After the significant inaccuracies and frequent unsubstantiated speculation in Schneier on Security, I don't think credible security researchers can take his analysis at face value. Additionally, the halo effect of his actual expertise, cryptography, convinces people who aren't security experts that his opinions and speculations are correct. Worse, he rarely frames his speculation as such; he states conjecture as fact. This is counterproductive and leads to confusion among journalists and eventually the general public.
To the imminent downvoters, I'm not offended; I expect it with an unpopular opinion. I'd prefer you engage with a reply in addition to the downvote so we can have a discourse. I think it's important that I add my dissent to the conversation.
Yes, I agree the article is vague, and I'd like to learn more. But this is typical for this kind of backchannel intel. From some sources, through some channels, for some kinds of info - this is all you get. This is business as usual.
Take it in for what it's worth. It's a signal from a sea of noise, nothing more. Maybe it's actionable, but perhaps it's not. Just learn to deal with ambiguity; the world at large is quite different from the rigid boolean-logic computer systems you're interacting with on a daily basis.
You're shitting me, right?
Computer engineers are the last people who think in rigid, boolean-logic ways. It's the general population that does that. If you do any serious thinking in any STEM field, you quickly learn that the world is probabilistic in nature, and ambiguity is what you eat for breakfast. What the technical fields do to manage with it is learn to quantify the exact nature of ambiguity. When you do that, by means of probability theory, you learn that ambiguity doesn't mean "anything goes", there are rules it follows.
Like, backchannel intel may be vague, and this also implies it's likely to not be true (unless you can pull out additional evidence in its favour, like e.g. good track record of the person delivering this backchannel intel; that point is discussed in parallel threads). In a sea of noise, the "signal" you see is most likely a coincidence. Not comprehending this (aka. "seeing patterns everywhere") is one of the biggest sources of irrationality in people.
This rhetoric is patronizing and doesn't contribute to the conversation.
This is a limitation of computers, not the engineers. The engineers are happy to deal with ambiguous information as long as you don't mind ambiguous results.
His post is the very definition of "taking it for what it's worth".
He also cites anonymous sources. These sources agreed with each other and with the public report from Verisign. He explained why he was keeping those sources anonymous.
That is just good journalism.
My comment was juxtaposing it with the accuracy of Schneier's blog and his public statements on computer security.
On this topic, he chose the third option, because he felt that people needed to know, even though he couldn't give specifics. It sounds like you wanted him to pick the first option. If he did, though, it would be the last time he would be able to do so, because his information would dry up.
That's the pragmatic argument. There are also some of us who feel, when you tell someone that you aren't going to blab what they told you in confidence, that you should keep your word...
I do say that it's inappropriate to expect implicit trust after all his previous integrity failures (conjecture as fact, etc). I want to believe this article. I do believe it. But I also can't rely on it, as his track record shows that given the topic of computer security, he will even present unfounded speculation to Congress as fact if given the opportunity.
That's a pity, but I guess it makes sense for him if he wants to exert influence.
Unfortunately too many laypeople take everything he's writing as gospel. Remember when he clearly misunderstood the "xkcd scheme", was called out by pretty much everyone and couldn't even admit that and post a correction? You can be sure that lots and lots of people will dismiss everything looking like it (Diceware!), simply because Schneier erroneously piled heaps of ridicule on it.
Yes, appeal to authority and all that, but I don't have time to fully learn a field to find out if a cryptographer is mistaken.
Also, the point I was making is that if he wants to leave work uncited, it should at least be the work he has actual credibility in.
This is the modern way to ask for upvotes.
Ask for upvotes straight out? The community saw it one too many times and doesn't anymore.
Mention you expect downvotes and that it's an unpopular opinion? People agreeing with you, which there almost always are anyway, will show you support while making potential downvoters think twice.
I was going to upvote, but never mind.
> someone has been probing the defenses of the companies that run critical pieces of the Internet.
...
