Back to the main page

Mailing List Logs for ShadowRN

Message no. 1
From: Tzeentch tzeentch666@*********.net
Subject: Cyberterrorism article at Janes
Date: Fri, 3 Dec 1999 10:23:46 -0800
Want some laughs to see how even the esteemed Janes can get technical
matters horribly horribly wrong? Then check out this Janes Intelligence
Review article on cyberterrorism. Now you will understand why some netgeeks
in the military puke when they hear "information warfar" or
"cyberwar". It's
a sick joke and this proves it.

http://jir.janes.com/sample/jir0525.html

The dorks over on Slashdot had a hand in this little beast though it looks
like Janes just plain ignored a lot of their good points. Check out the
responses (some are very humorous) at
http://slashdot.org/articles/99/12/01/1612236.shtml

Keep your tinfoil hats on folks, those crazy hackers will gain control of
the Orbital Mind Control Lasers any day now!

Ken
Still trying to build my infrasound cannon...
Message no. 2
From: Ojaste,James [NCR] James.Ojaste@**.GC.CA
Subject: Cyberterrorism article at Janes
Date: Fri, 3 Dec 1999 13:55:31 -0500
> From: Tzeentch [mailto:tzeentch666@*********.net]
> Sent: December 3, 1999 13:24
>
> Want some laughs to see how even the esteemed Janes can get technical
> matters horribly horribly wrong? Then check out this Janes
[snip]
> http://jir.janes.com/sample/jir0525.html

*raises an eyebrow*
You think *that's* bad? Ooh boy.

> The dorks over on Slashdot had a hand in this little beast
> though it looks
> like Janes just plain ignored a lot of their good points.

For those of you who are not Slashdot regulars (shame!), a brief
history...

The author of the above article, Johan Ingles-le Nobel, was in the
midst of the editing process of an article written about cyberwarfare.
http://jir.janes.com/sample/jir0499.html
Knowing that the Slashdot populace was technically literate (er, that's
literate about technology, not the other way 'round), he asked them
for their comments.
http://slashdot.org/articles/99/10/04/0836212.shtml
Short summary: It Sucked.
Longer summary: The author knew *nothing* about the topic
"Only a select number of terrorist groups and few state sponsors
are likely to possess the necessary motivation and capability in
the spheres of organisation, funding, acquisition, technology,
storage and stockpiling, logistics, and other overt and covert
resources to be able to make the transition from conventional to
CBRN/Cyber warfare."

Uh huh. Organizing? Right. Funding? Sheesh. Acquistion? Head
over to L0pht. Or Packetstorm. Or Rootshell. Or ciac. Tech?
Hire a kid. Storage? Got a hard drive, right? Stockpiling?
*STOCKPILING*? *Logistics*? *Covert resources*? *shakes head*

Well, the guys at Slashdot lambasted the article as it deserved.
The editor decided that it would be less work to write a new article
than to try to patch up the old one, so he culled a bunch of the
comments that were made and promised a shiny new article.

http://slashdot.org/features/99/10/07/120249.shtml

Unfortunately, he didn't get somebody literate with technology to
write it, he wrote it himself. So it reads a bit like a patchwork
quilt with sections of sage advice and distilled wisdom copied from
Slashdot comments, separated by sections of sillyness ("Wargames"
being based on Kevin Mitnic's [sic] exploits, for instance).

James Ojaste
Message no. 3
From: Mark A Shieh SHODAN+@***.EDU
Subject: Cyberterrorism article at Janes
Date: Fri, 3 Dec 1999 15:00:06 -0500 (EST)
"Tzeentch" <tzeentch666@*********.net> writes:
> Want some laughs to see how even the esteemed Janes can get technical
> matters horribly horribly wrong? Then check out this Janes Intelligence
> Review article on cyberterrorism. Now you will understand why some netgeeks
> in the military puke when they hear "information warfar" or
"cyberwar". It's
> a sick joke and this proves it.

