Return-Path: <sentto-279987-1409-994781356-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Tue, 10 Jul 2001 09:12:07 -0700 (PDT) Received: (qmail 3209 invoked by uid 510); 10 Jul 2001 15:11:39 -0000 Received: from fg.egroups.com (208.50.144.70) by 204.181.12.215 with SMTP; 10 Jul 2001 15:11:39 -0000 X-eGroups-Return: sentto-279987-1409-994781356-fc=all.net@returns.onelist.com Received: from [10.1.4.56] by fg.egroups.com with NNFMP; 10 Jul 2001 16:09:16 -0000 X-Sender: ellisd@cs.ucsb.edu X-Apparently-To: iwar@yahoogroups.com Received: (EGP: mail-7_2_0); 10 Jul 2001 16:09:15 -0000 Received: (qmail 68979 invoked from network); 10 Jul 2001 16:08:11 -0000 Received: from unknown (10.1.10.26) by l10.egroups.com with QMQP; 10 Jul 2001 16:08:11 -0000 Received: from unknown (HELO ck.egroups.com) (10.1.2.83) by mta1 with SMTP; 10 Jul 2001 16:08:10 -0000 X-eGroups-Return: ellisd@cs.ucsb.edu Received: from [10.1.2.25] by ck.egroups.com with NNFMP; 10 Jul 2001 16:08:10 -0000 To: iwar@yahoogroups.com Message-ID: <9if996+j2r4@eGroups.com> In-Reply-To: <4.3.2.7.2.20010709155750.00b16d30@poptop.llnl.gov> User-Agent: eGroups-EW/0.82 X-Mailer: eGroups Message Poster X-Originating-IP: 128.29.4.2 From: ellisd@cs.ucsb.edu Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Tue, 10 Jul 2001 16:08:06 -0000 Reply-To: iwar@yahoogroups.com Subject: [iwar] Re: Critical Mass to wage IW Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit > It is difficult to apply the term "war" to situations where guts are not > spilling out everywhere. > Agreed. > How strong the offensive, and how long the duration, does depend upon > resources. And a nation-state will generally have a lot more > resources. But ... Generally... But whit, intellectual capacity, and creativity does not always correlate to large numbers. > > The real point is that the force-difference is greatly reduced. In > ordinary warfare, a nation with n-times more resources might be able to > inflict n-times the damage over the long haul. With cyber-warfare, perhaps > only a log(n) factor is required. As opposed to how many resources the attacker has, I suggest looking at the fragility of the defender. The same resources apply a different force factor, depending on the object of the attack. > > Fifty ordinary "hackers" can produce some damage and a lot of noise. But a > dedicated fifty "master criminals" with deep pockets and a degree of > patient preparation may be able to produce damage many magnitudes greater > than the fifty script-kiddies, no matter how sophisticated those scripts "Fifty." Interesting number. A long ways from a nation state that is. This would be another interesting discussion. How do you measure critical mass? People? If so, do you think fifty is enough/too much/just right? > might be. As Fred points out below, the damage depends on knowing more > than just "I can disrupt some systems", but rather, "this is the system > that controls the dispatch of (trains, natural gas, etc.,) and by diverting > the flow in just this way, I can cause n-times as many casualties". Agreed. I think this is the limiting resource. Knowledge not just of the existence of vulnerabilities, but the knowledge of how to exploit the vulnerability to maximize effect. This is a very hard problem. But, once done, is preserved and kept in a card catalogue for some malicious person to keep until his resources are sufficient for his purposes. > > A well-funded group can sustain a battle by employing "disposable" gear, > stolen accounts, etc. That leads me to ask the question: How good is our traceback capability? I am familiar with academic papers on the subject of traceback, but all of them require mechanisms that haven't been implemented and/or a world view of the traffic. I am confident that this problem is being solved (if it hasn't been solved already) by government agencies. Is anybody at liberty to say "we can catch anybody at a computer who engages a constant stream for more than 10 minutes" or something of the sort (and be able to back it up:). ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:37 PDT