The Code War Arms Race 74
pacopico writes "A story in Bloomberg Businessweek gives the first in-depth look at a wave of new start-ups selling cyber weaponry. The story describes this as the evolution of the defense industry in response to a wave of brazen attacks against Google, the Pentagon, the IMF and thousands of companies. It's pretty scary stuff, especially considering that these new weapons are not regulated at all."
That can't go wrong... (Score:1)
President, we have ascertained the location of the hackers!
Good, where are they coming from?
They're hacking in from 192.168.0.1!
Excellent! Unleash our counterattack now!
Re: (Score:2)
Re: (Score:2)
Re:That can't go wrong... (Score:4, Funny)
"Have you checked the children?"...
Re:That can't go wrong... (Score:4, Funny)
Forget about them hacking, they have really good porn there!
Cyber Weaponry? (Score:2, Insightful)
Really? Good god, slashdot.
Re:Cyber Weaponry? (Score:5, Funny)
Really? Good god, slashdot.
Your cyber disgust has been cyber recorded for further cyber review.
Re: (Score:3)
Re: (Score:3)
FUD stuff. Sounds like Daily Show material to me.
Re: (Score:2)
Really? Good god, slashdot.
I KNOW. The description which says
It's pretty scary stuff, especially considering that these new weapons are not regulated at all
OH NOES, UNREGULATED WEAPONS ....
Re: (Score:2)
Backtrack Linux. They are giving away the entire aresenal - for FREE! Just download it, and you've got ALL THE FREAKING WEAPONS! Mass mayhem, for free, no regulation at all. It must be the endtimes, or some such drivel.
Re: (Score:2)
So you're telling me... (Score:2, Funny)
That the future of cyber warfare is a bunch of script kiddies in military uniforms clicking "Attack" on some shitty VBasic GUI?
Re: (Score:1)
ass
Re: (Score:2)
Re: (Score:3)
Well, technically they're what I call noisemakers.
Submariners might get the hint what they will be used for.
The difference (Score:1, Troll)
The difference between hacking and warfare is the former requires out side the box thinking and creativity. Find me a US general with just one of those traits. Army culture is the exact opposite, not a stereotype.
Re: (Score:2, Funny)
And that is based on what? Your many years watching documentaries on the history channel?
Re:The difference (Score:5, Insightful)
Find me a US general with just one of those traits.
Arnold (before he turned traitor at the behest of his Tory girlfriend)
Lee (before he fought for the Confederates - see also the Mexican-American War)
Sherman
Grant
Roosevelt (Theodore, not Franklin)
Pershing
Patton
Bradley
Eisenhower
MacArthur
Long story short, well... your point doesn't stand.
Re: (Score:2)
Considering all of those generals in your list are long dead, I think his point does stand...
Re: (Score:2)
He never specified the presence of a pulse. ;)
Re: (Score:2)
Petraeus.
Re: (Score:3, Interesting)
(forgot to log in, posted this originally as AC)
Re: (Score:2)
I think you underestimate Schwartzkopf. He forced laser guided missile technology to the fore front. He used it to barrage the enemy with surgical strikes on communication priorities instead of traditional battle line troop bombing. He used the traditional Hun style semi-circle enclosure; but, implemented drop troops to prohibit the enemy from retreating to the better strategic fall back points. And. He did all of this with sociopaths in the white house and media people riding along with his army.
Re: (Score:3)
You might notice that some of the most successful military actions were based on out of the box thinking. If anything, this is able to catch the enemy by surprise.
Lately it has been sorely lacking. I have to give you that. And behold the success the US army has against a vastly inferior foe, too...
Re: (Score:2)
Re:The difference (Score:5, Insightful)
The general may or may not be capable of thinking outside the box - but I guarantee that he has troops who are capable. I was Navy, rather than Army. We spent a lot of time thinking, inside, outside, under and over the box. Of six commanding officers, one was a VERY imaginative person, two more were only slightly less imaginative, and the others were more or less average in that respect. Box thinkers, but capable of following a train of thought that left the boxy station.
Clue - military people are like civilians, in that everyone is an individual. You can't summarize how military people think - especially if you're not even a military person.
Endgame = PMC (Score:1)
FTFA, the Endgame company seems like a PMC at this point. They offer strategic intel, attack vectors to any individual or international group willing to pay. But hey, at least they say they won't attack the U.S.!
Re: (Score:1)
Re: (Score:2)
Pedant pick: "Take off every Zig"
Sensationalism for nerds? (Score:2)
Stopped caring at "cyber weaponry".
Sensationalized Bullshit (Score:1)
The only "Arms Race" is the race to shut down the internet in the name to prevent "Cyber War". The more articles like this posted, the more likely the treasonous congress will pass something to lock even more down right in your face.
And you know what "Cyber War" is code for? It's code for "Stop! You are getting too close to the truth of the reality of the world".
"Hacking" in it's purest form is exploring, probing, questioning, thinking, about a solution to a problem.
The problem is deception, trickery, false
Re: (Score:3)
"Hacking" in it's purest form is exploring, probing, questioning, thinking, about a solution to a problem.
Thank you. I've often pointed out at places like CNN and other news forums, that the world's most famous "hackers" include Bill Gates, Steve Jobs, and LInus Torvalds. Even here, on slashdot, where people should know better, half or more of the idiots assume that hacking is or should be a criminal offense, punishable by death.
Irony even when done for commercial purposes (Score:2)
http://www.pdfernhout.net/recognizing-irony-is-a-key-to-transcending-militarism.html [pdfernhout.net]
"Such powerful technologies of abundance, designed, organized, and used from a mindset of scarcity could well ironically doom us all whether through military robots, nukes, plagues, propaganda, or whatever else... Or alternatively, as Bucky Fuller and others have suggested, we could use such technologies to build a world that is abundant and secure for all. "
Spam is ironic too in this way, with some few destroying email in o
Re: (Score:2)
Good point on the tragedy of the commons, AC. Thanks. So, arms races like this with advanced technology can be seen as a "tragedy of the commons". What does that tell us about thinking about them or dealing with them?
So, see also:
http://en.wikipedia.org/wiki/Tragedy_of_the_commons#Modern_solutions [wikipedia.org]
"Articulating solutions to the tragedy of the commons is one of the main problems of political philosophy. In absence of enlightened self-interest, some form of authority or federation is needed to s
Why we need intrinsic/mutual security (Score:2)
The article is pretty scary. I'm not sure the people at these well-funded companies even realize the potential for these tools to be used accidentally to do all sorts of nasty things. Or what is going to happen when script kiddies get a hold of them or they are reverse engineersed, like Stuxnet is a blueprint for worse. It is just insanity. It shows the folly of current US defense posture relying primarily on extrinsic security (defending things by soldiers or hackers) and unilateral security (trying to sca
Re: (Score:2)
Interesting point AC, thanks.
Why, Obviously Perfectly Riskless (Score:1)
AHAHAHAHAHAHA!!!! (Score:2)
They can't get me, officer! I have norton!!!
Re: (Score:2)
Re: (Score:2)
What could and what will happen (Score:3)
What WOULD render this ineffective: Teaching people how to secure their machines against the threats by exposing them.
What WILL happen: A crackdown on "hacking tools" with the false idea that without tools there will be no hacking.
For those that don't know why this is no solution: Try to outlaw them in China, and try to audit your machines for security holes without them.
Re:What could and what will happen (Score:4, Insightful)
I disagree. I trust the users to make intelligent use of the computers they have accounts on. On the other hand, I don't trust programs, nobody should.
When a program is run, the only limits on its actions are set by the security settings of the system with respect to the account that launched it. These permissions are usually assigned by an administrator, and out of the users control. Default permissive environments are the root cause of our current lack of security. A program gone rogue can do as much damage as a malicious user on their worst day, in the blink of the eye, without even showing any symptoms of trouble.
The user, and the scanning tools are scapegoats here. Sure, some users make mistakes, and do stupid things, but it is impossible to determine if a non-trivial program can be trusted. Blaming users for failing at an impossible task is foolish, at best. Tools are just tools, to try to help increase transparency in terms of known vulnerabilities.
The solution is a default deny environment for programs, in which the user gets to decide which, if any, of their resources are given to a particular instance of a program. If it's not in the list, the program doesn't get it, and doesn't even know about it. This lets the user decide what they want to work with, and strongly limits the side effects of a program gone rogue.
It's not a very hard thing to conceptualize, nor to plan out. The hard thing is the massive amount of investment in our current code base, and mind-set, which need a subtle tweak, and some clever hacks.
There are positive signs, but I fear it will be another 10-20 years or more before a system which is default deny becomes the more popular choice. That's a lot of time and effort thrown away, that could be better utilized.
Re: (Score:2)
I mostly agree with you, but here's the thing though: The "ammunition" and "weapons" in a cyber war are security exploits. So, Instead of releasing bug reports and/or patches "Cyber-Warfare" benefits by keeping the exploits secret and unpatched.
Instead of creating superior weaponry and advancing the state of the art, Cyber Warfare seeks to ensure that the state of the art is retarded. Cyber-Weapons only exist only if we all have unpatched security vulnerabilities.
Additionally, I run all my programs a
Re: (Score:2)
You do. Germans don't [wikipedia.org].
Sadly, the article isn't available in English, it seems.
Re: (Score:2)
So to fix it is for the government to stop insisting on holes for them to peek through and the tools to make sure they, and anyone else with the skills, are not peeking? I believe that stands true in the US/UK/AU ad nausium... too.
Chinese military viruses? (Score:2)
That Kuang Grade Mark Eleven is a hell of a program...
Re: (Score:2)
This is some great stuff! (Score:2)
It wasn't enough to have imaginary "property", now we have imaginary "weapons" to defend it with.
This is just more inane posturing by idiots who have no clue as to what they're talking about. Here's an example: they come after me with their "cyber weapons" and I respond with hardware; say .45 caliber hardware. Care to bet on how that exchange would turn out?
By now, the concept of vulnerabilities and how they get exploited should be well established. The bad guys don't always wear uniforms or work for a gove
War on hackers (Score:2)
Beside the fact that people who break into systems are crackers and not hackers, this military jargon sucks. Today everything is filled with this vocabulary. War on terror. War on drugs. A worm is not a gun or a bomb it is more a digital lock pick. As the Internet is a (meta)medium it allows all scams and tricks which could be done only locally in the past. now they can be done around the globe.
We should learn that Information is not always true. Not only from governments, but also inside organizations. We
article is total cyber bullshit ! (Score:2)
"A story in Bloomberg Businessweek gives the first in-depth look at a wave of new start-ups selling cyber weaponry"
And yet in the opening para we have some guy in a ski mask breaking into some offices. This, another article from the school of bad fiction and total cyberbullshit