Return-Path: <sentto-279987-2152-1001073831-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Fri, 21 Sep 2001 05:06:09 -0700 (PDT) Received: (qmail 4574 invoked by uid 510); 21 Sep 2001 12:04:38 -0000 Received: from n5.groups.yahoo.com (216.115.96.55) by 204.181.12.215 with SMTP; 21 Sep 2001 12:04:38 -0000 X-eGroups-Return: sentto-279987-2152-1001073831-fc=all.net@returns.onelist.com Received: from [10.1.1.221] by hl.egroups.com with NNFMP; 21 Sep 2001 12:04:17 -0000 X-Sender: fc@big.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-7_3_2_2); 21 Sep 2001 12:03:50 -0000 Received: (qmail 70494 invoked from network); 21 Sep 2001 12:03:49 -0000 Received: from unknown (10.1.10.27) by 10.1.1.221 with QMQP; 21 Sep 2001 12:03:49 -0000 Received: from unknown (HELO big.all.net) (65.0.156.78) by mta2 with SMTP; 21 Sep 2001 12:04:15 -0000 Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id FAA14980 for iwar@onelist.com; Fri, 21 Sep 2001 05:04:15 -0700 Message-Id: <200109211204.FAA14980@big.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Fri, 21 Sep 2001 05:04:15 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] [fc:Commentary.on.Patriotic.Hacking] Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Commentary on Patriotic Hacking Attrition staff have been getting several mails warning of impending "patriotic hacking" in retaliation for the terrorist attacks on September 11. Some are from the usual opportunists, exploiting world-wide attention on the recent terrorist attacks to further their own agenda. Others are from people who just want to do -something- to feel like they are striking back at those responsible, even if it's the wrong thing. We have all been profoundly affected in our own way by what has occurred, but a reality check is in order. How effective are "cyber-attacks"? First, let's put "cyber-war/jihad/whatever" in perspective to the very real, physical attacks of September 11, 2001. Buildings that were as familar to people as their homes were utterly destroyed. Thousands of people were killed. There are no "backups" to restore what has been lost forever. -No one- was ever killed from a "cyber attack". In a "cyber-war", where is the enemy? The FBI would just love to know that hackers have managed to positively identify which sites belong to those responsible for the terrorist attacks. Even if they could be identified, attacking them could destroy crucial evidence. Blindly attacking sites perceived to be vaguely Arabic is just plain stupid. Attacking sites of people who aren't even remotely involved to vent emotions is even more moronic. What would be the results of a so-called "hacker call to arms"? Typical bottom-feeders will exploit the opportunity presented to generate press and revenue. Law-enforcement is already demanding greater discretionary powers and restrictions on cryptography. The Internet was not the instrument of this any more than freedom was. Hackers who participate in this are providing a nicely wrapped package to justify knee-jerk legislation that will restrict our freedom in the name of "security". Make no mistake - legislating the Internet will not make us more secure. A group with the resolve to murder thousands of innocent people will not be deterred by Internet restrictions. They will just find another way. The biggest result of a "hacker call to arms" is that it will generate a lot of noise that will aid the enemy in destroying our freedom - something they will not permit their own people. If what is perceived to be "our side" attacks "their side", the retaliatory attacks will keep fueling this futile "battle". Our industries need to focus on rebuilding, not responding to nonsense. Those who participate in this should be considered agents of the enemy. This is not to say that we shouldn't take extra precautions to safeguard our networks. People are in a very raw emotional state right now, no doubt making mistakes trying to cope with compromise solutions. Technical people who want to help should do so in whatever way they can, whether it be to volunteer time and skill to the businesses affected, or even just answering technical questions. Those who can't do that should at least help by staying out of the way for now. Don't exploit this for self aggrandizement. - The information and commentary is Copyright 2001, by the individual author. Permission is granted to quote, reprint or redistribute provided the text is not altered, and the author and attrition.org is credited. The opinions expressed in this mail are not necessarily the opinion of all Attrition staff members. ------------------------ Yahoo! Groups Sponsor ---------------------~--> Pinpoint the right security solution for your company- Learn how to add 128- bit encryption and to authenticate your web site with VeriSign's FREE guide! http://us.click.yahoo.com/JNm9_D/33_CAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:46 PDT