It seemed accurate enough to be a primer on things. They got
the important bits more accurate than any other article I've seen,
though the little details were amusing (perhaps deliberately). I
don't recommend trying to hide an infrared port into the network in a
lamp, but the concept of making your own access point holds.

Mark
Message no. 4
From: Oliver McDonald oliver@*********.com
Subject: Cyberterrorism article at Janes
Date: Sat, 04 Dec 1999 12:13:36 -0800 (PST)
On Fri, 3 Dec 1999 10:23:46 -0800, Tzeentch wrote:

>Want some laughs to see how even the esteemed Janes can get technical
>matters horribly horribly wrong? Then check out this Janes Intelligence
>Review article on cyberterrorism. Now you will understand why some netgeeks
>in the military puke when they hear "information warfar" or
"cyberwar". It's
>a sick joke and this proves it.
>
>http://jir.janes.com/sample/jir0525.html

Other than a few details, most of what is written in the aforementioned article is
substantially accurate.

-----------------------------------------------------------
Oliver McDonald - oliver@*********.com
http://www.spydernet.com/oliver/
-----------------------------------------------------------
Space. The Final Frontier. Let's not close it down.
Brought to you via CyberSpace, the recursive frontier.

"that is not dead which can eternal lie, And with strange aeons even death may
die."
-H.P. Lovecraft, "The Call of Cthulhu."

ICQ: 38158540
Message no. 5
From: Tzeentch tzeentch666@*********.net
Subject: Cyberterrorism article at Janes
Date: Sat, 4 Dec 1999 15:45:24 -0800
The article contains several blatant problems (Wargames was based on Kevin
Mitnicks assumed crimes? Wow.) As well as a continual confusion with
definitions. I'm almost personally offended by the artificial definition of
"hacker" and "cracker" for one. And that's before you get to the
spelling
errors and editing problems.

There are no glaring factual errors, but the average layman reading this
article will have a pretty warped perception of the "reality" of computer
security. Reading this, one would think that the average script kiddie is
incapable of real harm or coordinated attacks - which is incorrect.

Read the part about the network connected lamp again and tell me that's
perfectly logical. To the average layman it would seem just as logical as
any other computer hacker "magic".

Read the nightmare scenario of hackers shutting down 911 service again as
well, try to find collaborating evidence of this scaremongering. Note who is
making the claims.

Note the ridiculous claims of hackers/crackers such as Dr Nuker and remember
this article is intended for the average joe military/civilian manager.

In beyond the hype they note that there is a lot of hyperbole in this field,
gee wonder why the article only adds to it!

And last of note that slashdot user had a hand in this article. If that does
not show some SERIOUS problems with the authors mental state and knowledge I
don't know what does.

Is anything blatantly incorrect? Not really. Is it a joke? Yes. It provides
no real conceptual basis for the motives and capabilities of real world
information system threats and simply feeds the paranoia of "infowar" -
which is just fine for the companies and groups that have staked their
careers on the buggaboo of "cyberwar".

I was quick to write the article off based on it's incredibly bad editing,
fact checking and general cluelessness. It does have some useful
information. Just don't think its any more insightful then an article you
would see in USA Today. Maybe I'm just too cynical reading military cyberwar
studies and proposals.

Ken


> Want some laughs to see how even the esteemed Janes can get technical
> matters horribly horribly wrong? Then check out this Janes Intelligence
> Review article on cyberterrorism. Now you will understand why some
netgeeks
> in the military puke when they hear "information warfar" or
"cyberwar".
It's
> a sick joke and this proves it.
>
> http://jir.janes.com/sample/jir0525.html
Message no. 6
From: Asymmetric all@******.net
Subject: Cyberterrorism article at Janes
Date: Sat, 04 Dec 1999 19:47:05 -0500
At 15:45 12/4/99 -0800, Tzeentch wrote:

>Read the part about the network connected lamp again and tell me that's
>perfectly logical. To the average layman it would seem just as logical as
>any other computer hacker "magic".

It's perfectly illogical, to both layman and expert alike.

Thinks I'd Like To See To Make This Remotely Possible(tm) :

1) A machine small enough to hide in a lamp and large enough to actually do
anything besides retransmit data. Norand, who makes the smallest mobile
computers of any power that I know of, doesn't even make them that small.

2) IR data transfer made reliable and fast. IR data transfer rates suck
balls, and are unreliable as hell. Anyone sitting in the room with a
remote control that reflects off the window and at the tranciever is going
to screw up the data transfer, even if they just lower the bandwidth by
making the thing retransmit over and over to avoid the interference. Also,
any sort of "energy saving" window is usually dual pained and coated with
IR reflective material.

3) A device like this, functioning, that can act as anything besides a
glorified bug, which would be much easier to construct using radio
transmission.. as would the whole device, for that matter. To gather any
data out of anything besides via the air, the device would have to be one
of four things : A van-eck device retransmitting what it picks up, an
audio bug, a visual bug (videocamera), a general purpose radio bug. To
pick up any computer stuff besides the van-eck, or affect anything, you'd
need to pick a target on a wireless LAN, or have an ethernet cable going
from the lamp into the network, assuming they have one.. that'd be a big
clue-in. So would finding the window-shade open every time you close it
and leave for a bit. So would the big van sitting outside day in/day out,
always in line of sight to the lamp.


>Read the nightmare scenario of hackers shutting down 911 service again as
>well, try to find collaborating evidence of this scaremongering. Note who is
>making the claims.

It's probably happened, at least by accident, as with most great
discoveries.. ;) Remember when I was monkeying around with that computer
so long ago, had no idea what it did.. turns out it was the environmental
control for the underground area of the dog racetrack.. I read about it in
the paper, then one of our friends that worked there came and told me how
super hot it was inside that day. Why they had that on an unprotected
dialup I'll never fathom.


>Note the ridiculous claims of hackers/crackers such as Dr Nuker and remember
>this article is intended for the average joe military/civilian manager.
>
>In beyond the hype they note that there is a lot of hyperbole in this field,
>gee wonder why the article only adds to it!
>
>And last of note that slashdot user had a hand in this article. If that does
>not show some SERIOUS problems with the authors mental state and knowledge I
>don't know what does.

Mmm.. The clueless leading the clueless.


>Is anything blatantly incorrect? Not really. Is it a joke? Yes. It provides
>no real conceptual basis for the motives and capabilities of real world
>information system threats and simply feeds the paranoia of "infowar" -
>which is just fine for the companies and groups that have staked their
>careers on the buggaboo of "cyberwar".

Hey, there is good $$$ in that field! :)


>I was quick to write the article off based on it's incredibly bad editing,
>fact checking and general cluelessness. It does have some useful
>information. Just don't think its any more insightful then an article you
>would see in USA Today. Maybe I'm just too cynical reading military cyberwar
>studies and proposals.

Probably it's more damaging than anything USA Today would print.. most
people "in the know" would trust Janes to publish accurate information, and
the less clued-in members of the wannabe underground would trust slashdot..
but then, you just have to always keep in mind.. anything published for
public consumption, especially on paper, that relates to security issues is
usually just laughed at and discarded.

Oh, as an aside, things of this nature are inherently flawed when giving
you details on the "infowar" that is going on. If it's in the paper, then
people know about it, and people in the know are willing to talk about it..
thats simply not the case. Don't fear the script kiddy you hear about on
the news, fear the skilled, clued in guy doing exactly what they mentioned
: gathering data and not destroying things. Fear the guy who said "yes" to
the obviously russian fellows who hang out around the NYC 2600 meetings
asking about "codes, we pay well." (for the record, I gave a worried
glance around myself, considered for about as long as data considered
joining the Borg in Insurrection, then took their phone number and
hightailed it outta there.)
-A

"There comes a time when the operation of a machine becomes so odious,
makes you so sick at heart, that you can't take part; not even tacitly take
part, and you have to throw yourself on all the gears and all the levers
and you have to make it stop."

