A true l33t cracker would NEVER engage an enemy with something as petty as violence or death...

He or She would realize that only escalates and encourages fear, he or she would engage the world with words.

One of the worlds most admirable and effective Social Engineers said: "There are many causes that I am prepared to die for but no causes that I am prepared to kill for."

Well, I wouldn't call them n00bs firstly... and secondly, most of the technically-savvy geeks/nerds I know read Slashdot and find out new and interesting stuff from here.

One of the best things about Slashdot is if you write something on here, ALOT of people will take notice. So if by providing solutions/information that people can read and take away to tell other non-technically-savvy individuals helps protect at least one person from being scammed, I'm more than happy to yell on Slashdot about it ;)

Don't have multiple tabs/windows open while you're doing your online banking!!!

Oh, and use NoScript!

Preaching to the converted here my friend...

I immediately thought of this topic when I was reading the BGP article and thinking about the implications of a hierarchal structure (incidentally, they can pretty much "disconnect" direct connections between eachother NOW if they want to... but of course we can route around it, if required - adding encryption/PKI doesn't make all that much of a difference if people don't enforce it).

See, Governments are still duking it out (Diplomatically and Militarily) while their populations talk to eachother on the net' - the wonderful thing about this is I can talk to you, not knowing if you're White, Black, Green, Yellow, Blue, Purple, Male, Female, American, French, Canadian, Belgian or Martian... if you call me an idiot, I can't say "You called me an idiot because I'm (insert racial/gender type here)", well, I CAN, but you can reply... "I didn't know that, but I still just think you're an idiot!".

The concept of a Worldwide Global Communications network with almost ubiquitous availability is something we really haven't had for along time, it's going to take the Governments of the world a bit of time to get their head around it... Personally I think the Politicians/Diplomats of the world should read The Truth by Terry Pratchett (if they haven't already), as it has alot of similar concepts regarding local, social, and geo-political issues in it, just with a different "new" Technology.

I don't mean public networks, I mean private ones, SWIFT for instance..

Has been a few years since I've worked in the finance arena, but I thought each BIC code was signed (or at least they were talking about it while I was involved in that area) and things like MQSeries channels between nodes that were used for transporting data have been SSL/TLS encrypted for ages? I remember doing it actually, MQ Version 5.2 (or 5.3?) included SSL-over-channel functionality.

Anyways, I'm sure it's being taken care of, maybe get in touch with your bank and ask them if you're concerned?

I wouldn't do it (I don't even have an AS to play with anymore), and it's rather more complicated than my explination made out...

I think a possible way to implement this would be a Hierarchical model where IANA has a top-level certificate for the trust and then it signs each regional NICs certificate, and they sign AS's which sign their subnets, then IANA could ask various NICs to revoke the Certificates of AS's that do dodgy things (like advertise subnets that aren't theirs), still it would require alot more overheads in terms of processing and memory than BGP currently requires.

I should also mention, I haven't worked with BGP in around 7 years now.

Pretty much... it means that when Router A says to Router B "I have a new path to this network." the routers will first authenticate eachothers identity utilizing Digital Signatures.

Basically it's applying elements of PKI to router communications, so the router receiving the information knows it can trust other router's updates. If you didn't do it I could (potentially) spoof updates and say "this network exists here now" and all the information destined for that network would then be routed to me to packet-sniff to my heart's content.

This type of stuff (in addition to SSL/TLS encryption of sensitive data communication channels) has been used internally in (most) Banking networks for awhile now, I'm actually surprised they didn't have something like it in place already.