LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices


Reply
  Search this Thread
Old 04-23-2014, 10:01 PM   #1
frankbell
LQ Guru
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Ubuntu MATE, Mageia, and whatever VMs I happen to be playing with
Posts: 19,272
Blog Entries: 28

Rep: Reputation: 6124Reputation: 6124Reputation: 6124Reputation: 6124Reputation: 6124Reputation: 6124Reputation: 6124Reputation: 6124Reputation: 6124Reputation: 6124Reputation: 6124
The Cyper-War Cyberscam


I commend my internet acquaintance George Smith's blog post on the cyber-war con artists to your attention.

http://dickdestiny.com/blog1/?p=17880

I'm not going to try to summarize it or excerpt it, because I can't do it justice.
 
Old 04-24-2014, 07:36 AM   #2
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 10,610
Blog Entries: 4

Rep: Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905
Thanks for the link. This is a very good post on several different levels.

First of all, "the homeland-security industrial complex" (HSIC) is in full swing today as its more-lucrative partner to the "military industrial complex," (MIC) siphoning trillions of dollars out of the pockets of a now severely-anemic Uncle Sugar who is nevertheless "borrowing" (sic ...) the money to pay for it all. The accounting shenanigans that are still-routinely employed to "hide" the spending have become farce: one day soon it will probably cost $6.00 USD to mail one letter, and so on. All of the names that are listed in that article are doing it for one reason only – vast, ##CLASSIFIED##, easy money, and the political influence that such money can purchase (with which to get even more money).

This is "good ol' human nature" at its best most-typical worst. And it's having perverse, ridiculous consequences. There are such vast amounts of this "money" flying around now, that it is literally de-valuing American money in the eyes of the world's international traders. (Turns out some people want to use money to facilitate the sales of "stuff." How bizarre ...)

But the thing that really scares me about all of this is another angle which is sitting out plain under our noses right now, for all the world to see if anyone bothers to recognize it for the grave threat that it is: the vast, unregulated, untracked collection of data by private companies. I've written about this twice at my own blog, in February and again yesterday.

I fear that the HSIC is thinking only in (para-)military terms: an electronic "Pearl Harbor" attack of gigantic proportions, originated by a central "army" (located somewhere that we can very-conveniently bomb ...) which is also thinking in military terms. The HSIC has sold the notion that the only way to prevent this sort of thing is to vacuum-up "all of the data on the Internet" and to keep it forever. To accomplish this, they've used various nefarious ways of compromising and thereby collecting all of the data that anyone could theoretically find – probably including that cookie recipe that you invented five years ago and used once that Christmas – while conveniently "forgetting" that this creates vulnerabilities that can be insidiously exploited by people who have never worn and who never will wear a military uniform.

For instance, it's very easy for an ordinary, innocent "app" that comes pre-installed on a computer (or that becomes popular for any reason) to collect and transmit to be forever stored, second-by-second information about exactly where anyone is, within about 15 feet, at all times day and night. It is also possible to siphon their "address book" which, courtesy of Google (and HSIC), effectively is a list of anyone you've ever contacted by any means whether you wanted to keep the address or not. None of this information is "classified" by anyone. It's considered to be "marketing data." The fact that the app is doing this is also not hidden. Nothing has been "cracked" or penetrated. The software was designed that way, and for innocent legitimate-to-them reasons ... by people who do not think like bad-guys (like it or not) do.

What could you do with that kind of information, if you were a really-nasty person or group of people who wanted to commit an insidious crime right under everyone's nose? What would access to that kind of a data bank enable you to do, that had never been possible to do before? Data-mining is a powerful technology, isn't it? And how would you know, given that the people who might be behind such a thing might simply be employees doing their boring data-analyst jobs using their ordinary and prescribed levels of access? Access to a data-set whose very existence, let alone nearly-universal disclosure, creates profound social dangers.

