SoylentNews is people
SoylentNews
https://www.lawfareblog.com/someone-learning-how-take-down-internet
Over the past year or two, someone has been probing the defenses of the companies that run critical pieces of the Internet. These probes take the form of precisely calibrated attacks designed to determine exactly how well these companies can defend themselves, and what would be required to take them down. We don't know who is doing this, but it feels like a large a large nation state. China and Russia would be my first guesses.
Sounds like as good a reason as any to develop a more distributed internet. Fight fire with fire - When the attacks are distributed denial of service on centralized systems, the solution is decentralization and distributed delivery of service (P2P).
This discussion has been archived.
No new comments can be posted.
Bruce Schneier: Someone is Learning How to Take Down the Internet
|
Log In/Create an Account
| Top
| 45 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Grelb's Reminder:
Eighty percent of all people consider themselves to be above
average drivers.
(Score: 2) by NotSanguine on Friday September 16 2016, @01:07AM
I read TFA and it's a lot of utterly meaningless nonsense, assumptions, lack of information, and lack of proof. If someone hadn't read a single RFC and never done any network administration but thought the public figureheads of the surveillance and manipulation system had a clue then this is something they could easily have written.
It is entirely clueless and devoid of useful information. It is 100% noise.
Schneier is shooting thousands of empty rounds into the dark with a backpack minigun and there's no one there. Nothing at all. Nothing to hit, nothing to miss.
I read TFA as well. He specifically notes DDOS attacks and what are most likely (at least AFAICT) BGP/OSPF route poisoning/manipulation attacks, both of which are not only plausible, but are known to have occurred.
The real question is not whether Bruce Schneier is a moron, but whether he's shilling for a specific state actor (nudge, nudge, wink, wink) that's pushing for less anonymity and more surveillance on the Internet, or if he's genuinely concerned that backbone, root DNS (read: ICANN and its contractors), and other large-scale network providers can handle large, sustained attacks.
Or at least that's what I took from TFA, which was dumbed-down quite a bit.
No, no, you're not thinking; you're just being logical. --Niels Bohr
(Score: 2) by Phoenix666 on Friday September 16 2016, @01:33AM
"The real question is not whether Bruce Schneier is a moron, but whether he's shilling for a specific state actor"
Aww, don't do that. I need to believe that not everyone out there is an evil corrupt asshole. I'm still mourning the loss of Elizabeth Warren to the Darkness. Linus, ESR, Snowden, and Bruce Schneier are the last members of the set, Good Guys.
Washington DC delenda est.
(Score: 2) by NotSanguine on Friday September 16 2016, @02:28AM
"The real question is not whether Bruce Schneier is a moron, but whether he's shilling for a specific state actor"
Aww, don't do that. I need to believe that not everyone out there is an evil corrupt asshole. I'm still mourning the loss of Elizabeth Warren to the Darkness. Linus, ESR, Snowden, and Bruce Schneier are the last members of the set, Good Guys.
Well, we all know (or at least are pretty sure) that Bruce Schneier isn't a moron.
But the question was in two parts and you cut off the second part:
Personally, I'd be much more likely to believe it's the latter, rather than the former. However, these days, the first part has to be considered, even if it's rejected.
This bit is rather O/T.
As for Elizabeth Warren, what did you expect her to do? Support Jill Stein? At this point, (and I know you disagree with me on this) any vote for a third-party candidate is a vote for Donald Trump.
As Heinlein thoughtfully pointed out (as he usually did):
Donald Trump is that disastrous possible, IMHO.
No, no, you're not thinking; you're just being logical. --Niels Bohr
(Score: 0) by Anonymous Coward on Friday September 16 2016, @08:43AM
> Aww, don't do that. I need to believe that not everyone out there is an evil corrupt asshole.
Look in the mirror dude.
I am not kidding. Plenty of people think that's you.
Do you think that's you?
Nope.
So maybe, just maybe real life doesn't work the way you think.
But you are probably too old to discover anything new about life.
(Score: 2) by Phoenix666 on Friday September 16 2016, @01:09PM
Hmm, I do control the British crown and keep the metric system down. But on the bright side you can't see any princes around here for miles.
Washington DC delenda est.
(Score: 2) by Yog-Yogguth on Friday September 16 2016, @01:46PM
You can have a look at my reply to NotSanguine. One should try to avoid assumptions. Don't idolize anyone. Don't give too much credence to past actions. Don't trust.
I'm not saying it like it's easy or particularly achievable but actually trying (or maybe even thinking about it at all on a regular basis) seems to be enough to take it more seriously than the vast majority. It will make you question yourself a lot in hindsight, stuff like simple actions, natural inclinations, your own position. It's brutal, it's not comforting.
Want something truly depressive? Read the leaked Tor internal chat log from this June. They all act like idiots in just about every way possible! The pdf is better than the pastebin because names.
Here it is [cryptome.org].
I'm glad I don't use TOR and I am more than a little worried about how extremely easy it is/would be to manipulate every single one of them by having the "correct opinions". It becomes even more funny that Schneier is on the TOR board now.
Bite harder Ouroboros, bite! tails.boum.org/ linux USB CD secure desktop IRC *crypt tor (not endorsements (XKeyScore))
(Score: 2) by Yog-Yogguth on Friday September 16 2016, @12:50PM
No it is quite clear so I'll provide additional reasoning.
1. First (as we probably both agree) DDoS attacks are a dime a dozen and require nothing more than will and pocket change (no knowledge) or will and knowledge (no money) or will and social aptitude (no knowledge and no money). No details of technique or anything unique were provided by Schneier and nothing should be assumed. The claims of size are dealt with in point 4.
2. Schneier is shilling for the "elites" and/or the surveillance and manipulation system and supports Hillary Clinton to the extent of contradicting some very sensible things he said in the past and which he became renowned for. Essentially Schneier died. For proof look through the last few months of his blog at those entries which makes that very clear and includes more than a few comments calling him out on it. I won't do it for you since I don't visit the place any more.
3. There is no proof being provided that anything special is going on. However of course something special is always going on, plenty in fact, but nothing out of the ordinary as far as Schneier's unsubstantiated claims are concerned. It is a good damned fishing trip but that's also nothing unusual so it's still just noise beyond the fact that the powers that be still can't figure it out. It has been that way for over three years now. People spell it out for them that they are eating themselves alive but their only reaction is to keep eating faster. For some reason they think destroying themselves will save themselves.
4. There is proof that not much is happening as far as the claims go simply because there's a lack of any significant loss of service to people in general. If the claims are being reduced even further then there's nothing left except the level of stuff that is always going on anyway (including the constant whining from the usual corporate suspects).
5. There is no indication of any large increase in activity in order to defend anything. There is always some activity but again nothing all that unusual seems to be going on. This is different from some unrevealed new big weakness being addressed in secrecy (that could always be the case) but that's not what Schneier said was going on anyway.
There is just nothing there.
Schneier is full of shit.
P.s. belligerent/abusive route poisoning [wikipedia.org] and DDoS are completely uncontroversial mundane generalities and do not in any way constitute or supply specific information.
Bite harder Ouroboros, bite! tails.boum.org/ linux USB CD secure desktop IRC *crypt tor (not endorsements (XKeyScore))
(Score: 2) by NotSanguine on Friday September 16 2016, @11:57PM
As far as attacks are concerned, you're absolutely correct.
As for Schneier's motivations, I can't speak to that knowledgeably (perhaps you have some inside information unavailable to the rest of us?), but while your conclusion ("Schneier is shilling for the "elites" and/or the surveillance and manipulation system") is plausible, the fact that Schneier posted this bit on Lawfare [lawfareblog.com], it's also plausible that he wanted to make sure that non-technical (at least in the areas of InfoSec, IT and networks) were aware of the ongoing threats to infrastructure.
Then again, he could well just be trying to inflate his own image with the folks who read Lawfare and their ilk.
Regardless, as I stated in another post [soylentnews.org], it doesn't take much to mount attacks against internet infrastructure, with the major stumbling block to paralyzing large swathes of the internet being one of scale rather than know-how.
I suspect that most people are unaware of that little gem, which might be a motivation for Schneier as well.
Full Disclosure: I have no ownership stake in Bruce Scneier, nor to I claim him among my friends, family, colleagues or acquaintances.
No, no, you're not thinking; you're just being logical. --Niels Bohr