Slog: News & Arts

RSS icon Comments on Rise of the Machines

1

Ah yes, the botnets. The net-storm. The swarm-and-destroy approach.
Monolithic structures beware... many tiny things swarming together can kill you.
Perhaps we can reclaim democracy with a similar approach... Naahhh, that's CRAZY.

Posted by treacle | October 31, 2006 12:06 PM
2

The annoying thing about the botnets is that they are tacitly allowed to operate by the largest internet companies, the banks that profit from them, and by governments that are more interested in protecting the rights of spammers and marketers than they are in protecting us.

There's this myth that "well, gee, there's no way we can possibly figure out where this is coming from." But we DO know where it's coming from, and we can find out more. The spam networks are relatively easy to figure out, because with spam there's always a payoff: spam is PAID FOR. The banks who process the credit card payments know who's responsible, the internet companies know, or could find out trivially, where the packets are going to and coming from, and the government could, or should, have tools to PROSECUTE THE MOTHERFUCKERS.

The top of the pyramid now is the marketing industry, where ALL of the top members of the Direct Marketing Association profit from spam, as do virtually ALL of the largest corporations in America. I get spam from botnets for pretty much every company in America, sold through deliberately opaque layers and layers of affiliates, who eventually tie into the botnets.

The drawback to spam is simple: it's spam. It's annoying, it clogs the networks, yadda yadda. But the drawbacks to the botnets that support the trade are a significant threat to national security.

It is only a matter of time before terrorists start using botnets to attack parts of our network. Why wouldn't they? How else are they going to be able to get into the systems that make our economy function? The possibility of flying an airplane into it doesn't exist anymore (and not because of the bullshit TSA). For all the fear-mongering about "WMD", the reality is there is NO SUCH THING as WMD; there's nukes, and there's nothing. Chemical and biological weapons are impossible to implement on a large scale, period. And regular bombs, while effective, are difficult to target in the places where they can do damage; those bombs in Sadr City are pretty devastating to the people who live there but they don't hit OUR economy much. Bringing down, say, Microsoft, Amazon, Ebay, Google, and the .gov domain WOULD. But our government is clueless, fully exposed, and utterly beholden to the economic forces that make this threat possible.

Posted by Fnarf | October 31, 2006 12:10 PM
3

So fnarf, I'm curious what your opinion is of the rumored NSA "secret rooms" in data centers across the nation that, theoretically, can analyze every packet of data?

The idea of the NSA analyzing every packet of information makes me uneasy, and would have serious issues trying to pass even basic constitutional tests, but it _is_ the only real way that they could try to protect against the kind of botnet attacks against our infrastructure that you speak of.

Posted by charles | October 31, 2006 12:35 PM
4

Shall we march over to Redmond and deliver a big thank-you for the operating system that makes this possible also?

Posted by Noink | October 31, 2006 12:52 PM
5

PEBKAC

Posted by charles | October 31, 2006 1:06 PM
6

The idea that the NSA is "analyzing every packet" is laughably absurd. It makes about as much sense as not only counting but numbering and cataloging grains of sand. I have no doubt that their data mining capabilities are prodigious, but the more I read about our super-spy capabilities the more skeptical I am about any dramatic claims. The quality of our signals intelligence overall is ASTOUNDINGLY POOR. Getting the data is the easy part; it's knowing what to look for, and then looking, and then finding, that's hard. And after that, compiling it into something that humans can comprehend. Otherwise you're no better off than someone trying to google letters of the alphabet.

Rather than trying to find a pin in a swimming pool of needles, it's much better to try to find the other end of a piece of string.

Posted by Fnarf | October 31, 2006 1:47 PM
7

Problem Exists Between Keyboard And Chair. I hate jargon. If you hear a tech support person saying this, they're insulting you and feeling proud of not being as stupid as you are. In other words, neglecting half of their job.

Anyway... what do you mean in this context? I can only guess that you're saying the problem is not the software but users allowing their computers to be vulnerable. If so, I strongly disagree - everyone has to use computers, only a relative few will ever know how they work. The technology is still young and not robust (think pre-WWII cars), but everyone relies on it, and it's too complicated for everyone to be expected to know how to maintain it.

Posted by Noink | October 31, 2006 2:09 PM
8

Absolutely right, Noink.

But it's also wrong to say, well, Microsoft made their OS and browser insecure. All software is insecure, buggy, and exploitable, and always will be.

The problem is that the people who have the capability to address the problem are either too willing to just let it go, because it's a lot of work to fix it, or they in fact have a financial interest in letting it continue. The latter category now includes almost every company that advertises on the internet.

Posted by Fnarf | October 31, 2006 2:28 PM
9

I'm suggesting that people *do* bear some responsibility when it comes to how they conduct themselves online. putting all the blame on msft is like saying that the people who use 1234 as their luggage combination should go tell samsonite to stick it. now whether samsonite should *let* you be an idiot is another issue that I think is totally valid. but i digress.

in regard to packets, i don't know that I was suggesting that every single packet is logged in a database, but all traffic could *potentially* be flagged by their software. for example, were a terrorist evildoer to amass a botnet and target financial systems (disrupting the stock market could have a devastating impact on our economy), having full access to all internet traffic would allow the government to detect patterns and potentially thwart it. or disrupt it. or figure out who is doing it. whatever.

but my real question was what do you think about the NSA setting up these rooms in the first place? Would you support prosecutions of herders or spammers based upon evidence that was gathered by the NSA using these datamining techniques?

the media had a minor flip out over the concept of big brother monitoring *some* calls, when nobody realizes that not only are ALL calls subject to analysis by the software (but only certain ones "logged" do a db), but all inet traffic is included in this as well. It is FAR more comprehensive than most realize.

if these techniques were used to chase spammers in addition to terrorists, would you object?

Posted by charles | October 31, 2006 2:56 PM
10

Well, since I support the skinning alive and dismemberment of spammers, I'm probably the wrong person to ask.

Posted by Fnarf | October 31, 2006 3:07 PM
11

hahahaha. works for me.

Posted by charles | October 31, 2006 3:08 PM
12
Don’t have HBO? Then how do you watch The Wire?"

Why, I'd imagine they watch The Wire by dowloading it from networks of computers equipped with software used primarily to engage in illegal activity.

In fact, a friend of mine tells me that the entire current season of The Wire has already been made illegally available on these file-stealing networks.

This fact gives me the head-scratchies with regard to Fnarf's paranoid outlook. I mean, if the thing is illegal, and if all the corporations want it shut down, and it's possible to shut it down at the level of carriers and ISPs, well, then, why hasn't the dang thing been shut down already?

In terms of law enforcement, how is a file-stealing network any different from a botnet?

Posted by robotslave | October 31, 2006 6:41 PM

Comments Closed

In order to combat spam, we are no longer accepting comments on this post (or any post more than 45 days old).