The vulnerability is real, the threat is credible, it is staring us in the face, it has been greatly facilitated by the "homeland security" data-obsession, yet at this point it does not appear to be on anyone's radar because it does not fit into the para-military profile. (Perhaps because it does not obviously-lead to more billions of dollars of classified spending?) "There are none so blind ... etc."

And that is what scares the holy hell out of me right now. I don't want to someday pick up a newspaper with a horrible headline and feel like Cassandra.

If we want to be sure that we are actually providing "national security," then we'd better stop thinking like greedy billionaires, and allowing only those greedy billionaires access to our decision-makers.

... ... uhhhhh ... #undef soapbox

Last edited by sundialsvcs; 04-24-2014 at 07:46 AM.
 
Old 04-24-2014, 09:52 PM   #3
frankbell
LQ Guru
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Ubuntu MATE, Mageia, and whatever VMs I happen to be playing with
Posts: 19,272

Original Poster
Blog Entries: 28

Rep: Reputation: 6124Reputation: 6124Reputation: 6124Reputation: 6124Reputation: 6124Reputation: 6124Reputation: 6124Reputation: 6124Reputation: 6124Reputation: 6124Reputation: 6124
George has forgotten more about viruses and computer security than I've known. When he speaks of them, I listen. I may not always agree, but I always listen.
 
Old 04-25-2014, 09:14 PM   #4
jefro
Moderator
 
Registered: Mar 2008
Posts: 21,939

Rep: Reputation: 3619Reputation: 3619Reputation: 3619Reputation: 3619Reputation: 3619Reputation: 3619Reputation: 3619Reputation: 3619Reputation: 3619Reputation: 3619Reputation: 3619
I don't know about the money issue but I do know about the web. It is full or crooks from almost every country, some state sponsored. Every day we read about some company or another that has some data hack. Those are the only ones you know about. I've seem some pretty sophisticated attacks on industrial systems and suspect that America isn't very secure. Everything from your bank to your electric and sewage runs on some very fragile and vulnerable systems.

If mail costs $6 then you can bet a pair of cheap shoes will cost $500 and bread will cost $18 a loaf.
 
Old 04-26-2014, 11:05 AM   #5
metaschima
Senior Member
 
Registered: Dec 2013
Distribution: Slackware
Posts: 1,982

Rep: Reputation: 492Reputation: 492Reputation: 492Reputation: 492Reputation: 492
Hackers are hackers. It seems nowadays that whitehats get punished a lot more than blackhats. I'm not ever sure if these terms exist anymore. Now the blackhats are free to "per-emptively" strike whoever they are told to without any consequences, and the whitehats are free to go to prison over exposing a security flaw in a website to the website owners.
 
Old 04-26-2014, 07:42 PM   #6
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 10,610
Blog Entries: 4

Rep: Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905
I am far more concerned that the "para-military mindset" will blind, and very much already has blinded, the information security apparatchik (especially at this critical level!) to the risks associated with the reckless dissemination of detailed knowledge about hundreds of millions of people. Stuff that is not classified at all. Stuff that has never been available before now. Laws, policies, public debate, none of this is going on.

I'm not worried about cyber-armies making cyber-attacks on cyber-military-installations. There's really no reason to go to the trouble to do that sort of thing when there are petabytes of unguarded data waiting to be "mined" by people who might not be Nice Guys after all ... and who do not fit any of your "profiles."
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Do you think the US should get involved in another war matrixworld General 129 10-10-2013 11:05 AM
LXer: An update on the war against Microsoft’s war against Linux LXer Syndicated Linux News 0 05-05-2008 05:20 AM
Nature Of War HadesThunder General 17 05-18-2004 03:09 PM
war has begun, why does US want a war? doublefailure General 200 03-28-2003 11:43 AM
Flame war anyone? hazza96 LQ Suggestions & Feedback 9 07-24-2001 02:44 PM

LinuxQuestions.org > Forums > Non-*NIX Forums > General

All times are GMT -5. The time now is 07:18 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration