The Cyberwar Thread
- Thread starter Glassfan
- Start date
The World Conference on International Telecommunications (WCIT) in Dubai, United Arab Emirates, is taking place now, from 3-14 December 2012.
Proposed Changes to the Treaty And Concerns
Current proposals look to take into account the prevalence of data communications. Proposals currently under consideration would establish regulatory oversight by the U.N. over security, fraud, traffic accounting as well as traffic flow, management of Internet Domain Names and IP addresses, and other aspects of the Internet that are currently governed either by community-based approaches such as Regional Internet Registries, ICANN, or largely national regulatory frameworks. The move by the ITU and some countries has alarmed many within the United States and within the Internet community. Indeed some European telecommunication services have proposed a so-called "sender pays" model which would requires sources of Internet traffic to pay destinations, similar to the way funds are transferred between countries using the telephone.
The WCIT-12 activity has been attacked by Google, who has characterized it as a threat to the "free and open internet".
On 22 November, 2012, the European Parliament passed a resolution which urged member states to prevent ITU activity at WCIT-12 which would "negatively impact the internet, its architecture, operations, content and security, business relations, internet governance and the free flow of information online". The resolution asserted that "the ITU [ ] is not the appropriate body to assert regulatory authority over the internet".
On 5 December 2012, the lower chamber of the United States Congress passed a resolution opposing U.N. governance of the Internet by a rare unanimous 397-0 vote. The resolution warned that ".. proposals have been put forward for consideration at the [WCIT-12] that would fundamentally alter the governance and operation of the Internet ... [and] would attempt to justify increased government control over the Internet", and stated that the policy of the United States is "... to promote a global Internet free from government control and preserve the successful multistakeholder model that governs the Internet today." The same resolution had previously been passed unanimously by the upper chamber of the Congress in September. -wiki
Russia backed by China and India is pushing through a takeover of the internet by a UN supranational agency. Here's an interesting Rand Corp analysis on the strategies of authoritarian states to control and censor the internet.
Alarming concerns over the outcome of the WCIT Conference are widespread on the Web.
The Wilson Center's Panel Discussion on;
"Military and Public Cyber Security"
Part 1
Part 2
Part 3
Participants:
Steve Inskeep, Moderator, Host of NPR's Morning Edition.
Susan Collins, Ranking member, Senate Committee on Homeland Security. US Senator (Me, R)
Jane Harmon, President, Woodrow Wilson International Center for Scholars, former U.S. Representative (Cal. D)
Keith Alexander, General USA, Director NSA, Commander US CyberCom.
Anthony Romero, Executive Director, American Civil Liberties Union.
"Military and Public Cyber Security"
Part 1
Part 2
Part 3
Participants:
Steve Inskeep, Moderator, Host of NPR's Morning Edition.
Susan Collins, Ranking member, Senate Committee on Homeland Security. US Senator (Me, R)
Jane Harmon, President, Woodrow Wilson International Center for Scholars, former U.S. Representative (Cal. D)
Keith Alexander, General USA, Director NSA, Commander US CyberCom.
Anthony Romero, Executive Director, American Civil Liberties Union.
Government jobs website attracts hackers
"The new government jobs website has been described as a "scammer's paradise" after Channel 4 News revealed major security flaws.
Hackers have obtained the personal details of job applicants taken from the government's Universal Jobmatch website, in a bid to highlight the site's vulnerability, reports Channel 4.
The leaked data includes passwords, national insurance numbers and even scans of passports.
Channel 4 found there were no security checks performed on the people who post jobs, and the programme's investigators were able to register as an employer in minutes.
Using details that were clearly false the hackers registered as an employer and gained access to the site posting a fake ad for a cleaning job. This then went live unvetted.
They were then able to quickly garner personal information including passwords and passport and driving licence scans, that can be used for identity fraud or to help access email or online bank accounts."
This is a major problem. Even governments like the UK that possess reasonably advanced Cyber-security consciousness, still allow ignorant, credulous and uniformed software writers (civil servants?) to naively compose their sites without any hacking-awareness or security-mindedness. There's apparently little corporate culture of Cyber-security being promulgated within government. After such embarrassments, how then can government preach to private industry about the dangers? And how can citizens voluntarily trust government with their personally data?
"The new government jobs website has been described as a "scammer's paradise" after Channel 4 News revealed major security flaws.
Hackers have obtained the personal details of job applicants taken from the government's Universal Jobmatch website, in a bid to highlight the site's vulnerability, reports Channel 4.
The leaked data includes passwords, national insurance numbers and even scans of passports.
Channel 4 found there were no security checks performed on the people who post jobs, and the programme's investigators were able to register as an employer in minutes.