-Mario Savio, founder of the free speech movement.

Commandment XI: Thou shalt not inflict upon me thy useless prattlings, for
I thy God am a busy God.
-Joe Thompsonn
Message no. 7
From: Oliver McDonald oliver@*********.com
Subject: Cyberterrorism article at Janes
Date: Sat, 04 Dec 1999 18:08:33 -0800 (PST)
On Sat, 04 Dec 1999 19:47:05 -0500, Asymmetric wrote:

>1) A machine small enough to hide in a lamp and large enough to actually do
>anything besides retransmit data. Norand, who makes the smallest mobile
>computers of any power that I know of, doesn't even make them that small.

Ever seen the matchbox webserver? Don't recall the URL, but there is a web server out
there that is literally the size of a
matchbox, complete with hard drive, 10baseT connection, CPU, ram etc.

-----------------------------------------------------------
Oliver McDonald - oliver@*********.com
http://www.spydernet.com/oliver/
-----------------------------------------------------------
Space. The Final Frontier. Let's not close it down.
Brought to you via CyberSpace, the recursive frontier.

"that is not dead which can eternal lie, And with strange aeons even death may
die."
-H.P. Lovecraft, "The Call of Cthulhu."

ICQ: 38158540
Message no. 8
From: Asymmetric all@******.net
Subject: Cyberterrorism article at Janes
Date: Sat, 04 Dec 1999 21:10:34 -0500
At 18:08 12/4/99 -0800, you wrote:
>On Sat, 04 Dec 1999 19:47:05 -0500, Asymmetric wrote:
>
> >1) A machine small enough to hide in a lamp and large enough to actually do
> >anything besides retransmit data. Norand, who makes the smallest mobile
> >computers of any power that I know of, doesn't even make them that small.
>
>Ever seen the matchbox webserver? Don't recall the URL, but there is a
>web server out there that is literally the size of a
>matchbox, complete with hard drive, 10baseT connection, CPU, ram etc.

Hmm.. I had heard something about that I think.. I'll look into it and
report back.


-A

"There comes a time when the operation of a machine becomes so odious,
makes you so sick at heart, that you can't take part; not even tacitly take
part, and you have to throw yourself on all the gears and all the levers
and you have to make it stop."

-Mario Savio, founder of the free speech movement.

Commandment XI: Thou shalt not inflict upon me thy useless prattlings, for
I thy God am a busy God.
-Joe Thompsonn
Message no. 9
From: Da Twink Daddy datwinkdaddy@*******.com
Subject: Cyberterrorism article at Janes
Date: Sun, 5 Dec 1999 12:01:45 -0600 (CST)
Yesterday, Oliver McDonald spoke on Re: Cyberterrorism article at Janes:

> On Sat, 04 Dec 1999 19:47:05 -0500, Asymmetric wrote:
>
> >1) A machine small enough to hide in a lamp and large enough to actually do
> >anything besides retransmit data. Norand, who makes the smallest mobile
> >computers of any power that I know of, doesn't even make them that small.
>
> Ever seen the matchbox webserver? Don't recall the URL, but there is a web server
out there that is literally the size of a
> matchbox, complete with hard drive, 10baseT connection, CPU, ram etc.

Sun is also hyping thier Java cards / rings, they are networkable with
only a touch and they each have more power than the first IBM PC. You
give a company 4 in^2 to work with and I gaurantee they can give you a bug
that will network to X network and send information via Y.

Da Twink Daddy
e-mail: bss03@*******.uark.edu
ICQ: 514984
Message no. 10
From: Asymmetric all@******.net
Subject: Cyberterrorism article at Janes
Date: Sun, 05 Dec 1999 13:44:12 -0500
At 12:01 12/5/99 -0600, Da Twink Daddy wrote:


>Sun is also hyping thier Java cards / rings, they are networkable with
>only a touch and they each have more power than the first IBM PC. You
>give a company 4 in^2 to work with and I gaurantee they can give you a bug
>that will network to X network and send information via Y.

