Please create an account to participate in the Slashdot moderation system


Forgot your password?
The Internet Security

BitTorrent Servers Under DDoS Attacks 352

jZnat writes "CNet reports that popular BitTorrent tracker hosts such as Suprnova and LokiTorrent underwent DDoS attacks on Wednesday (I'll bet you noticed). The culprits are primarily unknown, but these sites were flooded beyond control from the attack. This appears to be striking an interest in revising the BT protocol and Suprnova's interest in making their own protocol."
This discussion has been archived. No new comments can be posted.

BitTorrent Servers Under DDoS Attacks

Comments Filter:
  • Come on (Score:5, Funny)

    by Anonymous Coward on Friday December 03, 2004 @04:07AM (#10983875)
    We all know it's the MPAA and RIAA.
    • Re:Come on (Score:5, Interesting)

      by femto ( 459605 ) on Friday December 03, 2004 @09:00AM (#10984956) Homepage
      You may jest, but read some of the reports coming out of the current Kazza case in Australia.

      For example []:

      The Federal Court heard yesterday that the major record labels are also engaged in a program of actively disrupting the file-sharing network by bombarding it with billions of decoys and spoofs that pose as song files.

      On the bright side, the article also contains the following quote from the judge:

      The judge said it was important that any legal remedy did not trespass on freedom of communication. "You are entitled to protect copyright. You are not entitled to control the internet," he said.
    • by WebCowboy ( 196209 ) on Friday December 03, 2004 @01:08PM (#10987794) longer than that. It could be an intriguing investigation...kind of like "who shot JR".

      RIAA if I'm not mistaken lobbied (unsucdessfully thank goodness) to have legislation put in place to permit them to hack into suspect computers at their discretion if I recall, and MPAA is just another pea in that IP-hoarding pod.

      Other suspects? There are too many to mention, but boradly speaking they might fall into one of several categories besides the above:

      * Large closed source software vendors or someone connected to them (Microsoft, etc). They would be trying to shut down a big source of piracy. I doubt it is Microsoft, they are not that dumb. In any case suprnova et al are not the right target...that is shooting the messenger, not the perpetrators who make use of their resources.

      * One of the above-mentioned perpetrators (copyright violators who up/download cracked software and movies). I've noticed that a sizeable minority of heavy BT users out there are immature and petty (probably teenagers sequestered in their basements). If they are knocked off suprnova or similar sites or are slagged in a community forum they get all out of joint and retaliate. The stupid turds brought it on themselves and such retaliation is not warranted.

      * Some of the seedier on-line proprietors, such as those who run revenue generating sites imitating the free, because if the free sites go away it might steer more revenue to them. I wouldn't put it past them

      * Commercial porno sites. P2P networks are full of porn (you don't even have to search on an obvious sexual keyword sometimes) and it is pretty much all ripped off of some pay site. Most (not all, but most) on-line porn businesses are run by people lacking morals and intelligence (witness the whining by one porno purveyor about Google caching thumbnail images and deep-linking into his site with regard to the latter). SO it is very likely a porn-vendor arranged the dDOS attacks.

      Part of me hopes it really was RIAA or MPAA...they are cartels that are unhealthy for the industry and it would be cool if there was finally a reason to shut them down. However, I think it's one of the latter 3 groups I mentioned.
  • by Anonymous Coward on Friday December 03, 2004 @04:08AM (#10983879)
    RIAA adopting Lycos's tactics?
    • or lycos selling it's services, or mpaa/riaa spamming on behalf of suprnova to get them attacked?

      talk about a can of worms, that lycos screensaver...
    • I wonder if it was a put-up job by the Spammer's Alliance to show us all that DDoSing is really a bad thing.
    • by MickLinux ( 579158 ) on Friday December 03, 2004 @09:27AM (#10985128) Journal
      You know, I have 5 moderator points, and I just couldn't find a single good post to mod up, here. So I'll say what I think needs saying.

      How do you know that the Lycos spam-DDoS screen saver *isn't* what is taking out bittorrent?

      I can think of a number of possibilities, any of which might be worth investigation.