> China and Russia would be my first guesses.
I don't understand the reverance around Schneier. I first saw him give a talk in 2009, and it was an 'insert town name here' speech about stuff that was blazingly obvious to people who should already know (topic: social engineering and passwords). Yet people were fawning over the talk. It really struck me as a guy who was once great, but is now resting on his laurels - that halo effect you mention.
I get exactly the same feeling from this article. There is nothing in it that we don't already know. What, there are state actors in Russia and China that are effectively at cyberwar with us? Quelle surprise! DDoS attacks are getting more sophisticated? Quelle surprise again! He takes one issue in tech that actually has filtered through to the general public, and makes it sound like he has the inside story. DDoS attacks pick up where they left off last time? Must be the work of an evil genius - no mere mortal could think of that!
I also get that the article is for a general audience, but in that case, the "oo, I can't share details!" bit is just populism. In short, I find his writing on tech to be lots of fluff and little meat.
Perhaps I'd have a different opinion if I grew up with him in his glory days, or if I was more interested in crypto and read his more technical papers, but while I've been on HN, I've never been enlightened by a linked article of his. This is all, of course, personal perception, and he may be a downright top bloke to someone more in the know.
In retrospect we've learned a lot since them and no one (including the author) would recommend developers read that book first or even at all. Now we've come to the understanding that folks are much better served by opinionated cryptosystem design ("no sharp edges") and texts like "cryptography engineering" that have a better focus on failure modes.
Anyway, he's not the be all, end all expert but he has been thinking about this stuff for a long time and often has perspectives that are worth thinking about. Some of them, like his views on airline security etc are now so mainstream that you wouldn't realise he was a big part of why they are now widely held.
But mainly it's that he has a lot of pretty high level gov and industry connections that I would at least entertain his conjecture here.
All of the tech exists in some form or another, but if it were well packaged, it's not hard to see there being a sufficient distribution of members to get people connected easily.
Perhaps in an event like that a decision would be made to temporarily open up the spectrum, but even then there are only so many of us, only so many transceivers out there.
I feel the HAM net would be more useful after a natural catastrophe, where the infrastructure would be destroyed physically. Which is exactly what a lot of us are preparing for.
And there are a lot of them, and at this point if you're into ham radio, it's for the love and you tend to be pretty proficient.
A zero-privacy internet might be better than nothing, but I'm not 100% sure of that.
http://icrobotics.co.uk/wiki/index.php/Turning_the_Raspberry...
and you've basically got the web ;p
at least a one way communication network form
http://www.dailymail.co.uk/news/article-1386978/The-Japanese...
While internet failure mitigation isn't an explicit goal of such projects, their resources might make a good starting point.
Let's safely assume that these servers, every single one of them, are subject to DDoS attacks all the time and have at least some experience in handling them, and have a backup scenario ready for a serious attack. One of the reasons why the root servers are not centralized is to avoid the kind of disaster that Schneier predicts.
Also what if I maintain a list of IP addresses of the websites I visit most and update that list daily. When the "big attack" strikes, I put that list in /etc/hosts. Would I still be able to do my holiday shopping from Amazon? Would I still be able to read the logs on my VPS by ssh'ing to its IP? How long would such an attack sustain before BGP modifications start blackholing the sources? Long enough to let the average TTL cache expire?
Would an attack on the root servers really take down the internet? Or in case Schneier isn't talking about that, what kind of attack on the decentralized internet is actually able to take it all down? I'm not saying he is wrong, but I have a hard time thinking about how we should prepare and protect our infrastructure if he doesn't want to share the intel he knows instead of some generic warnings.
But I never do anything about it.
If they disable/crack/overwhelm the major routers connecting different ISPs (e.g. zero-days or backdoors for router OSes, BGP attacks with cooperation or cracked credentials from some major ISP insiders), then the internet is not going to work for you because your ISP will be simply unable to route your data to where you want.