I've conceeded that the machines can be small enough to do the job.. but
there are still two hurdles to overcome before this could actually be a
useful "bug" for a network.

1) Power. Batteries or transformer, your choice.. but it'll increase the
bulk substantially.. also "why are there two power plugs going into my
lamp?" If you were really sneaky and had some time on your hands, I suppose
you could wire it directly into the lamp for power, but that would
drastically change the size since you'd need a power supply in there too..
which is to say a transformer, bridge rectifier, etc.

2) Network. How is this thing going to unobtrusively tap into a
network? I think I'd notice pretty quickly an Ethernet cable coming from
my lamp, as well as an extra port on one of my hubs being used.

That aside, if you're running any kind of encryption on your network, the
thing is useless unless they've cracked the encryption, which is highly
doubtful if you're using anything worth it's salt (haha!).. Anyone who
feels the need can get the stuff from NA that comes along with NetShield
(their antivirus stuff, used to be mcaffe), which will add encryption to
the TCP/IP stack of all the machines it's on, and encrypt all traffic sent
over that interface.

My original point stands.. for a lot more money, and a lot more work, you
can get a lot more obvious bug, with no more capability than an old
fashioned battery, microphone, and transmitter all rolled into something
the size of your smallest fingernail.
-A

"There comes a time when the operation of a machine becomes so odious,
makes you so sick at heart, that you can't take part; not even tacitly take
part, and you have to throw yourself on all the gears and all the levers
and you have to make it stop."

-Mario Savio, founder of the free speech movement.

Commandment XI: Thou shalt not inflict upon me thy useless prattlings, for
I thy God am a busy God.
-Joe Thompsonn
Message no. 11
From: Da Twink Daddy datwinkdaddy@*******.com
Subject: Cyberterrorism article at Janes
Date: Sun, 5 Dec 1999 14:18:32 -0600 (CST)
Today, Asymmetric spoke on Re: Cyberterrorism article at Janes:

> At 12:01 12/5/99 -0600, Da Twink Daddy wrote:
>
>
> >Sun is also hyping their Java cards / rings, they are network-able with
> >only a touch and they each have more power than the first IBM PC. You
> >give a company 4 in^2 to work with and I guarantee they can give you a bug
> >that will network to X network and send information via Y.

> 1) Power. Batteries or transformer, your choice.. but it'll increase the
> bulk substantially.. also "why are there two power plugs going into my
> lamp?" If you were really sneaky and had some time on your hands, I suppose
> you could wire it directly into the lamp for power, but that would
> drastically change the size since you'd need a power supply in there too..
> which is to say a transformer, bridge rectifier, etc.

I don't know hoe the Java cards / rings do it, but they certainly don't
have to be plugged in and they work fine. I would assume they have some
sort of flexible 5-yr battery or something.

> 2) Network. How is this thing going to unobtrusively tap into a
> network? I think I'd notice pretty quickly an Ethernet cable coming from
> my lamp, as well as an extra port on one of my hubs being used.

If they are just going to tap the network, they don't need one of your
ports. They just splice into the Ethernet cable running to the computer
next to the lamp, their bug doesn't have to send data, it just looks at
everything going by. Even if you do need to send, you just pretend you
are the computer you are next to. Stop all traffic going to it, figure out
whether they want it or you want it and relay.

Yes, there is going to be some length of extra cord, but most users
aren't going to notice this, as there are already a bunch of cords they
don't understand back there. Some users might notice this, this would be
good for the company as they have discovered a bug. Also, next time the
person that lives in the cube moves stuff around, they'll notice the bug.

Sure, this isn't a permanent or elegant solution, but it works.

About encryption: Hacking encryption it what being a cracker is about.

Da Twink Daddy
e-mail: bss03@*******.uark.edu
ICQ: 514984
Message no. 12
From: Asymmetric all@******.net
Subject: Cyberterrorism article at Janes
Date: Sun, 05 Dec 1999 15:32:56 -0500
At 14:18 12/5/99 -0600, you wrote:


> I don't know hoe the Java cards / rings do it, but they certainly don't
>have to be plugged in and they work fine. I would assume they have some
>sort of flexible 5-yr battery or something.

I'll have to do some investigating into that..

> If they are just going to tap the network, they don't need one of your
>ports. They just splice into the Ethernet cable running to the computer
>next to the lamp, their bug doesn't have to send data, it just looks at
>everything going by. Even if you do need to send, you just pretend you
>are the computer you are next to. Stop all traffic going to it, figure out
>whether they want it or you want it and relay.

That's more than a splice.. that's cutting a network cord, attaching them
to the box, and setting the machine up as a smart router.. it's also,
again, very noticeable.


> Yes, there is going to be some length of extra cord, but most users
>aren't going to notice this, as there are already a bunch of cords they
>don't understand back there. Some users might notice this, this would be
>good for the company as they have discovered a bug. Also, next time the
>person that lives in the cube moves stuff around, they'll notice the bug.

I think that we went from a home to a office situation with a little bit of
bait and switch there.

In a home, most people who "don't know what all the wires do" probably
don't have a network either, and are the same people who think they can get
a virus just by having a modem in their computer.

In an office.. different story, a lot more difficult to get into than
somebodies house, and with the routine maintenence that goes on,
troubleshooting, and problems.. they'd probably notice real quick something
wasn't right.


> Sure, this isn't a permanent or elegant solution, but it works.
>
> About encryption: Hacking encryption it what being a cracker is about.

I just gotta say LOL to the terminology and the premise. I don't know
anyone, hacker, luser, or otherwise, that cracks crypto with any
reliability. Sure, I participate in D.Net along with everyone else, but
even that is taking an enormously long time with thousands of machines to
search a keyspace that is very very small, even by todays standards.

If it's that easy.. then well, have any one of these people crack a single
message sent by the encrypted chat client I wrote in about 36 manhours, on
my own.. The encryption it uses is by far stronger than anything d.net has
tried to factor, and yet still small compared to the strength I could make
it with about half an hours worth of work, if it came to that.

The closest thing to anything of this nature is Deep Crack, and thats a
$250,000 piece of hardware in todays dollars, and only cracks DES keys..
taking about a day per key. DES keys are only 56bits to begin with, and
the machine is useless for any other purpose.. it won't even do 3DES keys,
let alone Blowfish, El Gamal, RC5, IDEA, or any of the other many many
engines available.

The simple truth of crypto, is that with any given piece of hardware at a
certain point in time, it'll take more time on that hardware to create and
test every single possible key against a piece of cyphertext than it will
take to generate one random key and use it.. this is just as true of
quantum computers, because once they are available for cracking, new
encryption will be developed to run on them that will still hold to the
same rule.

-A

"There comes a time when the operation of a machine becomes so odious,
makes you so sick at heart, that you can't take part; not even tacitly take
part, and you have to throw yourself on all the gears and all the levers
and you have to make it stop."

-Mario Savio, founder of the free speech movement.

Commandment XI: Thou shalt not inflict upon me thy useless prattlings, for
I thy God am a busy God.
-Joe Thompsonn
Message no. 13
From: Ojaste,James [NCR] James.Ojaste@**.GC.CA
Subject: Cyberterrorism article at Janes
Date: Mon, 6 Dec 1999 12:22:46 -0500
> From: Asymmetric [mailto:all@******.net]
> Sent: December 4, 1999 19:47
>
> Thinks I'd Like To See To Make This Remotely Possible(tm) :
>
> 1) A machine small enough to hide in a lamp and large enough
> to actually do
> anything besides retransmit data. Norand, who makes the
> smallest mobile
> computers of any power that I know of, doesn't even make them
> that small.