      (1) - As was mentioned elsewhere, it *could* be that lycos is leasing its services out to the RIAA.

      (2) - It could be that the spammers are using Bittorrent servers

      (3) - It could be that the spammers have hijacked the bittorrent servers (as I understand, a lot of bittorrent hijacking has come from China. Perhaps not coincidentally, a lot of spammers use servers in China to host their activities.)

      (4) - It could be that the spammers have somehow masked their servers' real identities to look like bittorrent servers.

      There are a few possibilities that might be worth checking out. Anyhow, I'll hold onto my 5 points, I guess. Shoot, I might just deposit them in the bank and wait till inflation takes em out.

      Slashdot just ain't what it used to be (as you can tell by looking at my low slashdot ID number).
  • by Infinityis ( 807294 ) on Friday December 03, 2004 @04:08AM (#10983880) Homepage
    As if that weren't enough, now they'll most certainly feel some variant of the Slashdot effect as people try to check it out. Way to go!
    • by MC Negro ( 780194 ) on Friday December 03, 2004 @04:26AM (#10983961) Journal

      As if that weren't enough, now they'll most certainly feel some variant of the Slashdot effect

      No linky in the blerb. Most of slashdot has adopted the custom of simply middle-clicking a link to a new tab and then avoiding all forms of digesting information from that opened link (it's what's fashionable now). I seriously doubt the average Slashdot reader will take the time to resort to the arcane practice of TYPING URLs simply to simulate the view of smoldering server ashes. They'll wait until IBM releases the their next voice-to-text software program ("UNCLE SPEAK & SPELL, ENTERPRISE EDITION") for that.

      Although I was hoping for a link in the blerb. Maybe that would induct "Best Gang-Raping of a Server" into the awards section.
    • by Raul654 ( 453029 ) on Friday December 03, 2004 @05:04AM (#10984068) Homepage
      You have a fatal flaw in your logic. You are assuming that people will read the article.
  • by Infinityis ( 807294 ) on Friday December 03, 2004 @04:10AM (#10983890) Homepage
    Future Slashdot headline: Lycos apologizes for wrongly targeted DDoS attacks
  • by dncsky1530 ( 711564 ) on Friday December 03, 2004 @04:12AM (#10983897) Homepage
    I would like to know whether and were hit by the DDoS attacks. They try and maky money of the popularity of and there are a number of people that actually get suckered into paying those sites.
  • So it's time to... (Score:5, Interesting)

    by WARM3CH ( 662028 ) on Friday December 03, 2004 @04:15AM (#10983907)
    So it's time to switch to a serverless network under an open-source project? You mean something like Kademlia in the eMule []?
    • by Anonymous Coward
      or Gnutella, with a shitload of open source clients.

      or Gnutella2, with Shareaza and Gnucleus and a few others.

      or Freenet... or OpenFT...
      • by mrogers ( 85392 )
        Gnutella is pretty easy to DoS, just launch as many queries as your connection can sustain, all with max TTL. Gnutella2 might be even easier because you can focus on superpeers. Not that they're bad filesharing systems, but whoever is DoSing BitTorrent could probably DoS Gnutella just as easily.
    • Next-gen P2P? (Score:5, Informative)

      by Alwin Henseler ( 640539 ) on Friday December 03, 2004 @06:03AM (#10984266)
      So it's time to switch to a serverless network under an open-source project?

      A network with no central servers or even 'supernodes' reduces the effect of DoS-attacks, and leaves no single person or company to attack with a lawsuit. But that alone isn't enough. Other problems remain, like the privacy issue. Many P2P networks reveal IP addresses of nodes on 'the other end'. Thus, after retrieval of a file, you know from what IP address(es) the file came from. That leaves the network vulnerable for attacks or legal steps against individual users.

      To prevent this, it must be impossible to find out who/where a retrieved file (or search query) actually came from (IP, geographical location or otherwise).

      Besides the well known Freenet [], there's another promising one called ANts []. From what I can tell, it works by passing data between nodes, without passing info on the endpoints where data is coming from/going to. Each node passes data on, but doesn't know if the next node will keep it, or in turn pass it on to yet another node in a path. IP addresses are replaced with a virtual 'network ID' (regularly discarded), and combined with encryption, a single node can't tell what it's passing on, where it came from, or where it's going. IP addresses are only known for a few neighbours it contacts directly. For an analogy, think anonymous remailers. The project page also mentions something similar called MUTE []. I guess you could call projects like this 3rd generation P2P networks. Looking forward to it! (and please add if you know more like these)

      • Re:Next-gen P2P? (Score:5, Informative)

        by mrogers ( 85392 ) on Friday December 03, 2004 @07:58AM (#10984602)
        There's also GNUnet [], which is similar to Freenet but with files broken up into equal-sized chunks to allow parallel downloads. All these systems are fine for avoiding an adversary like the RIAA that has limited powers and only wants to collect a few IP addresses for lawsuits, but they shouldn't be considered anonymous or censorship-resistant in any strong sense. Freenet, MUTE and JetiAnts can be DOSed pretty easily and GNUnet's anonymity can be undermined []. I'm researching censorship-resistant communication for my PhD so I've got a literature review [] and bibliography [] online if you're interested.
      • One that I've been thinking of for a while is Kademlia-over-Tor. It seems like a natural matchup, and if you packaged the Tor client with SecureMule (or whatever you'd call it) it would only be maybe six times slower than normal. :)

        Another nice advantage: suddenly firewalls don't matter, since every computer is connecting outwards to servers.

        On the other hand, a nice stopgap solution is to just force eMule to route through Tor right now. You end up with a LowID but it works. Especially if you don't demand
    • They're already working on it. 24 4&tid=95
  • bad guys (Score:4, Informative)

    by l3v1 ( 787564 ) on Friday December 03, 2004 @04:17AM (#10983915)
    Whoever was responsible, it surely isn't one of the many-many, oh yes, and many other :) people, who use bittorent regularly to fetch stuff. That is, we all have some hunch who might be the bad guy: a). those who oppose all forms of sharing (won't name them, you know those bad, bad, bad guys in associations :) needn't have been themselves personally, but you know this alright b). somebody who just has something against suprnova or the others.

    • Re:bad guys (Score:2, Informative)

      by shashark ( 836922 )
      Napster creator unveils new company [] Any Coincidence ?
    • Re:bad guys (Score:5, Insightful)

      by Qzukk ( 229616 ) on Friday December 03, 2004 @09:12AM (#10985034) Journal
      The sad thing is that it probably wasn't the MPAA or the RIAA. I've seen this over and over on several IRC networks (dalnet especially). Some idiot gets banned from their favorite channel, and instead of taking it like a man or going home and crying themselves to sleep, they get pissed off and start DDoSing the entire network. Since they got kicked, they have to ruin the fun for everyone.

      I'm sure that in the end it will be something along these lines: someone in the forum started flaming, words were exchanged, feelings were hurt, and some pimply-faced 14 year old decided to get even.
  • Own protocol? (Score:5, Interesting)

    by tod_miller ( 792541 ) on Friday December 03, 2004 @04:19AM (#10983930) Journal
    Suprnova's interest in making their own protocol.

    I am all up for new protocols, but there is a reason why we do not have:

    http, httmyp, tthpp, hhtp, mshttp [I wouldnt doubt], SCOhttp, HPhttp

    Don't fragment the issues, work on a common protocol, if we can uncouple protocol and application (which has happened in all major networks I think) then good.

    Go for it! but make it open.

    I kinda knew bit torrents would be attacked, can't they just publish the ip's that are attacking them, and get us to click on them a bit?

    teardrop attack?
    • by Kjella ( 173770 ) on Friday December 03, 2004 @07:09AM (#10984419) Homepage
      ...there's just too many variables that are directly opposing.

      Central vs decentral
      Peers vs supernodes vs superservers vs tracker
      Anonymity vs speed
      Integrity vs fuzzy search
      Search by content vs by index vs by hash vs...
      Routing vs direct links
      Indexing vs index poisoning
      Trust vs anonymity
      Leeching vs control

      It is impossible to create a network that can achieve all of them at once.

