Modern warfare: first DDOS, then tanks

Posted on August 13, 2008 by jjn1

From John Markoff in the New York Times Blog…

The Georgian government is accusing Russia of disabling Georgian Web sites, including the site for the Ministry of Foreign Affairs.

Because of the disruption, the Georgian government began posting the Foreign Ministry’s press dispatches on a public blog-hosting site owned by Google (georgiamfa.blogspot.com) and on the Web site of Poland’s president, Lech Kaczynski.

Separately, there were reports that Estonia, which was embroiled in an electronic battle with Russia in May of last year, was sending technical assistance to the Georgian government.

The attacks were continuing on Monday against Georgian news sites, according to Jose Nazario, a security researcher at Arbor Networks, based in Lexington, Mass.

“I’m watching attacks against apsny.ge and news.ge right now,” he said. The attacks are structured as massive requests for data from Georgian computers and appear to be controlled from a server based at a telecommunications firm, he said…

Meanwhile Google has been stung into denying that it had erased maps of Georgia. It never had them in the first place, it claimed.

Hmmm…

Later: ArsTechnica has a thoughtful post saying that the evidence that the Russian military were behind the attacks is not convincing.

According to Gadi Evron, former Chief information security officer (CISO) for the Israeli government’s ISP, there’s compelling historical evidence to suggest that the Russian military is not involved. He confirms that Georgian websites are under botnet attack, and that yes, these attacks are affecting that country’s infrastructure, but then notes that every politically tense moment over the past ten years has been followed by a spate of online attacks. It was only after Estonia made its well-publicized (and ultimately inaccurate) accusations against Russia that such attacks began to be referred to as cyberwarfare instead of politically motivated hackers. Evron writes:

“Running security for the Israeli government Internet operation and later the Israeli government CERT such attacks were routine…While Georgia is obviously under a DDoS attacks and it is political in nature, it doesn’t so far seem different than any other online after-math by fans. Political tensions are always followed by online attacks by sympathizers. Could this somehow be indirect Russian action? Yes, but considering Russia is past playing nice and uses real bombs, they could have attacked more strategic targets or eliminated the infrastructure kinetically.”

Arbor Networks’ Jose Nazario offers additional proof of Evron’s statements, writing: “While some are speculating about cyber-warfare and state sponsorship, we have no data to indicate anything of the sort at this time. We are seeing some botnets, some well known and some not so well known, take aim at Georgia websites…These attacks were mostly TCP SYN floods with one TCP RST flood in the mix. No ICMP or UDP floods detected here. These attacks were all globally sourced, suggesting a botnet (or multiple botnets) were behind them.”

Still later: Tech Review is reporting that the USAF is considering mothballing its nascent Cyberspace Command. Another report here. Bad move, IMHO.

What’s happening to Internet data traffic?

Posted on August 11, 2008 by jjn1

From Minnesota Internet Traffic Studies (MINTS):

In spite of the widespread claims of continuing and even accelerating growth rates, Internet traffic growth appears to be decelerating. In the United States, there was a brief period of “Internet traffic doubling every 100 days” back in 1995-96, but already by 1997 growth subsided towards an approximate doubling every year, and more recently even that growth rate has declined towards 50-60% per year. South Korea, which along with Hong Kong appears to be the world champion in Internet traffic intensity, experienced its brief burst of “Internet traffic doubling every 100 days” around the year 2000, when broadband was widely deployed. It then appears to have had several years of annual traffic doubling, but currently (based on anecdotal evidence) is also growing at about 50% per year.

Traffic growth rates of 50% per year appear to only about offset technology advances, as transmission capacity available for a given price steadily increases. Thus although service providers are pushing to throttle customer traffic, an argument can be made that they should instead be encouraging more traffic and new applications, to fill the growing capacity of transmission links…

Interesting. But the MINTS researchers’ reservations about the reliability of their methodology makes one conclude that nobody really knows what’s happening.

Poynter Online – Forums

Posted on August 11, 2008 by jjn1

The Manaing Editor of the Philadelphia Inquirer has sent a memo to all staff. It reads, in part:

Colleagues – Beginning today, we are adopting an Inquirer first policy for our signature investigative reporting, enterprise, trend stories, news features, and reviews of all sorts. What that means is that we won’t post those stories online until they’re in print. We’ll cooperate with philly.com, as we do now, in preparing extensive online packages to accompany our enterprising work. But we’ll make the decision to press the button on the online packages only when readers are able to pick up The Inquirer on their doorstep or on the newsstand.

For our bloggers, especially, this may require a bit of an adjustment. Some of you like to try out ideas that end up as subjects of stories or columns in print first. If in doubt, consult your editor. Or me or Chris Krewson…

This has caused quite a stor in the blogosphere. For example, Jeff Jarvis writes:

Let me make this very clear to Inquirer ownership and management:

You are killing the paper. You might as well just burn the place down. You’re setting a match to it. This is insane. Even the slowest, most curmudgeonly, most backward in your dying, suffering industry would not be this stupid anymore. They know that the internet is the present and the future and the paper is the past. Protecting the past is no strategy for the future. It is suicide. It is murder. You should be ashamed of yourselves…

The lessons of history

Posted on August 10, 2008 by jjn1

This morning’s Observer column…

Forty years ago this week, a British scientist named Donald Davies unveiled one of the great technological ideas of the 20th century. He called it ‘packet-switching’, which must have sounded odd at the time because it was a way of enabling computers to communicate with one another. But it turned out to be the basis for all modern digital communications and it’s the technological foundation on which the internet is built…

Yawn

Posted on August 9, 2008 by jjn1

Wall-to-wall Olympics for the next three weeks. Zzzzzz…

Meanwhile Russia and Georgia are going to war while the world’s attention is focussed on these idiotic games. Bah!

Gorillapod

Posted on August 9, 2008 by jjn1

This just has to be the photo accessory of the decade. I think it was Michael who discovered it first, and then Quentin had one, and I was reduced to photographing theirs while grinding my teeth in envy. Now, as a belated birthday present from my lovely daughter, I have one too. Yippee!

No ‘Tibet’ at Hotmail. I wonder why…

Posted on August 8, 2008 by jjn1

The New York Times Blog has been following up complaints from would-be Hotmail users who have been told that they cannot have a username which includes the letters “tibet”.

Big American tech companies have given us plenty of reasons to be cynical about how far they will go to keep China’s leaders happy and keep their fingers in the Chinese market … And China’s leaders would prefer that everyone just not mention those unruly Tibetans, especially with the Olympics on the way. But would the Chinese regime really feel threatened by the creation of, say, ILoveTibet@hotmail.com? And even if it did, would Microsoft really agree to help perpetuate that insecurity?

A Microsoft spokeswoman had a different explanation. The company blocks usernames that include the names of various financial institutions. This is meant to make life harder for those seeking to impersonate a bank using an official-looking e-mail address in order to steal customers’ passwords. In this case Microsoft is blocking usernames containing “tib,” apparently to protect customers of TIB Bank in Florida.

Ho, ho!

Nudge, nudge…

Posted on August 8, 2008 by jjn1

Where do the Cameroonians get their ideas from? One source, apparently, is Nudge: Improving Decisions about Health, Wealth and Happiness by Richard Thaler and Cass Sunstein. This focuses on the foibles and idiosyncrasies of human behaviour and on how, with a little discreet encouragement, we can usually be ushered in the right direction. Writing in the Guardian, James Harkin is not impressed.

Nudge has been put on a list of 38 books which Tory MPs have been given by Dave as their summer reading. I’ve just looked at the list. It’s got some weird things on it — The Rise of Boris Johnson, for example. The only item I’ve read is Ferdinant Mount’s memoir, Cold Cream. Other books are Tom Wheeler’s book on Abraham Lincoln’s use of the telegraph in the Civil War and Philip Bobbitt’s Terror and Consent. And why the Cameroonians should need David Runciman’s Political Hypocrisy is beyond me, given that they are such past masters of the art.

Er, wink, wink.