Are there any good reasons to believe that all major router models don't have backdoors inserted by state actors, either by bribing an insider engineer ten years ago, or even having a manufacturer of some secondary on-board chip (that has direct memory access) insert a hardware backdoor ? We've detected such attempts before, there's all reason to expect that there are some of them active and undetected right now.
* Find a couple of remote security holes in Windows and Android, maybe iOS and Macs as well (Linux would be good too, as lots of servers run Linux and have big bandwidth).
* Write a self-propagating worm which uses your holes to infect a large chunk of machines currently attached to the internet.
* Set your worm so, after an hour or so it starts hammering the root servers.
That mess would be almost impossible to sort out, particularly if you were clever about the traffic you created do it was hard to filter.
The only reason I can think no-one would do this is it's MAD -- no-one's internet would work, why would Russia or China or the US want to take down everyone's internet?
No-one's "internet" would work except for states that had a backup network. In the event of war such a tool would be useful, imagine the panic, chaos.
Another situation could be a major power trying to destabilise another's economy, fiscal warfare?
Could be an interesting, peripherally relevant talk...
Moreover, I don't think it's even possible to reply to posts made from shadowbanned accounts.
If coordinated with an attack against the root nameservers so we couldn't change the .com and .net nameservers, DNS would become a real disaster. If combined with some BGP trickery, you could even see domain names being poisoned.
We should be able to be worked around the damage eventually; but so much of the internet relies on so few root servers/hosts/routers.
I'm not doing the snarky "citations pls" thing; I don't dispute it happened. I just want to know more.
https://en.wikipedia.org/wiki/Cyberattacks_during_the_Russo-...
That needs to change, and the author is right that while there seems to be little to do now, people should be aware of it.
An IP datagram authentication at the lowest level is required so that anyone on the route can detect forgery, error or tempering with the data. This would allow tracking the real sources of DDOS attack, diagnose the cause and fix it.
What's the point of keeping digging deeper trenches ?
This should be a top priority change of the Internet. There was no incentive to move to IPv6. Now there is one to move to a more secure Internet.
See you in thirty years.
Also, IP authentication doesn't help you. DDOS traffic often has real IP source addresses on. It tells you that the traffic is several hundred thousand home PCs. Now what?
We wrote about one way to do this about ten years ago, but no-one was really interested at the time: http://www0.cs.ucl.ac.uk/staff/M.Handley/papers/terminus2007...
And, since each additional node in the bot net has zero marginal cost, why bother trying to hide the device anyway?
Cyber-warfare is the 'new' war and just like any war, misinformation plays an important role.
It's what the author is being told by the people he has spoken too. Maybe a lazy assumption on their part, but it's not lazy writing. And your point is directly addressed in TFA:
"The data I see suggests China, an assessment shared by the people I spoke with. On the other hand, it's possible to disguise the country of origin for these sorts of attacks."
It would be interesting to know the sort of resources needed for this kind of attack/probing. Is it limited to state actors, or could we all play? Is the objective simply to be prepared, or is there a plan afoot?
Per the article, no, we can't all play. We don't have either the bandwidth or the expertise.
It's not the designers fault that so many people are dumb enough to happily give one company a near-monopoly over certain forms of communication.
It's very simple: stop using Facebook for everything. Use different sites/services, or switch to a decentralized service like Diaspora. Otherwise, stick with Facebook for everything and stop complaining when it bites you in the butt, and suffer the consequences when disaster strikes.
As applicable with all areas of life, association is a security risk. By depending upon any centralized authority (such as a server or domain name registrar) you are open to being censored (either by them or an attacker).
At this point however, decentralized web-hosting solutions still rely upon clearnet centralized port checkers, which is (ofcourse) an issue. The best the community can do is help to raise awareness of decentralized web hosting in the hopes more people will adopt it leading to a higher likelihood that the problems will be solved.
Or unless it's the US itself. Not the most likely possibility I think, but still a possibility.