      Http is by comparison a trivial protocol. It involves only the connection between two hosts. Creating a virtual network of P2P clients is more like reimplementing the whole of layers 3 (IP), 4 (TCP), 5 (sessions) in the OSI model.

  • Dammit! (Score:5, Funny)

    by halcyon1234 ( 834388 ) <> on Friday December 03, 2004 @04:22AM (#10983947) Journal
    I knew I shouldn't have installed that new screensaver from the MPAA.
  • by Anonymous Coward
    I've used bittorrent a fair bit for downloading and upload large files which either I own the copyright to, or the person distributing them does.

    It's very good indeed when you want to distribute something from a slowish adsl line to maybe 30 or 40 people.

    I was somewhat dismayed when I first found out anout these bittorrent file sharing sites because they are leading to bittorrent being considered a tool for "illegal" file sharing when it's clearly a very useful general tool too.

    Of course I'm not happy th
  • A perfect example (Score:5, Insightful)

    by centipetalforce ( 793178 ) on Friday December 03, 2004 @04:37AM (#10983983)
    This is a perfect example of why it's not quite right to take the law into your own hands against someone who you **feel** is wrong.
    I have had my site targeted before, and I run a completely legit, whitehat site. Just because someone thinks they're better off financially without a competitor does not mean he's justified to try to take me down.
  • The culprit (Score:2, Funny)

    by Vulcann ( 752521 )
    Lets see now....

    I would be interested in doing a DDoS attack like this...
    1. If I was a rival service trying to kill these guys.
    2. If I were MPAA and wanted to kill these buggers off Blaster style.
    3. If I were some dumb script kiddie trying to make a statement because of want of attention.

    Point 1 doesnt make sense because it would make more sense for my service to figure out a way to plug into the rival network and siphon off they're shares. It would get me more notice and wont get me noticed as a nasty SO

  • by captaineo ( 87164 ) on Friday December 03, 2004 @04:43AM (#10983999)
    I ran a very small BitTorrent tracker for distributing our videos. (2 torrents, very few clients)

    A few weeks ago we started receiving a massive attack, mostly from client addresses in Asia.

    The attack wasn't a DDoS per se - they were just "hijacking" my tracker by using it for their own torrents. But the volume of traffic (>100 requests/sec) had the effect of a DoS attack.

    I was surprised that the standard BitTorrent server does not have some way to prevent unwanted torrents from appearing on your tracker. I was also surprised that my "small-time" tracker (only named by via 1 web page) attracted such a hijacking.

    I will not run a tracker without the ability to deny usage to unwanted torrents. Although I'm uncertain about running any tracker at all now, since the hijack basically killed our internet connection.

    At the very least, do not run a BitTorrent tracker on a critical DNS name like your primary web site. The attacking clients in my case were all performing DNS lookups. (I could tell they were attacking a DNS name, not an IP address, by changing my DNS entries). Luckily I had used a separate DNS entry for the tracker, so I just pointed it to to stop the attack. But if I had used my primary web server's address, I'd be in real trouble.
    • by Pathwalker ( 103 ) * <> on Friday December 03, 2004 @05:10AM (#10984092) Homepage Journal
      I was surprised that the standard BitTorrent server does not have some way to prevent unwanted torrents from appearing on your tracker.

      Of course BitTorrent has a way to restrict the torrents a tracker will serve.

      You set --allowed_dir and point it at a directory containing the torrents you want to allow.

      I know it's been supported since 3.4.1a at the latest.
    • by m00nun1t ( 588082 ) on Friday December 03, 2004 @05:22AM (#10984137) Homepage
      I had a look at to see what "videos" you are talking about. There's some really kinky videos there - pervert.
    • by Nogami_Saeko ( 466595 ) on Friday December 03, 2004 @06:51AM (#10984374)
      It's a good point about using an alternate address for your tracker - or even using an alternate static IP for that box if you have one available.

      Most (all?) torrent servers offer an option to reject unauthorized external torrents though. I personally use Azureus, which is a great bittorrent client, as well as a server. There's an option in there to reject serving torrents that aren't authorized by the admin.

  • Supernova is up (Score:2, Redundant)

    by gordgekko ( 574109 )
    Supernova is up as of a few minutes ago but I can't get to Lokitorrent.
  • by Vertigo01 ( 243919 ) <> on Friday December 03, 2004 @04:50AM (#10984023)
    As of right now (0047 : 03/12/2004 GMT-8) Loki Torrent seems to be dead... Slashdot effect? or another DDos ? (or is there a difference?)

  • ouch.. (Score:3, Interesting)

    by sinner0423 ( 687266 ) <{moc.liamg} {ta} {3240rennis}> on Friday December 03, 2004 @04:50AM (#10984025)
    I'm not sure who is going to give any sympathy over this, they are just glorified warez sites, after all.

    Although this DoS does highlight the largest problem with BitTorrent - it still relies on a central(tracker) server to operate.

    I believe it's that specific "function" of BT that got me one of those nifty letters [] in the mail. I can't see any kind of a workable solution to this problem, everything that has to do with file trading has an entry point somewhere along the line.
  • Why we need another one? I mean besides the web links (which emule provides for)the reason Bittorrent has become so popular is for it's centralized nature. Not 30 thousand random files we search though, but picked files, somewhat filtered though for quality. I can't see how this is going to replicate that experiance and be decentralized. What is significantly different?
    • It's not centralization that prevents you from having to search through 30,000 random files, it's the ability to link to a particular file in a verifiable way. Merkle hash trees [] can achieve the same thing in any filesharing network. In a hash tree the file is broken up into equal-sized chunks. The chunks form the bottom layer of the tree. Each chunk is hashed, and the concatenated hashes form the next layer of the tree. Repeat until there's only one hash, and that's your filename. You can request branches
  • How is this different from how has behaved lately? For the past ten days or so, they have been down more than they have been up. Either DDoS attacks have started long before Wednesday as reported, or they really are as incompetent as I thought they are when it comes to administering a web server.

    (Disclaimer: I suck at Apache)
  • by gnuASM ( 825066 ) <> on Friday December 03, 2004 @05:05AM (#10984072)

    I find it interesting that the focus with regards to DDoS attacks that I have read about is not on proper security and precautions, but rather the client/server applications being attacked. Because your Apache server is DDoS'd, does that mean you distribute your website through ftp? Of course not, you take further security precautions and strengthen your protection against DDoS attacks. Why then should there be a need to "create a new protocol" to "protect" from attacks?

    Protocols in and of themselves do not inherently have protection from these kinds of attacks. That is not the purpose of a protocol. The purpose of a protocol is to establish an agreed method of communications between two or more identified systems in a connection. This is where the problem persists: identification.

    DDoS is not successful because it overrides the buffers or socket space for connections to a server. It is successful because these sockets are kept open longer than they should be.

    What a server needs is not a "secure" protocol, because any protocol (method of communication) can be compromised so long as the attacker can make the protocol believe that an identified, valid entitiy has made a connection and intends to communicate.

    Instead, system administrators need to strengthen the rules in their firewalling and subsystem (kernel) to improve the latency of the socket states so that the system will not fail when attacked. I believe GNU/Linux has many tools available as well as kernel modules already available in order to accomplish much of this already.

    Rather than wasting time in creating YAP (Yet Another Protocol), the time and effort may be better utilized creating the system and firewalling tools needed to combat DDoS at its root.

    This brings it even further to the point of not necessarily even having to reconfigure and install and reconfigure again the varied tools needed for server-side protection, but even look as close as the router itself and the built-in firewalls there.

    I believe even Cisco has given some hardware advice for DDoS here [].

    We don't necessarily need to be creating so much as we should be perfecting and improving.

    • by Kjella ( 173770 ) on Friday December 03, 2004 @07:21AM (#10984443) Homepage
      The best answer to a distributed attack is a distributed network. If no node in the network is essential to its operation, such an attack isn't possible. probably doesn't want to be the world's supplier of content, even without the DDoS part. I find your reasoning completely backwards. Why should your Apache server be the only server?

      If you had a dozen mirrors hosted around the world, it'd be much harder to take down. With web pages, you can do that. With trackers, you can not. Not yet. Because the protocol doesn't support it.

  • by blue_monki ( 566509 ) on Friday December 03, 2004 @05:12AM (#10984101) Homepage Journal
    Suprnova isn't a tracker :) If you want to put something up on it you have to find your own tracker first!
    • Yes but... if you can't find the .torrent file in the first place, then the fact that the tracker isn't affected isn't of any use to you... I've noticed several torrent agglomerator search sites dissapear under strange circumstances... one last week was the subject of a domain hijack... others have gone down under heavy load, so I suspect they've been DDOS'ed as well
  • The culprits are primarily unknown, but these sites were flooded beyond control from the attack.

    'flooded beyond control' indeed - 'beyond control of the group monkeys pretending to be network administrators' might be a more accurate summary.

    My advice is to get a better provider, one with Arbor's [] Peakflow or similar home grown solution in place, for example.
  • by JThundley ( 631154 ) on Friday December 03, 2004 @05:47AM (#10984213) Homepage
    It is official; Netcraft confirms: Bittorrent is dying.

    One more crippling bombshell hit the already beleaguered Bittorrent community when IDC confirmed that Bittorrent market share has dropped yet again, now down to less than a fraction of 1 percent of all P2P services. Coming on the heels of a recent Netcraft survey which plainly states that Bittorrent has lost more market share, this news serves to reinforce what we've known all along. Bittorrent is collapsing in complete disarray, as fittingly exemplified by failing dead last [] in the recent Sys Admin comprehensive networking test.

    You don't need to be a Kreskin [] to predict Bittorrent's future. The hand writing is on the wall: Bittorrent faces a bleak future. In fact there won't be any future at all for Bittorrent because Bittorrent is dying. Things are looking very bad for Bittorrent. As many of us are already aware, Bittorrent continues to lose market share. Red ink flows like a river of blood.

    Azureus is the most endangered of them all, having lost 93% of its core developers. The sudden and unpleasant departures of long time Azureus developers Bob Wentz and J.D. Stone only serve to underscore the point more clearly. There can no longer be any doubt: Azureus is dying.

    Let's keep to the facts and look at the numbers.

    BitTornado leader TheShad0w that there are 7000 users of BitTornado. How many users of burst! are there? Let's see. The number of BitTornado versus burst! posts on Usenet is roughly in ratio of 5 to 1. Therefore there are about 7000/5 = 1400 BitTornado users. Bittorrent posts on Usenet are about half of the volume of BitTornado posts. Therefore there are about 700 users of BSD/OS. A recent article put FreeBSD at about 80 percent of the *BSD market. Therefore there are (7000+1400+700)*4 = 36400 FreeBSD users. This is consistent with the number of FreeBSD Usenet posts.

    Due to the troubles of Walnut Creek, abysmal sales and so on, FreeBSD went out of business and was taken over by BSDI who sell another troubled OS. Now BSDI is also dead, its corpse turned over to yet another charnel house.

    All major surveys show that *BSD has steadily declined in market share. *BSD is very sick and its long term survival prospects are very dim. If *BSD is to survive at all it will be among OS dilettante dbblers. *BSD continues to decay. Nothing short of a miracle could save it at this point in time. For all practical purposes, *BSD is dead.

    Fact: *BSD is dying

    Jesus Christ this trolling shit is hard to do. I know I left the other half with BSD :(
    • by hrm ( 26016 ) on Friday December 03, 2004 @06:32AM (#10984335)
      You can tell slashdot culture is going down the drain when even the trolls can't be bothered to send in a properly updated post.

      Not just you, but the old people in Korea and Soviet Russia are absent as well. And who's imagining beowulf clusters of bittorrent sites these days, even if it's in Japan?

      The ./ posts confirm it: trolling is dying!

  • by Anonymous Coward on Friday December 03, 2004 @05:47AM (#10984216)
    STOP MENTIONING SUPRNOVA .. you're ruining it for everyone who actually knows what the hell it is... please stop!!!
  • Almost a week ago, eMule's [] default IRC network (LiquidIRC) was DDoS'ed and Floodbot'ed []. LiquidIRC has been taken down for an unknown amount of time due to the attacks..

  • by Nightbrood ( 6060 ) on Friday December 03, 2004 @06:33AM (#10984337)
    While these two sites may be the biggest sites that we know of under DDoS attacks to me it seems to be more widespread. I am a moderator of a small Mazda enthusiast forum and we underwent a variety of DDoS attacks pretty much all night from varying addresses. I have no clue why someone would want to DDoS a small non-profit forum (we have our own server) but seems to me like and the other BitTorrent sites are just collateral in a much larger game.

    Luckily for us, we have a very good admin and he was updating the firewall rules pretty much left and right. Site never went down but at least we weren't posted on the front page of Slashdot either... then things would have been a bit different.
  • first the spammers (Score:2, Insightful)

    by Anonymous Coward
    and no one spoke out.
    then it was bittorrent, and no one spoke up.
    then its your own connection...
  • lokitorrent [] is still down as of Friday morning... ouch.
  • Perhaps the spam sites that are being DDOSed by Lycos include these sites, either because the DB of spam sites is wrong, or the spammers have re-directed (perhaps at DNS level) the traffic....
  • Nostalgic (Score:3, Interesting)

    by mattr ( 78516 ) < minus cat> on Saturday December 04, 2004 @12:34PM (#10996462) Homepage Journal
    Well, I have a story from 1995 in Japan when I started one of the first couple of ISPs in Japan. One guy who didn't understand the net came into our tiny humming office and said he wanted us to build a "missile" that he could use to shoot at other people (well I guess computers) through the net. I gave up talking to him and showed him the door. Is Tenet asking for manufacturers to voluntarily provide the keys and a blind eye to give the government the ability to do this sort of thing? Say to shut down a spam zombie computer or to get the street address of any node on the net? Well.. aside from that anecdote I think this calls for the following analysis.

    In the following excerpt by the past head of the CIA,

    line 1 is either (a) silly, (b) evil, or (c) intelligent depending on your point of view. Silly because it sounds like sticking your finger in a hole in a dike; evil because it could mean anything draconian; intelligent in case it happens to be only talking about companies running critical infrastructure, who would maybe have to take rigorous security audits or not be allowed to have those facilities online. (c) makes sense but is the lowest probability, since the talk was made intentionally very vague and without press.

    Line 2 similarly is (a) silly or (b) evil if talking about anybody not running sensitive infrastructure, and (c) intelligent if talking about the critical facilities. Line 3 sounds like he wants software companies to be more careful about security. Sounds like a good thing but then again what the CIA calls security is smoke and mirrors for ulterior motives, control, and punitive damage (until recently only outside U.S. borders), whereas most other people would call building strong personal firewalls and encryption security because it keeps the individual owner safe. No stomach for multiple choice here. Perhaps he has an occupational disease which prevents him from saying anything clearly and putting himself on the line? No chance of rehabilitation for this guy. Even if he was I guess the successor of the President's father or something like that. Maybe he should take up skydiving?

    My analysis is that this is a retired professional scary guy trying to be relevant but incapable of doing anything but sounding silly or scary to anyone with a brain. People without brains generally think he's smart, etc. Which is too bad because if he could learn to speak more clearly he would be more effective and might have something useful to say about dealing with cyber-security threats (though I'd rather hear from the NSA's linux team about it than from a failed spymaster). This is why businesspeople in the real world never listen to government types. They can never say anything useful about anything directly, it is always vague scariness about vapor policies with a hint of powerplay behind it. BORING 90s SHIT!

    Access to networks like the World Wide Web might need to be limited to those who can show they take security seriously, he said.

    Mr. Tenet called for industry to lead the way by "establishing and enforcing" security standards.

    Products need to be delivered to government and private-sector customers "with a new level of security and risk management already built in."

System restarting, wait...