[iwar] [fc:Privatizing.the.Cyberwar]

From: Fred Cohen (fc@all.net)
Date: 2002-08-14 13:29:07


Return-Path: <sentto-279987-5187-1029356900-fc=all.net@returns.groups.yahoo.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Wed, 14 Aug 2002 13:30:08 -0700 (PDT)
Received: (qmail 32362 invoked by uid 510); 14 Aug 2002 20:26:52 -0000
Received: from n36.grp.scd.yahoo.com (66.218.66.104) by all.net with SMTP; 14 Aug 2002 20:26:52 -0000
X-eGroups-Return: sentto-279987-5187-1029356900-fc=all.net@returns.groups.yahoo.com
Received: from [66.218.67.199] by n36.grp.scd.yahoo.com with NNFMP; 14 Aug 2002 20:28:20 -0000
X-Sender: fc@red.all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-8_0_7_4); 14 Aug 2002 20:28:20 -0000
Received: (qmail 87844 invoked from network); 14 Aug 2002 20:28:19 -0000
Received: from unknown (66.218.66.216) by m6.grp.scd.yahoo.com with QMQP; 14 Aug 2002 20:28:19 -0000
Received: from unknown (HELO red.all.net) (12.232.72.152) by mta1.grp.scd.yahoo.com with SMTP; 14 Aug 2002 20:28:19 -0000
Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id g7EKT7C26983 for iwar@onelist.com; Wed, 14 Aug 2002 13:29:07 -0700
Message-Id: <200208142029.g7EKT7C26983@red.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL3]
From: Fred Cohen <fc@all.net>
X-Yahoo-Profile: fcallnet
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Wed, 14 Aug 2002 13:29:07 -0700 (PDT)
Subject: [iwar] [fc:Privatizing.the.Cyberwar]
Reply-To: iwar@yahoogroups.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, hits=0.1 required=5.0 tests=PORN_10,DIFFERENT_REPLY_TO version=2.20
X-Spam-Level: 

Privatizing the Cyberwar 
By Glenn Harlan Reynolds08/14/2002 

It is no secret that Al Qaeda and other Islamic terror groups make
extensive use of the web.  Some websites provide coded messages, in the
same fashion that radio stations used to broadcast coded messages for
spies in enemy territory.  Others play a role in recruiting, in
disseminating propaganda, and in soliciting donations.  Some may serve
all of these functions. 

No doubt various official U.S.  government agencies are looking at these
sites, in order to gather intelligence and identify enemies.  But
they're not alone.  In fact, one of the interesting aspects of the
cyber-war has been the extent to which ordinary citizens have gotten
involved. 

Sometimes, the stings are quite elaborate.  For example, the
pseudonymous hacker "Johnathan Galt" appears to have set up a phony
pro-terrorism site (cached version here) that solicited support and
donations from those sympathetic to Islamic terror.  After operating for
several months (with, apparently, the assistance of Islamist bin-Laden
sympathizers who thought it was genuine), the site became this new and
improved anti-Islamic terror site sporting the legend "We've changed our
mind: Jehad is crap!" No doubt Mr.  Galt also harvested a great deal of
information, including IP addresses, cookie-tracking information, and,
of course, identity information via the PayPal donations he accepted,
that will be of use to the authorities.  (Here's

Galt's guide to Islamic terror sites on the web, and here's his report
on the "Young Turks'" hijacking of Hizbollah's website.)

Similarly, Internet entrepreneur "Jon David," who runs a number of
internet porn sites as his day job, has made a hobby out of hijacking
pro-terror websites.  Most recently he scored a coup by successfully
taking over the Al Qaeda website.  Visitors were redirected to a mirror
page operated by David, from which he harvested 27,000 IP addresses per
day along with various other information, which he has shared with the
FBI.  (No big surprise in one discovery: ninety percent of his visitors
came from Saudi Arabia). 

On a less James-Bondian but still important level, webloggers like
Charles Johnson have been asking their readers to look for pages
containing support for terrorism, after which they publicize the results
and attempt to bring pressure on the ISPs to shut the sites down. 
Blogger James Morrow found death threats aimed at President Bush on the
ClearGuidance site.  ClearGuidance has apparently responded by barring
outsiders from its chat boards, which does not build confidence.  And
other folks have jumped in with ideas for disinformation and pranks that
will spread confusion at very low cost. 

At the very least, website monitoring helps keep people informed of
what's going on, and website-hacking means that terrorists and terrorist
wannabes have to constantly worry about whether their web operations
have been compromised.  Both kinds of actions serve to make life much
tougher for terrorists and their supporters. 

It's hard to know how these actions compare to whatever is being done by
government agencies.  It's possible that far more sophisticated
operations are underway by skilled and well-equipped government hackers. 
On the other hand, Jon David's experience suggests otherwise.  When
David approached the FBI to tell them that he had captured Al Qaeda's
website, and that he was eager to cooperate, the FBI's response was
glacial:


It literally took me 5 days to reach anyone in the FBI that had an even
elementary grasp of the Internet.  By that time, the hostiles realized
the site I had up was a decoy and then advised everyone away from it.  I
still gave the FBI all the log information and link information to the
hostile boards and whatnot, but it's far from what could have
potentially been done if they would have acted more quickly.  But they
are a bureaucracy and as such they move incredibly slow. 


Earlier this year, I wrote that although terrorists could get inside the
decision curve of slow, hidebound bureaucracies, they'd have a tougher
time dealing with American civilians:


But no sooner did the first plane strike the World Trade Center than the
hijackers had to confront someone with a swifter learning curve.  As
Brad Todd noted in a terrific column written just a few days later,
American civilians, using items of civilian technology like cell phones
and 24-hour news channels, changed tactics and defeated the hijackers
aboard United Airlines' Flight 93, overcoming years of patient planning
in less than two hours.  No one has successfully hijacked a civilian
airliner since - and, as "shoebomber" Richard Reid illustrates, those
terrorists who threaten civilian airliners now tend to emerge rather the
worse for wear.  Against bureaucracies, terrorists had the
learning-curve advantage.  Against civilians, they did not. 

This should come as no surprise.  American civilians, perhaps more even
than their counterparts in Europe, Japan, and the rest of the
industrialized world, are used to making rapid changes based on new
information.  Accustomed to a steep learning curve in business and in
life, we should be able to out-adapt those who, after all, are
ultimately committed to returning the world to a simulacrum of the 12th
century. 



The good news is that the Bush Administration seems to be figuring this
out.  Richard Clarke, the White House computer security adviser, has
publicly encouraged white-hat hacking, and has offered to put the
Administration's weight behind any legislative changes needed to protect
good-guy hackers from prosecution or litigation.  That's a good start
(especially in light of the software industry's general tendency to
punish those who point out flaws, for fear of bad publicity), but Clark
is mostly concerned with probing friendly systems for weaknesses.  What
we really need is a program to harness the energies of good-guy hackers
to go after the bad guys.  Terrorism is a decentralized, fast-moving
threat, meaning that a decentralized, fast-moving response makes sense. 
Bureaucracies aren't good at that, but Americans are. 

Electronic privateering, anyone? It's an idea whose time may have come. 

Copyright © 2002 Tech Central Station


------------------------ Yahoo! Groups Sponsor ---------------------~-->
4 DVDs Free +s&p Join Now
http://us.click.yahoo.com/pt6YBB/NXiEAA/RN.GAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 



This archive was generated by hypermail 2.1.2 : 2002-10-01 06:44:32 PDT