Mobile phone, such as the Qualcomm PDQ - it runs the Palm OS and
the battery should last long enough for most usage requirements
(assuming compressed burst transmission etc). Heck - if you
took a Palm VII and ripped out the screen/touchpad (the biggest
component there), it'd fit nicely too.

> 2) IR data transfer made reliable and fast. IR data transfer
[snip]

True. High-frequency radio is a much better choice for this.

> 3) A device like this, functioning, that can act as anything
> besides a
> glorified bug, which would be much easier to construct using radio
> transmission.. as would the whole device, for that matter.

Are you insane!? Oh, wait - I just said the same thing, didn't I?
Nevermind. ;-)

> To gather any
> data out of anything besides via the air, the device would
> have to be one
> of four things : A van-eck device retransmitting what it
> picks up, an
> audio bug, a visual bug (videocamera), a general purpose
> radio bug. To
> pick up any computer stuff besides the van-eck, or affect
> anything, you'd
> need to pick a target on a wireless LAN, or have an ethernet
> cable going
> from the lamp into the network, assuming they have one..
> that'd be a big
> clue-in. So would finding the window-shade open every time
> you close it
> and leave for a bit. So would the big van sitting outside
> day in/day out,
> always in line of sight to the lamp.

> Probably it's more damaging than anything USA Today would
> print.. most
> people "in the know" would trust Janes to publish accurate

Most people "in the know" would know already, and shouldn't trust
anybody but themselves.

> information, and
> the less clued-in members of the wannabe underground would
> trust slashdot..

There are some really smart people on /. and there are a lot of
idiots too. Just like everywhere else you go - the difference
being that most /. readers are far more technical than most
places you go. Anybody remember Usenet? Same deal - don't
trust everything you read; always check it out yourself.

> but then, you just have to always keep in mind.. anything
> published for
> public consumption, especially on paper, that relates to
> security issues is
> usually just laughed at and discarded.

Except "The Y2K Bug". *sigh*

> Oh, as an aside, things of this nature are inherently flawed
> when giving
> you details on the "infowar" that is going on. If it's in

I think it's silly to refer to cracking/script kiddies/etc as an
"infowar". It's just society, all over again. There are criminals
who break into houses, there are those that break into boxes, and
there's the Australian Government for whom it's legal. It's no war.

> the paper, then
> people know about it, and people in the know are willing to
> talk about it..
> thats simply not the case. Don't fear the script kiddy you
> hear about on
> the news, fear the skilled, clued in guy doing exactly what

Script kiddies are *far* more likely to DoS/root your machine etc
than a purposeful criminal. There are a lot more of them, and they're
terribly indiscriminate.

> they mentioned
> : gathering data and not destroying things. Fear the guy who
> said "yes" to

Yeah right - like he'd care what's in my internet-enabled fridge.
Criminals who are getting paid go after targets that have useful
info. Security guys get paid to harden such targets. Same deal
with B&Es and corporate espionage - nothing new, just a change of
scenery.

> the obviously russian fellows who hang out around the NYC
> 2600 meetings
> asking about "codes, we pay well." (for the record, I gave a worried
> glance around myself, considered for about as long as data considered
> joining the Borg in Insurrection, then took their phone number and
> hightailed it outta there.)

Heh. Sounds like fun - maybe I should try that sometime. :-)

James Ojaste
*starts working on his Russian accent*

Further Reading

If you enjoyed reading about Cyberterrorism article at Janes, you may also be interested in:

Disclaimer

These messages were posted a long time ago on a mailing list far, far away. The copyright to their contents probably lies with the original authors of the individual messages, but since they were published in an electronic forum that anyone could subscribe to, and the logs were available to subscribers and most likely non-subscribers as well, it's felt that re-publishing them here is a kind of public service.

Thwap!