Return-Path: <sentto-279987-5187-1029356900-fc=all.net@returns.groups.yahoo.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Wed, 14 Aug 2002 13:30:08 -0700 (PDT) Received: (qmail 32362 invoked by uid 510); 14 Aug 2002 20:26:52 -0000 Received: from n36.grp.scd.yahoo.com (66.218.66.104) by all.net with SMTP; 14 Aug 2002 20:26:52 -0000 X-eGroups-Return: sentto-279987-5187-1029356900-fc=all.net@returns.groups.yahoo.com Received: from [66.218.67.199] by n36.grp.scd.yahoo.com with NNFMP; 14 Aug 2002 20:28:20 -0000 X-Sender: fc@red.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-8_0_7_4); 14 Aug 2002 20:28:20 -0000 Received: (qmail 87844 invoked from network); 14 Aug 2002 20:28:19 -0000 Received: from unknown (66.218.66.216) by m6.grp.scd.yahoo.com with QMQP; 14 Aug 2002 20:28:19 -0000 Received: from unknown (HELO red.all.net) (12.232.72.152) by mta1.grp.scd.yahoo.com with SMTP; 14 Aug 2002 20:28:19 -0000 Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id g7EKT7C26983 for iwar@onelist.com; Wed, 14 Aug 2002 13:29:07 -0700 Message-Id: <200208142029.g7EKT7C26983@red.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL3] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Wed, 14 Aug 2002 13:29:07 -0700 (PDT) Subject: [iwar] [fc:Privatizing.the.Cyberwar] Reply-To: iwar@yahoogroups.com Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 8bit X-Spam-Status: No, hits=0.1 required=5.0 tests=PORN_10,DIFFERENT_REPLY_TO version=2.20 X-Spam-Level: Privatizing the Cyberwar By Glenn Harlan Reynolds08/14/2002 It is no secret that Al Qaeda and other Islamic terror groups make extensive use of the web. Some websites provide coded messages, in the same fashion that radio stations used to broadcast coded messages for spies in enemy territory. Others play a role in recruiting, in disseminating propaganda, and in soliciting donations. Some may serve all of these functions. No doubt various official U.S. government agencies are looking at these sites, in order to gather intelligence and identify enemies. But they're not alone. In fact, one of the interesting aspects of the cyber-war has been the extent to which ordinary citizens have gotten involved. Sometimes, the stings are quite elaborate. For example, the pseudonymous hacker "Johnathan Galt" appears to have set up a phony pro-terrorism site (cached version here) that solicited support and donations from those sympathetic to Islamic terror. After operating for several months (with, apparently, the assistance of Islamist bin-Laden sympathizers who thought it was genuine), the site became this new and improved anti-Islamic terror site sporting the legend "We've changed our mind: Jehad is crap!" No doubt Mr. Galt also harvested a great deal of information, including IP addresses, cookie-tracking information, and, of course, identity information via the PayPal donations he accepted, that will be of use to the authorities. (Here's Galt's guide to Islamic terror sites on the web, and here's his report on the "Young Turks'" hijacking of Hizbollah's website.) Similarly, Internet entrepreneur "Jon David," who runs a number of internet porn sites as his day job, has made a hobby out of hijacking pro-terror websites. Most recently he scored a coup by successfully taking over the Al Qaeda website. Visitors were redirected to a mirror page operated by David, from which he harvested 27,000 IP addresses per day along with various other information, which he has shared with the FBI. (No big surprise in one discovery: ninety percent of his visitors came from Saudi Arabia). On a less James-Bondian but still important level, webloggers like Charles Johnson have been asking their readers to look for pages containing support for terrorism, after which they publicize the results and attempt to bring pressure on the ISPs to shut the sites down. Blogger James Morrow found death threats aimed at President Bush on the ClearGuidance site. ClearGuidance has apparently responded by barring outsiders from its chat boards, which does not build confidence. And other folks have jumped in with ideas for disinformation and pranks that will spread confusion at very low cost. At the very least, website monitoring helps keep people informed of what's going on, and website-hacking means that terrorists and terrorist wannabes have to constantly worry about whether their web operations have been compromised. Both kinds of actions serve to make life much tougher for terrorists and their supporters. It's hard to know how these actions compare to whatever is being done by government agencies. It's possible that far more sophisticated operations are underway by skilled and well-equipped government hackers. On the other hand, Jon David's experience suggests otherwise. When David approached the FBI to tell them that he had captured Al Qaeda's website, and that he was eager to cooperate, the FBI's response was glacial: It literally took me 5 days to reach anyone in the FBI that had an even elementary grasp of the Internet. By that time, the hostiles realized the site I had up was a decoy and then advised everyone away from it. I still gave the FBI all the log information and link information to the hostile boards and whatnot, but it's far from what could have potentially been done if they would have acted more quickly. But they are a bureaucracy and as such they move incredibly slow. Earlier this year, I wrote that although terrorists could get inside the decision curve of slow, hidebound bureaucracies, they'd have a tougher time dealing with American civilians: But no sooner did the first plane strike the World Trade Center than the hijackers had to confront someone with a swifter learning curve. As Brad Todd noted in a terrific column written just a few days later, American civilians, using items of civilian technology like cell phones and 24-hour news channels, changed tactics and defeated the hijackers aboard United Airlines' Flight 93, overcoming years of patient planning in less than two hours. No one has successfully hijacked a civilian airliner since - and, as "shoebomber" Richard Reid illustrates, those terrorists who threaten civilian airliners now tend to emerge rather the worse for wear. Against bureaucracies, terrorists had the learning-curve advantage. Against civilians, they did not. This should come as no surprise. American civilians, perhaps more even than their counterparts in Europe, Japan, and the rest of the industrialized world, are used to making rapid changes based on new information. Accustomed to a steep learning curve in business and in life, we should be able to out-adapt those who, after all, are ultimately committed to returning the world to a simulacrum of the 12th century. The good news is that the Bush Administration seems to be figuring this out. Richard Clarke, the White House computer security adviser, has publicly encouraged white-hat hacking, and has offered to put the Administration's weight behind any legislative changes needed to protect good-guy hackers from prosecution or litigation. That's a good start (especially in light of the software industry's general tendency to punish those who point out flaws, for fear of bad publicity), but Clark is mostly concerned with probing friendly systems for weaknesses. What we really need is a program to harness the energies of good-guy hackers to go after the bad guys. Terrorism is a decentralized, fast-moving threat, meaning that a decentralized, fast-moving response makes sense. Bureaucracies aren't good at that, but Americans are. Electronic privateering, anyone? It's an idea whose time may have come. Copyright © 2002 Tech Central Station ------------------------ Yahoo! Groups Sponsor ---------------------~--> 4 DVDs Free +s&p Join Now http://us.click.yahoo.com/pt6YBB/NXiEAA/RN.GAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2002-10-01 06:44:32 PDT