Tech – for Everyone

Tech Tips and Tricks & Advice – written in plain English.

Alarming

A report submitted to Congress on Wednesday by the U.S.-China Economic and Security Review Commission expressed concerns over what the commission claims is China’s growing ability to control and manipulate Internet traffic. In one of the incidents, traffic to and from about 15% of all* Internet destinations was routed through servers belonging to China Telecom, a state-owned telecommunications company.

The rerouting happened on April 8 and lasted for about 18 minutes. The traffic hijacking affected U.S. government and military networks, including those belonging to the Army, Navy, Air Force and Marine Corps, as well as the Office of the Secretary of Defense, the Department of Commerce, NASA and the U.S. Senate. Commercial sites, including those belonging to Microsoft, Dell and Yahoo, were also affected.

The kind of access that Chinese authorities had to the data could enable surveillance of specific users or sites, disrupt transactions, prevent a user from establishing connections to specific sites or divert them to other spoofed sites, the report noted.

“Incidents of this nature could have a number of serious implications,” the report said. (Yah think???)

Incidents such as those reported by the commission highlight some of the fundamental vulnerabilities* of the Internet“, said Dmitri Alperovitch, an Internet threat researcher at McAfee.

The takeaway here is that the foundation on which the Internet is built is insecure*,” Alperovitch said. “It is based on trust. We trust ISPs to tell us which networks they own. There is no validation [of that information].”

These are excerpts from a Computerworld article. Click here to read the whole enchilada.

Also, Dark Reading has a more detailed look, here.

* emphasis mine.

… My guess is they just slurped up all the packets; so they can better map IP’s and fingerprint users and systems. Step 1 in the hacker’s playbook.
(Maybe look at the encryptions used.. and run some through their supercomputer.)
But I’m a cynical, and not terribly well-educated guy. I could be wrong. I hope I am. But it seems pretty clear: a lot of people are playing games on the Internet.. and I’m not talking about WoW.

Today’s free download: IObit Toolbox is free, portable software that system administrators and computer geeks will take along to solve PC problems anytime and anywhere. With more than 20 dedicated tools, IObit Toolbox allows you to display/diagnose PC information, enhance PC security, optimize PC performance and repairing PC problems. In a word, it offers an easy way for PC admin to monitor and manage computers. It can be used for commercial and non-commercial purposes.

Today’s reco’s reading: How to become a certified IT ninja
When faced with a problem, people tend to collect into three mindsets. The first is not to do anything, lest we make the problem worse…

Quote of the day:Advice is what we ask for when we already know the answer but wish we didn’t.
~ Erica Jong

Note: I posted this article a year ago. This is one of the reasons “the Internet is broken” and we are dang fools for doing any kind of important business on it, or attaching “Industrial control units”, or doing any thing other than exchanging personal emails (not government or military), watching YouTube and Netflix, or looking up the Latin name of the rose on Wikipedia.

But.. the alarm was sounded – a few of the wiser took note – and the issue faded from sight… Conficker proved how vulnerable our machines are..
Nothing changed.

Shhh! Don’t say that! People might stop using the Internet! What would happen to Amazon?!

Have a great day everybody.

Copyright 2007-2011 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.


>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<


November 21, 2011 - Posted by | Internet

10 Comments »

  1. …the alarm was sounded and “a few of the wise took note”… the issue faded from sight.
    (Quote of the day here:) I already know the answer, but wish I didn’t!

    How I deal with the internet and all its risks:
    When faced with the dangers of the internet…I tend “not to do anything”… (except add more protection) I park its dangers in the reservoir of my mind…I continue on with this large part of “my life” I enjoy it…love it…hate it at times. I ask myself…what would I do without the internet? How would I socialize? How would I shop? How would I collect recipes? How would I exchange photos? My list is endless…so I carry on…I like this way of doing things.
    With further concern over this focus… especially when my day is too short (too much time spent here… I examiner my internet activities. I ask myself the harrowing question… am I so addicted to this machine/internet that I am by-passing the risks of being part of the internet? I conclude that in part I am. In an unsettling way, I then console myself to say… “it’s NOW a way of life for me and many others.” I carry on…
    Then with the big picture being… on a global scale this is the New World that we live in…it’s tied into many dimensions of our lives…and I am part of it. (The New World Order/United Nations Documents and more… are interesting reads…too many sites to mention here.)
    The good question asked here…”What would happen to Amazon…?” (all other businesses) While I think the internet is Counter Productive…with a great impact on our lives…it is here to stay… until Conficker raises its ugly head at all of us…then WHAT?

    P.S. Even as a LUDDITE the new world still reaches all of us.

    Like

    Comment by Gaia | November 22, 2011 | Reply

    • Gaia,
      I suspect that you spoke for many…

      Like

      Comment by techpaul | November 22, 2011 | Reply

  2. That is bad..they probably are playing games and what is worse….I would say 75%(and yes, I am pulling that figure out of my hat) of the politicians, bureaucrats, members of the military of any sort don’t have a clue as to how to use the internet or have no idea of what any of the tech jargon means. That is the problem of trying to monitor/legislate an entity that no one knows zilch/nada about. They don’t want to appear stupid to the guy sitting next to them..(that is probably as ignorant on the subject as they are) so they just vote/nod their head as to how their party line votes. I am betting most of them had a blank expression on their faces.

    This is a video of Ted Stevens(now deceased) from a few years ago taking about Net Neutrality and explaining the internet. Senator Ted Stevens – Series of Tubes – YouTube
    “An internet was sent by my staff at 10 o’clock, Friday. I got it yesterday. Why? It got tangled up….”. It was my fault, Ted. I was ordering a TV show. Sorry! Am I on a local internet or a commercial internet? So confused.

    Like

    Comment by delenn13 | November 22, 2011 | Reply

    • delenn13,
      I think “games” is .. um.. er.. try “cyber warfare” and “rehearsal”.

      But on the other things.. Yes.

      Like

      Comment by techpaul | November 22, 2011 | Reply

      • They must have learned from this movie (W) (A) (R) Games (1983 Sci-Fi Thriller with Matthew Broderick) that they needed to learn a new game.

        That scene from War Games – YouTube No one wins in Global Thermonuclear War.

        The new game and definitions:

        “Hackers have been mounting increasingly sophisticated attacks. Billions of dollars have been stolen, and even more has been lost in the form of stolen intellectual property and infrastructure damage. Stuxnet proved that a computer hack can do real-world damage, and if it can be done once, I doubt we will be able to stop it from being done again.

        Unlike traditional warfare, we frequently don’t know where cyber attacks come from. And with the right team of people, an attack could be pulled off that could destabilize the entire world. It’s pretty scary stuff.”

        This kid GETS it. I enjoy the Vlog Brothers. Want to get the grist of the video? Skip to 1:00 and he gets serious. If needed, the definitions are below.
        Hackers, Cyber crime, and a New Kind of War. – YouTube
        “DEFINITIONS:

        Hacker – a person who can manipulate computers and technology, but more usually a person who breaks into computers that they should not be inside of.

        Vulnerability – a problem in software that can grant access to data and processes that should be kept secret, like passwords or credit cards or the controls to a nuclear power plant.

        Exploit – Software or procedures that allow people to take advantage of vulnerabilities. This will often come in the form of a simple script that anyone with even basic computer knowledge can run.

        0-Day Exploit – An exploit that has not been released into the wild. Only the hacker, and possibly his or her close associates, know about the security hole at this point. A 0-Day exploit for an operating system can be sold for hundreds of thousands of dollars.

        White Hat – A hacker who uses his skills for good, informing organizations of security holes in their software, often these people are just referred to as security experts.

        as opposed to:

        Black Hat – The sort of hackers that we generally call to mind when we hear the word Hacker.

        Patch – Software update that fixes the vulnerability. Often patches are not applied and exploits remain in-use for years.

        Script Kiddies – Armies of unskilled, usually young people who just run scripts that hack targets for hackers above them in an organization. Occasionally they also operate on their own.

        Cyber – A prefix that I hate, but am unwillingly using because it has become the standard because old people who read newspapers and watch cable news feel comfortable with it. I love William Gibson though!

        Own: To take control of. An owned computer or server (or zombie) is controlled by hackers. This is where pwn comes from, by the way.

        Anonymous: A loosely organized group of individuals identifying with a certain weird bunch of values like anarchy and “don’t mess with us.” They hack things that piss them off.

        Stuxnet: The most advanced piece of malware ever created which caused the shut-down of Iran’s nuclear refinement program.

        42: HHG2G reference, which are common in hacker culture.”

        Like

        Comment by delenn13 | November 22, 2011 | Reply

        • delenn13,
          I understand (and accept) how the term “game” has come into use (aka “cat and mouse game”, a game of ‘catch up’, war games, etc.) even in reference to hackers/cybercriminals and things “cyber”; but I make a point (mindful of future readers) to NOT use “game” (any more) – as the “prizes” are already real. I want to emphasize this reality is no “small stakes” trivial matter. No “game”. A massive crime epidemic, and worse. And these are only the early days.. Stuxnet is weaponized malware (“probably”) employed by a nation/state.

          I look at the Chinese traffic slurping the same way I do an atomic (bomb) test. (And I don’t know which I’m more afraid of.. if I get nuked, it’s over in an instant. Shut down the Internet, and western civ collapses..)

          Folks, take a look at what delenn13 took the time to provide, won’t you?

          Like

          Comment by techpaul | November 22, 2011 | Reply

  3. I got this today from one of Kim Komando’s emails so I am not going to question it’s validity. She is well know in the tech circles.

    As Kosh would say, “And so it begins.”

    Russian Hackers take control of U.S. public water treatment facilities | Mail Online

    Like

    Comment by delenn13 | November 22, 2011 | Reply

    • Hurry! Hurry! Hurry! Get your red hot smart meters here! Step right up!

      Like

      Comment by techpaul | November 22, 2011 | Reply

  4. If I am wrong, I don’t mind admitting it. Water-pump failure in Illinois wasn’t cyberattack after all – The Washington Post ……If you trust the government’s word.

    I wonder if Kim will post a retraction?

    Like

    Comment by delenn13 | November 25, 2011 | Reply

    • delenn13,
      Either way, it will just engender more complacency (ala Chicken Little).
      Yippee.

      Like

      Comment by techpaul | November 25, 2011 | Reply


Post your Comment/Question

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: