Kuro5hin.org: technology and culture, from the trenches
create account | help/FAQ | contact | links | search | IRC | site news
[ Everything | Diaries | Technology | Science | Culture | Politics | Media | News | Internet | Op-Ed | Fiction | Meta | MLP ]
We need your support: buy an ad | premium membership

[P]
More "Pearl Harbor" FUD -- this time from SRI

By in News
Fri May 12, 2000 at 01:48:35 AM EST
Tags: Security (all tags)
Security

FUD [1] from Yahoo Hong Kong about the May 9th SRI sponsored Internet Defense Summit

"Every time there is a little Pearl Harbor like that, people get more nervous and pay more attention to this," he [SRI President Curt Carlson] added.
...
SRI also announced the release of hacker detection software titled "Emerald," as well as plans to create a computer site at which people can share information on cyber security.
"It is curious that hackers have lots of places to share ideas but the good guys have very few places," Carlson said. "We want to create a forum for those who want to participate in making the Internet safer."
Err... I detect a possible loss of connectivity to the main clueserver... few venues for security discussions? How 'bout bugtraq, securityfocus.com, kuro5hin.org, and the venerable and long standing ACM RISKS moderated by PGN of SRI...


And sorta related another online infosec reference has some snip about atomictangerine.com which is a spinoff of SRI that's hosting the summit info and appears to be currently [2000/05/11@0000amEST] offline. The latest Security Wire Digest, Vol 2, No 17 May 8, 2k has the following embedded in an article on Dave Dittrich's analysis of the latest DDoS attack *mstream*:
Mich[sic] Kabay, security leader for AtomicTangerine, concurs. "Almost all penetrations rely on well-known, often quite old vulnerabilities," he says. "If more people subscribed to the CERT-CC alerts and their vendor alert services, and then actually implemented the patches recommended, criminals would have a very difficult time inserting unauthorized software for DDoS or any other attacks."
Not sure what to think of the whole line. I'm looking to the near future with some ideas in mind but I'll keep silent and ask for other's views on the above.

ymmv,
C.G.

[1] http://www.netmeg.net/jargon/terms/f.html#fud

Sponsors

Voxel dot net
o Managed Hosting
o VoxCAST Content Delivery
o Raw Infrastructure

Login

Related Links
o Kuro5hin
o Yahoo Hong Kong
o Internet Defense Summit
o bugtraq
o ACM RISKS
o atomictang erine.com
o Security Wire Digest, Vol 2, No 17 May 8, 2k
o Dave Dittrich's analysis
o Also by


Display: Sort:
More "Pearl Harbor" FUD -- this time from SRI | 20 comments (20 topical, editorial, 0 hidden)
comp.risks rocks! ... (5.00 / 1) (#1)
by kmself on Thu May 11, 2000 at 02:49:32 AM EST

kmself voted 1 on this story.

comp.risks rocks!

I've been a <strike>reader</strike> addict of comp.risks for years. It's a great forum for heads-ups on computing, and general technology, risks. The most depressing thing about comp.risks is the repetition -- not of the posts, but of the failures. I guess teaching and education will always be in demand, 'coz the idiots are forgetting far faster than the information can be crammed into their heads.

You should also run, not walk, to your friendly neighborhood ACM/IEEE book vendor (actually, you may have to buy it online), and order Peter G. Neumann's book(s) compiled from the comp.risks archives.

Proving, once again, if it bleeds, it leads.

--
Karsten M. Self
SCO -- backgrounder on Caldera/SCO vs IBM
Support the EFF!!
There is no K5 cabal.

While I have no problem believing t... (4.00 / 2) (#6)
by pvg on Thu May 11, 2000 at 03:02:45 AM EST

pvg voted -1 on this story.

While I have no problem believing that the SRI is capable of bending truth and fact for publicity, I think the term 'FUD' is a little strong. If you have a valid criticism of their statements or behaviour, a more detailed or substantiated write up is in order - while they are certainly not perfect, the SRI is an institution with established reputation, it takes a little more than alarmist editorialization to simply pointing a finger and yelling 'FUD' is not enough. What exactly are you trying to convey? That SRI's statement is tainted by possible commercial interest? As I said, it's quite possible you have a valid point but a) say clearly what it is b) back it up.

As to the second part,again, what is it you disagree with? Make your case and let's discuss it. As it stands now, I don't see what is obviously wrong with the quote. DDoS attacks rely on access to large numbers of compromisable hosts from which to launch the attack. If the hosts were more difficult to compromise, the first D in DDoS would be much harder to pull off.



Hu? Also, fix your grammer.... (3.00 / 2) (#2)
by Dacta on Thu May 11, 2000 at 03:39:57 AM EST

Dacta voted -1 on this story.

Hu? Also, fix your grammer.

I'll give it a +1 because of all th... (2.66 / 3) (#4)
by marlowe on Thu May 11, 2000 at 08:50:34 AM EST

marlowe voted 1 on this story.

I'll give it a +1 because of all the nice links.
-- The Americans are the Jews of the 21st century. Only we won't go as quietly to the gas chambers. --

"It is curious that hackers have lo... (3.20 / 5) (#9)
by tidepool on Thu May 11, 2000 at 09:31:18 AM EST

tidepool voted 1 on this story.

"It is curious that hackers have lots of places to share ideas but the good guys have very few places," Carlson said. "We want to create a forum for those who want to participate in making the Internet safer."

Interesting. If you ask me, these two places that he mentions are really one in 'real life'. I know 'hackers' (heeh, yeaah..) that read bugtraq, securityfocus, and numerous other mailing lists, and then on the flip side, I know the 'professionals' that read the exact same information. The only difference (that I can see) between the two is the fact that most of the security submissions come from the bad 'hackers' and are just read by these so called 'professionals'. Which brings me to another question: Where is this line between 'professionals' and 'hackers'? I think many people have proved that one can be a 'professional hacker' (rfp, l0pht team, numerous other 'security consultants).

I dunno - what do you guys think?

What might be interesting as an out... (3.33 / 3) (#7)
by warpeightbot on Thu May 11, 2000 at 11:07:08 AM EST

warpeightbot voted 1 on this story.

What might be interesting as an outcome would be Ye Olde Canonical List of Places To Go, broken down by flavor.... though I suppose bugtraq would go in the "general" section, no?

I couldn't understand what this sto... (3.00 / 3) (#8)
by messman on Thu May 11, 2000 at 11:25:24 AM EST

messman voted 0 on this story.

I couldn't understand what this story is about.

What the heck is this guy talking a... (3.00 / 3) (#5)
by End on Thu May 11, 2000 at 12:32:12 PM EST

End voted -1 on this story.

What the heck is this guy talking about?

-JD

What's the point of this posting?... (3.00 / 3) (#11)
by deimos on Thu May 11, 2000 at 01:43:58 PM EST

deimos voted 0 on this story.

What's the point of this posting?
irc.kuro5hin.org: Good Monkeys, Great Typewriters.

^&*(@(*#@. Too many ACRONYMS!... (3.00 / 3) (#3)
by Velian on Thu May 11, 2000 at 06:35:39 PM EST

Velian voted -1 on this story.

^&*(@(*#@. Too many ACRONYMS!

Re: ^&*(@(*#@. Too many ACRONYMS!... (none / 0) (#14)
by mattm on Fri May 12, 2000 at 03:44:55 AM EST

And a completely pointless footnote, too. :)



[ Parent ]
I think there's a bigger issue here... (3.25 / 4) (#12)
by adamsc on Thu May 11, 2000 at 09:10:52 PM EST

adamsc voted 1 on this story.

I think there's a bigger issue here - forums exist and most security holes are exploited after the alert. The real problem is that most companies don't budget sufficient admin time to actually do anything. Repairing after the fact is a lot more work than fixing it in advance but most managers don't think that way.

Re: I think there's a bigger issue here... (3.00 / 1) (#16)
by Anonymous Hero on Fri May 12, 2000 at 11:11:03 AM EST

Enough systems administrators have always been a tough sell to management. All they see is a cost with not productivity. The arguement to this is to calculate what an hour of downtime would cost the company. For a company of 1000 skilled people 2 hours of downtime will cost more then a system admin for a year. But it is still a tough sell. Management likes to see IT staff scurry around fixing a problem that is costing the company time and money RIGHT NOW. It gives management the sense that IT is doing something productive. Ofcourse a good IT shop will rarely scurry around to fix a problem as they will have done preventative maintanance preventing the problem in the first place. It's a catch 22: management dosen't think that a good IT is productive. This makes proactive secruity an even tougher sell: sitting around and reading mailing lists and security forums dosen't look productive. And setting up a lab so that IT can play is just a waste of money.

I estimated that to keep on top on the various lists and other forums it would take a dedicated person to read the bug reports and do nothing else. To do a good job of it you would need to dedicate two people (atleast) and a small lab to test the exploits and fixes. If anyone has convinced their management that this is needed I would love to hear how. I work in a security house and it was a tough sell. Ofcourse now that it is set up my bosses love it. When a nasty incident hits we often have the solution for our clients in very short order.



[ Parent ]
Re: I think there's a bigger issue here... (none / 0) (#17)
by Hurst Dawg on Fri May 12, 2000 at 02:20:41 PM EST

I agree with what you say about management not hiring enough sys admins. Management likes to see results, and the results of a good sys admin are that you don't notice anything; no downtime, internet is always accessible, and customers are happy. You should notice no difference from day to day operations if you have a competent system administrator(s), and much management (from what I've heard, I'm still in school so this could be a load of BS) doesn't work that way, they want to see results constantly, be it quick fixes due to virii, hackers, or whatever. -Hurst Dawg

[ Parent ]
Re: I think there's a bigger issue here... (none / 0) (#20)
by adamsc on Sat May 13, 2000 at 05:24:05 PM EST

they want to see results constantly, be it quick fixes due to virii, hackers, or whatever
Unfortunately, that's very true. This is the same reason why managers will typically reward the admin who works insane hours fixing problems a lot more than they reward the one who prevented things from becoming problems in the first place. After all, Bob worked 30 hours straight while Alice left at 5PM every day.

[ Parent ]
I bet he's thinking that since his ... (3.00 / 4) (#10)
by Saint Zero on Fri May 12, 2000 at 01:16:55 AM EST

Saint Zero voted 1 on this story.

I bet he's thinking that since his company is not running one, they don't exist. Common thinking, it seems.
---------- Patron Saint of Nothing, really.

cracker, not hacker (2.25 / 4) (#13)
by TomG on Fri May 12, 2000 at 02:10:31 AM EST

I'm getting annoyed at this.

Re: cracker, not hacker (none / 0) (#15)
by warpeightbot on Fri May 12, 2000 at 11:06:21 AM EST

#define BAD_HACKER cracker /* deal with it! */

I mean, really. Please realize that those who can't hack often attempt to write about it for a living, and they're not going to grok the difference between pro-hacker, amateur hacker, 3l33+3 #@X0R D00D, and plain old-fashioned evil cracker of a semi-pro nature..... they simply don't have the brain function to do so. The only thing we can do is beat them silly until they allow us to proof their works for technical accuracy until the proper phraseology becomes ingrained in their muscle memory.

Until that happens, get over it!

--
I'd like to find your inner child,
and kick its little ass!


[ Parent ]

Re: cracker, not hacker (none / 0) (#19)
by TomG on Sat May 13, 2000 at 12:44:04 AM EST

> get over it!

No.

[ Parent ]
EMERGENCY: PLEASE MIRROR CRYPTOME.ORG CONTENTS IMM (5.00 / 1) (#18)
by Anonymous Hero on Fri May 12, 2000 at 02:45:34 PM EST

British intelligence, probably MI6, is attacking cyrptome, which hosts documents that MI6 and the NSA (and the MPAA, for that matter) don't want you to see.

URL for mirror is
http://web.elastic.org/~fche/mirrors/

Download+Mirror! Quickly!

More "Pearl Harbor" FUD -- this time from SRI | 20 comments (20 topical, 0 editorial, 0 hidden)
Display: Sort:

kuro5hin.org

[XML]
All trademarks and copyrights on this page are owned by their respective companies. The Rest 2000 - Present Kuro5hin.org Inc.
See our legalese page for copyright policies. Please also read our Privacy Policy.
Kuro5hin.org is powered by Free Software, including Apache, Perl, and Linux, The Scoop Engine that runs this site is freely available, under the terms of the GPL.
Need some help? Email help@kuro5hin.org.
My heart's the long stairs.

Powered by Scoop create account | help/FAQ | mission | links | search | IRC | YOU choose the stories!