Cambridge Breached the Great Firewall of China 250
Darren Rayes writes to mention a ZDNet article on Cambridge academics' claims that they have breached the great firewall of China. They also claim that by misusing the firewall they can launch DDoS attacks against IP addresses behind the wall. From the article: "The IDS uses a stateless server, which examines each data packet both going in and out of the firewall individually, unrelated to any previous request. By forging the source address of a packet containing a 'sensitive' keyword, people could trigger the firewall to block access between source and destination addresses for up to an hour at a time."
Legal action against Cambridge? (Score:5, Insightful)
What about those inside China using those exploits for legitimate ends?
Is Cambridge indirectly helping the Chinese government to fix firewall issues?
Are Cambridge researchers after fame at the expense of the freedom of the Chinese people?
Re:Congratulations (Score:4, Insightful)
Solution? (Score:5, Insightful)
What does slashdot think about this?
Re:Legal action against Cambridge? (Score:1, Insightful)
hard to believe (Score:2, Insightful)
Re:Solution? (Score:3, Insightful)
Their population accepts a lot worse than losing Internet access.
I don't think a government that rolls tanks over dissidents is going to worry too much about cutting off their Internet.
Re:hard to believe (Score:4, Insightful)
Stateful firewalls scale poorly.
Re:Congratulations (Score:2, Insightful)
Insecurity by obscurity.
www.PeenieWallie.com [peeniewallie.com]
six of one... (Score:5, Insightful)
Certainly TFA suggests that the DoS attack could be used against chinese government computers, but this could also be used against chinese citizens. An exploit is, after all, an exploit. So I would suggest that in the case of the DoS attack, reporting it to the appropriate people - in this case the Chinese authorities - was the right thing to do.
Unfortunately, in this case, the very flaw that allows a DoS against machines within China also permits those inside the firewall to ignore the resets sent back, so by reporting the DoS, they've also reported how the censorship can be circumvented. (or, by discovering the censorship circumvention they've unfortunately stumbled upon a DoS attack).
In this case, I really don't think that there is a One True Answer.
Re:I wonder... (Score:3, Insightful)
National Security (Score:5, Insightful)
Couldn't the Chinese government view this as an act of terrorism? In the interest of national security the Chinese government will start an ambiguous "War on Terror" after the the US "War on Terror" and "War on Drugs" which are _also_ unwinnable and declared solely to keep the ruling party in power via fear.
Re:should we slashdot china's firewall?.... (Score:3, Insightful)
Cyber Attacks, a good thing?? (Score:5, Insightful)
Oblig. Monty Python (parody) - The Terrorist Song (Score:4, Insightful)
by Usurper_ii
(Sung to the tune of Python's The Lumber Jack Song)
I'm a terrorist and I'm OK
I read at night and I work all day.
The Government:
He's a terrorist and he's OK
He reads at night and he works all day.
I read a lot and I seek the truth
I go to the lavatory.
After OKC, I saw some things that didn't make sense to me.
The Government:
He doesn't believe our story about OKC,
We monitor when he goes to the lavatory.
On Wednesday night, he went to an unapproved web site.
Chorus:
He's a terrorist and he's OK
He reads at night and he works all day.
When, after 9-11 didn't all add up,
I met with others on the net, to talk it up.
The government:
He didn't believe our story about 9-11.
We followed him to unapproved web sites after hours.
In our report, well say he had bomb-making materials under his sink.
Chorus:
He's a terrorist and he's OK
He reads at night and he works all day.
I don't think a plane hit the Pentagon.
I think the World Trade Center buildings fell all wrong.
I wish I could convince my dear ol' mom!!
The government:
He's a terrorist and we're going to make him pay?!
We read his e-mail and didn't like what he had to say?!...
Just me:
I wish I'd been born, back when America was really free!!
The Government:
He's a terrorist and we're going to make him pay
He reads the Constitution and knows his rights.
He's just like McVeigh, Bin Laden, and al-Qaeda!!
Chorus:
He's a terrorist and he's OK
He reads at night and he works all day.
Re:That isn't technically a DDoS (Score:3, Insightful)
RTFA. The attack can be either from a single machine, or it can be distributed. The source of the attack is unimportant. Either a single machine can generate the packets containing proscribed words, or the task can be distributed across many machines, it is therefore perfectly correct to describe it as either a DoS or a DDoS.
FTFA:
Even though this technique would block communication between only two particular points on the Internet, the researchers calculated that a lone attacker using a single dial-up connection could still generate a "reasonably effective" denial-of-service attack. If an attacker generated 100 triggering packets per second, and each packet caused 20 minutes of disruption, 120,000 pairs of endpoints could be prevented from communicating at any one time.
Note that at no point was it suggested that either of the end-points in the attack need be involved. Ergo, anyone who is able to establish the appearance of an IP packet travelling from a destinatioin to a source is able to establish the appearance of an arbitrary number of packets travelling from an arbitrary number of destinations to a target source. If this is possible, then an arbitrary number of computers are able to send the manufactured packets, and you have a DDoS attack - it is distributed.
Indeed, reading the attack, it makes no sense for the attack to be a concern if a single source, and a single source only, is able to mount the attack, because the sole effect would be for that source to self-censor itself to a Chinese source. Precisely the opposite effect of the concern described.
Re:Congratulations (Score:3, Insightful)
They're academics.
Their whole raison d'etre is to learns and share their learning. The information itself is ethically neutral. It can be used for good or for bad.
Re:Legal action against Cambridge? (Score:3, Insightful)
Believe it or not, even America has to say "wow, China, you get to run your own country today" once in a while.
Re:Legal action against Cambridge? (Score:3, Insightful)
The govt record aside, what exactly prevents two enforcers from the Russian mafia walking into the house of the technical staff responsible for Clean Feed in the middle of the night with a gun?
Currently nothing.
Phishing is netting them less and less people and most of the ones they catch nowdays in English speaking countries are sore losers with nearly empty bank accounts in "fringe" banks and building societies. Compare that to the number of account details they will catch just in one evening by redirecting all traffic to Barclays via a man-in-the middle. All they need is to simulate some "service problems" and repeat the login page 2-3 times to capture all numbers in the pin. After that...
Once you have deliberately built a provision to redirect all traffic in your network this can be used for all kinds of interesting purposes. It is only a matter of time until it is used for a heist of the scale seen in armed bank robberies.