[Linux-Anyway] Re: Year After 9/11, Cyberspace Door Is StillAjar
- From: Meph Istopheles <meph@xxxxxxxxxxx>
- To: Linux-Anyway@xxxxxxxxxxxxx
- Date: Mon, 9 Sep 2002 13:52:32 -0700 (PDT)
> >He suggested that another reason companies had not acted
> >decisively could be a growing sense among industry experts
> >that the threat of cyberterrorism had been overstated.
> How very true. Most of the reports are just exaggerated scares.
> Just remember the millennium bug. Everything was expected to
> collapse, household appliances to stop working, computers to
> die, internet to fall apart, whatever. What happened? Exactly
> nothing. I haven't heard of a single problem. Ok, companies
> have took precautions, and something would probably have
> happened if everybody just ignored it. What really happened
> were minor nuisances, instead of the predicted armageddon.
Well, that's not entirely true. I can't remember any of the
company's names, but there were those who had relied heavily on
out-dated software packages as the sole means of controlling
their businesses. In most cases, y2k wasn't an issue to anyone
who'd upgraded in the past fifteen years (or so most of the wares
company's had said), but there were those cheap-skates who
suddenly couldn't figure out how much they owed anyone & decided
not to pay any bills.
I remember there was also one app which put the company owning
it out of business. For some reason, they couldn't figure out
how to rewrite their code to allow for a four digit year. Pretty
stupid when even I'd heard of y2k back in the late 70's -- well
before I'd had a 'puter of my own.
> As for the cyberterrorists: Osama's gang can't code.
Yeah -- his beard keeps getting tangled with his fingers;-).
> I am quite convinced that they're quite incapable of that.
They aren't the ones who would code. They'd hire coders who
either are sympathetic or willing to code for anyone offering the
right payment.
> Nonsense. After the september 11. you could see interviews of
> pilots, all saying that those who flew the machines were quite
> skilled, since they impacted while in a turn. I'm too poor to
> own a plane or get a license, but I know quite a lot about
> aerodynamics and physics of flying, so it appeared nonsensical
> to me.
Funny thing there. As my girl friend & I both would love to
learn to fly, I'd looked into it. Here in the US, it's more a
matter of familarity than it is knowledge. Sure, one has to take
a course approved by the FAA, but one is only required to take
one course for each certificate one wants. It's the hours one
must fly (& few of them requre a licensed instructor along) to
qualify to take the test.
And that test is not written (I think there's was mention of
a short written test with a few, basic things on it (one
instruction site even said that that test can be passed by most
anyone who has only ~seen~ an airplane) -- it's going up in
whatever kind of plane one is hoping to certify for -- private,
commercial, big (I forget what they call that), helicopter, etc
with the FAA evaluator.
I could have been misinformed, but it isn't difficult in the US
to get a certificate to fly & while one might have to pay for
one's own private cert, a commerical one would likely be covered
by someone willing to hire you.
> I started the MS flight simulator with the NY scenery and flew
> a turn with a 737, right into one of the towers. Ok, I had to
> correct before the impact, so I tried again.
Didn't M$ rewrite the code or remove the NYC scenery after the
attack to keep people from doing that -- in future releases of
the game, of course;-).
> Let's suppose they can take a network down, completely and
> irrevocably.
The great fear is that they'll kill the 'Net;-).
> How long would it take? And how many bloody good blackhats
> would it take to cause a damage that makes a difference, in a
> fragmented structure like US corporations? You don't have to
> hack one network to cause a major power outage, you have to
> hack hundreds. The computer systems that count don't have
> MCSE's to look after them, they have experts.
Hey, didn't you see the movie "Hackers"?;-)
> But you still get to read in the media about cyberterrorists
> bringing down airplanes, causing faminae, power outages,
> changing your credit card number and the code for your car's
> immobiliser.
Not on US news broadcasts. Cats stuck in trees are much more
important news items here.
> If I wanted to be cynical, I'd say Enron, Harken, Halliburton
> were far more effective than WTC. Will that teach Osama a
> lesson? No, he'll prefer letting airplanes crash into
> buildings.
But who's to say Osama didn't order the fall of Enron too?;-)
> The computer systems do need to be made more secure. But not
> because Osama might want to give it a shot. The danger is
> there, but it's greatly exaggerated, mostly by IT security
> vendors. They're doing the same as the boy that yelled "Wolf".
> And when someone more cunning than a bunch of rich religious
> fanatics grows really dangerous, nobody will believe them.
It's all very true that the threat is exaggerated. I sometimes
wonder what was wrong with tcp/ip wrappers when they do
everything -- once you figure out how to use them -- the
ip/tables does (hey, I still haven't fired out ip/tables...).
Meph
--
FORTUNE DISCUSSES THE OBSCURE FILMS: #4
WITLESS:
Peter Weir directs Sylvester Stallone in the most challenging
role of his career. Stallone plays a Philadelphia police officer
on the run from corrupt officials. He is wounded and then nursed
back to health by Amish Mennonites. Fearful that they might
unwittingly reveal his hiding place, he blows them all away.
To unsubcribe send e-mail with the word unsubscribe in the body to:
Linux-Anyway-Request@xxxxxxxxxxxxx?body=unsubscribe
Other related posts:
