Security Incidents mailing list archives
Re: Code Red - A Possible Origin?
From: Ben Okopnik <fuzzybear () pocketmail com>
Date: Wed, 29 Aug 2001 19:05:42 +0000
On Mon, Aug 27, 2001 at 05:55:56PM -0500, Michael J. Cannon wrote:
For those that joined this thread late, again, I am not saying these ARE the authors, I am advocating that we use this opportunity as a 'tactical exercise' in a well-known public forum, to show the public what tools are used and some of the procedures for tracking down these incidents. If this is not the correct forum, I expect the relevant authorities (the list moderator/admin) will tell us (and maybe make a suggestion on where would be more appropriate).
I will agree that this is a reasonable idea. This is, of course, FAR short of what the most likely public response is going to be (hell, already is): Congress and the talking heads are going to call for new, more stringent laws, public floggings, maybe executions... oh, wait, they've only _implied_ that so far. <grin>
Finally, for any lurkers from the press: I don't believe that this is in any way 'cyber-terrorism,' whoever perpetrated 'Code Red,' its variants, or virii like SirCam. I don't believe that the TAO and their sibling organizations are terrorists. I don't believe whoever created Code Red is a terrorist. Terrorism kills people, not networks and computers. Terrorism costs lives and limbs, not money and bandwidth/inconvenience. What goes on in Israel/Palestine, Macedonia/Yugoslavia, Sri Lanka and elsewhere is terrorism.
Erm... _In the main,_ I agree with you - but, just to play the devil's advocate, what happens when someone crashes a hospital's network, or something similar where life does indeed equal the machine being up? The issue is not quite all that black-and-white.
The computer security community is on the job and we do care. We want to make the Internet a safer place for communities and commerce. But to call any of what our opposition does 'terrorism' is to demean the lives and efforts of those who risk their lives combating that FAR more grievous menace. Bruce Schneier has said we in the security industry have lost the battle with the press when it comes to 'hacker' vs. 'cracker.' Let us not allow the press to portray activists, curious children, petty criminals and misguided individuals in the same way they do the animals that kill people with guns and bombs. 'Hacktivism' and electronic civil disobedience are better terms more amenable to the result of the crime.
Erm... no, sorry, try again. "Hacktivism" is a positively-loaded term; I see very few (note that I carefully do not say "no") positive facets to cracking, and while cracking may on occasion be an instance of "hacktivism", confuting the two, IMO, is an even _worse_ evil than the "hacking/cracking" confusion. "Electronic civil disobedience"... I believe that I'm expressing the common sentiment that this sounds like marketroid-speak, and will be accepted to about the same degree; i.e., "sounds like bullshit to me!" Catchy phrases have their place; this one does not fit. It's not even catchy. Worse yet, the concept itself does not fit. Cracking may not be terrorism, but it's not a harmless prank, either. Some folks might see it as "well, gee, it only hurts these companies - no big deal!" *WRONG*. "These companies" are someone's blood, sweat, and tears; often, a whole lot of someones. I speak as a man who has "raised" a company from scratch, ran it for a number of years, and then watched it die (not this crash; this was the '80s.) Buddy, lemme tell ya... if I caught someone destroying that company's resources, the resources that I painstakingly built up one penny at a time, I would skin the bastard with a dull file and spread the salt liberally. Crackers love to hide behind the shielding image of the rebel, the revolutionary. Puh-lease. A 13-year-old script kiddie is not a revolutionary; he's out to satisfy his adolescent curiosity and doesn't care in the least about the cost to others. Cracking is nothing but wanton destruction of someone's resources; end of story. Terrorism? No. Innocent exploration? Not that, either. Not by a *damn* long shot. Ben Okopnik -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Criminals do not die by the hands of the law. They die by the hands of other men. -- George Bernard Shaw ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Re: Code Red - A Possible Origin? SVater (Sep 01)
- Re: Code Red - A Possible Origin? Michael J. Cannon (Sep 01)
- Re: Code Red - A Possible Origin? H C (Sep 02)
- <Possible follow-ups>
- Re: Code Red - A Possible Origin? Ben Okopnik (Sep 01)
- Re: Code Red - A Possible Origin? Joshua Hirsh (Sep 01)
- Re: Code Red - A Possible Origin? Michael J. Cannon (Sep 01)
- Re: Code Red - A Possible Origin? Michael J. Cannon (Sep 02)
- Re: Code Red - A Possible Origin? Michael J. Cannon (Sep 01)