Re: Code Red - A Possible Origin?

["Michael J. Cannon" <dedmike () kattare com>]

This is probably a thread that needs to relocate to a new forum.  I 
checked the purpose statement of this list and we are running outside 
that purpose, and have for many days.  The thread is interesting, but 
it is currently misplaced.  We either need to end it or relocate it.  I 
propose the thread be relabelled "Cyber-Terrorism - In Search of 
Reality and Definitions (WAS: Code Red - A Possible Origin?)" if we 
wish to continue, and find a new place to post.

The purpose of my original post was to show the list and some of the 
lurking, but interested subscribers a bit about how and what (although 
not in a forensically or truly functionally valid way) some of the 
processes are in the hunt for someone who takes it into their mind to 
write code that is destructive to systems that don't belong to them.  
In doing so, I had hoped that others would go on the hunt with me and 
that we would find other sites claiming responsibility and either 
publicly point out the perpetrators/co-conspirators or put the lie to 
the claims and show people how that was done.  That didn't happen, and 
we degenerated into side comments on some of the points I'd made in 
what I thought was going to be my last post on the subject.  The 
degeneration, as noted above, is valuable, probably more so than the 
original thread in my mind.  But it is out of scope.   I take most of 
the blame for that, as my original comments were also.

My comments on "cyber-terrorism" and "information warfare" as terms 
beginning to enter the common vocabulary were aimed at the fear I have 
that more freedom will be taken from people as a result of what is 
actually a failing in the computer industry because of our laziness and 
greed.  Touchstone issues have a way today of being used as copy for 
the PR vampires and pseudo-journalists to tout new products, sell 
airtime and column-inches and generally pervert the discussion.  I 
suppose it's the nature of the "profession" of journalism these days 
that rather than doing adequate research, checking facts and sifting 
for conflicts-of-interest and the other things that would have caused a 
traditional journalist to run from a story, modern journalists look for 
the 'angle' that might get them a shot as the chief meat-puppet on AOL-
TimeWarner.  Just look at what has happened to CNN Headline "News," if 
you want a real-world example.  These folks need us to define terms for 
them that will allow them to further adrenalize the world conciousness, 
further stress people, and, as a result, sell more soap and fizzy water.

MY touchstone for incidents of the nature of Code Red and SirCAM is to 
remove "cyber" "info" and "e-" from the descriptions of the incident 
and then ask myself the incident is truly an act of terrorism or war.  
It is the same criterion I use when evaluating the business plans of 
new technology companies that I am looking at as an investor.  If it 
doesn't make sense as a business, than it doesn't as an "e-business."  
Likewise, if it is not an act of terror, war or a crime, then appending 
a "cyber" "info" or "e-" doesn't make it one.

Michael J. Cannon
Ubiquicomm
"Si vis pacem, para bellum."

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com