Using details that were clearly false the hackers registered as an employer and gained access to the site posting a fake ad for a cleaning job. This then went live unvetted.
They were then able to quickly garner personal information including passwords and passport and driving licence scans, that can be used for identity fraud or to help access email or online bank accounts."
This is a major problem. Even governments like the UK that possess reasonably advanced Cyber-security consciousness, still allow ignorant, credulous and uniformed software writers (civil servants?) to naively compose their sites without any hacking-awareness or security-mindedness. There's apparently little corporate culture of Cyber-security being promulgated within government. After such embarrassments, how then can government preach to private industry about the dangers? And how can citizens voluntarily trust government with their personally data?
Bowsling
Deity
Honestly, I don't get all of the criticisms over the Dubai Conference. It's not even close to what SOPA was. A part of the the article that you posted: "security, fraud, traffic accounting as well as traffic flow, management of Internet Domain Names and IP addresses". This is not going to restrict anybody's ability to pirate stuff, view porn, and do other things that most people find morally reprehensible. It means that they will finally put many chaotic apparatuses of the Internet like DNS under some degree of control. The regulations with security and fraud can't possibly be a bad thing, unless you actually commit these crimes? Traffic accounting would laso be a huge boost to online commerce (the reason that a good part of the Internet actually exists in the first place). Am I missing something in the proposal? What is everybody getting up in arms about, aside from Dont-touch-ma-internetz?
AdamCrock
Polish Pirate
Cyber security and the control protocols were always a hot topic. The Intelligence agencies around the world always have feared the internet for it couses a huge problem. Uncontrolled flow of information, classified operations, national security secrets leaking into cyber-space. The fear is well founded 
Echelon project as a listening device tapped into every communication device on planet and every satelitte on orbit was actually abused to gain idustrial intelligence and for corporate espionage stealing blueprints and projects.
Big Brother awakens as we speak Facebook being on top of my head 
Echelon project as a listening device tapped into every communication device on planet and every satelitte on orbit was actually abused to gain idustrial intelligence and for corporate espionage stealing blueprints and projects.Big Brother awakens as we speak
Facebook being on top of my head Looming cyber attack threatens major banks
"Some of the nation's biggest banks are at risk of a massive cyber attack next year that could potentially siphon funds from unsuspecting customers, according to a leading digital security firm.
"The fraud campaign, known as Project Blitzkrieg, is a credible threat, the Internet security firm McAfee Labs concluded in a new report.
"...the behavior of the Trojan suggests it is a variant of a previous known strain called Gozi. RSA labeled this latest version, Gozi Prinimalka."
"Some of the nation's biggest banks are at risk of a massive cyber attack next year that could potentially siphon funds from unsuspecting customers, according to a leading digital security firm.
"The fraud campaign, known as Project Blitzkrieg, is a credible threat, the Internet security firm McAfee Labs concluded in a new report.
"...the behavior of the Trojan suggests it is a variant of a previous known strain called Gozi. RSA labeled this latest version, Gozi Prinimalka."
*yawn*
Good thing they want money not damage otherwise they could mess up GPS clocks and screw with financial transaction timestamps.
The cyber terror bogeyman
"In many ways, cyber terrorism is like the Discovery Channels Shark Week, when we obsess about shark attacks despite the fact that you are roughly 15,000 times more likely to be hurt or killed in an accident involving a toilet. But by looking at how terror groups actually use the Internet, rather than fixating on nightmare scenarios, we can properly prioritize and focus our efforts."
"In many ways, cyber terrorism is like the Discovery Channels Shark Week, when we obsess about shark attacks despite the fact that you are roughly 15,000 times more likely to be hurt or killed in an accident involving a toilet. But by looking at how terror groups actually use the Internet, rather than fixating on nightmare scenarios, we can properly prioritize and focus our efforts."
AdamCrock
Polish Pirate
I'm supprised noone mentioned Echelon before. If it's not Cyberwar preparations than what is ?
"For six decades, the global Project Echelon has been used to surveil an unknown amount of material with an unknown degree of specificity. While defenders of the project claim that its technology is only used in legal ways, some charge that it is easily abused--and a few have even argued that Echelon has been used to illegally assist with strategy in international business deals."
Very interesting article "Your Conversations Are Being Intercepted: The Truth About Project ECHELON"
Read more at http://www.environmentalgraffiti.co...ruth-project-echelon/8773#PbCTuAoBdIs82f8u.99
"For six decades, the global Project Echelon has been used to surveil an unknown amount of material with an unknown degree of specificity. While defenders of the project claim that its technology is only used in legal ways, some charge that it is easily abused--and a few have even argued that Echelon has been used to illegally assist with strategy in international business deals."
