm Suprised (Score:3, Informative)
And by the way, I really don't care what they do with their own funding, but they do NOT get to commandeer my hardware. So if it's a "botnet" in the traditional sense, then I say hell no!
Re:Historical Perspective (Score:4, Informative)
I'm not going to pass judgment on whether those goals are "right" or "wrong." (Actually, arguably, such struggles almost always break down to both sides doing a lot of "wrong" things and ignoring their own wrongs, focusing on the others' to justify even more of their own.)
There are those who can dismiss them as wrong just as there are those who can dismiss the justifications for the American struggle for indepedence as wrong if they're determined enough.
Yes, it can be argued that it's mostly about a few cynical Muslims whipping up hatred so they can consolidate power far more than it's about the above stated aims. Then again, the same argument can be made that the stated aims for American independence were very different to the argument it was really about rich white slave owners, who'd taken the land from the native people, wanting to pay less tax and whipping up populist sentiment to ensure they got it.
Again: Just because the goals get a fraction of the attention "OMFG TERRORISTS!" gets on the nightly news, it doesn't mean there aren't any.