Very interesting article "Your Conversations Are Being Intercepted: The Truth About Project ECHELON"
Read more at http://www.environmentalgraffiti.co...ruth-project-echelon/8773#PbCTuAoBdIs82f8u.99
It's an old Cold War system to surveil and gather intelligence on our enemies. It predates the Internet and so was never intended for Cyberwarfar. However, as the nature of our enemies has changed and evolved, so has Echelon. As an intelligence-gathering system its' functions are mostly defensive in nature - it simply listens. Interpreting the data and acting on it are in the province of USCYBERCOM or GCHQ.
Is it sometimes abused? Sure - isn't everything? Abusus non tollit usum.
I've found in my readings in American History that there are (simplistically) two kinds of people. One kind supports government's efforts to protect the people from outside threats. The other kind believes government is the threat. And so we come down on different sides of every issue.
That poor sad woman in your article, who believes the CIA is literally coming to kill her (One wonders, is she just too far down the list and they simply haven't gotten to her yet?
) is simply confused. When her coworker shared an obviously illegal wiretap - why didn't she report him? Was she truely some kind of victim, or was she part of the problem?
AdamCrock
Polish Pirate
Than again what is the purpose of "hacking" other than malice ? It is gathering data (bank account numbers, ID's , log in's, conversations, military deployment etc.). Echelon is very powerful gathering data tool therefore we can assume it can be called "hacking" device. The "defensive" function of the project is arguable The officials claim that it cannot be used to actually "gain control" of someone's computer or change the content of the gathered information....(Intercept message -> change it -> release it) or maybe it can ? who knows for sure ? If one crazed hacker can hack into government site for example and change the content of the "FBI most wanted list" just using his laptop I believe that Echelon with all that power could be doing even more than that I try not to believe all that conspiracy theories but some are interesting
"When her coworker shared an obviously illegal wiretap - why didn't she report him?"
I think she was too scared and she had realized she is indeed a part of the problem.
The officials claim that it cannot be used to actually "gain control" of someone's computer or change the content of the gathered information....(Intercept message -> change it -> release it) or maybe it can ? who knows for sure ? If one crazed hacker can hack into government site for example and change the content of the "FBI most wanted list" just using his laptop I believe that Echelon with all that power could be doing even more than that I try not to believe all that conspiracy theories but some are interesting "When her coworker shared an obviously illegal wiretap - why didn't she report him?"
I think she was too scared and she had realized she is indeed a part of the problem.
"A white hat hacker breaks security for non-malicious reasons, perhaps to test their own security system or while working for a security company which makes security software. The term "white hat" in Internet slang refers to an ethical hacker." -wiki
Hacking is not neccessarilty bad, as you seem to think. Only when it is indeed malicious is it a cyberattack.
Intelligence gathering is a widely accepted activity. What an entity does with that inteligence is what becomes 'good' or 'bad'.
When the network dies
"Unprepared soldiers are ineffective soldiers, and the rise of the networked battle space has made this ancient wisdom no less true.
"It is curious, then, that when the Army practices operating in contested cyberspace environments, it does so largely in echelons above corps and not throughout the force. What exercises do take place generally understate the likely effects of network outages and overstate our ability to adapt to them."
"Unprepared soldiers are ineffective soldiers, and the rise of the networked battle space has made this ancient wisdom no less true.
"It is curious, then, that when the Army practices operating in contested cyberspace environments, it does so largely in echelons above corps and not throughout the force. What exercises do take place generally understate the likely effects of network outages and overstate our ability to adapt to them."
Did Chinese Espionage Lead to F-35 Delays?
"Anyone who has been following U.S.-China military relations and cyber warfare knows that China has been hacking into the networks of U.S. defense contractors and the Pentagon and rolling out brand new weapons like the J-20 stealth fighter."
"Anyone who has been following U.S.-China military relations and cyber warfare knows that China has been hacking into the networks of U.S. defense contractors and the Pentagon and rolling out brand new weapons like the J-20 stealth fighter."
r16
not deity
- Joined
- Nov 10, 2008
- Messages
- 12,177
ranting on , something odd about Turkey is that we are the only country that didn't try anybody in the Lockheed bribing scandal of 1970s , possibly because we had actual confidence in the Starfighter ; an equally pertinent thing is we have had lots of Air Force officers begging door to door , cap in hand for more secondhand F-104s . We didn't have Steinhofs who had extreme toothaches when testing Grumman's Super Tiger , nor Kammhubers that couldn't coax Mach2 out of a test version limited to 1.65 by the fixed geometry jet exhaust despite being pre-informed . Does that all make us more deserving of the F-35 ? Compared to Uncle Sam's , terror types have it all rosy and sunny .
Similar threads
