Re: mitigating botnet C&Cs has become useless
----- Original Message Follows ----- From: Barry Shein <bzs@world.std.com>
On August 1, 2006 at 11:50 surfer@mauigateway.com (Scott Weeks) wrote:
... there has to be a technical way to do this, rather than a diplomatic way as the diplomatic ways historically have not worked in the other areas mentioned, so they probably won't work here, either. Or we have to keep going until one can be contrived. Many good attempts have been made and there will be more to come until we hopefully rid ourselves of the sickness others of lower values force on us daily...
I have nothing against technical solutions tho after over ten years of a lot of smart people trying, and a grand prize of probably a billion dollars increase in personal wealth, it doesn't seem forthcoming.
However, I do take exception to the assertion that "diplomatic ways historically have not worked in other areas mentioned".
I think what you mean is that they haven't worked perfectly, but slipped the semantics a little. Surely you didn't mean to say that all efforts to oppose, e.g., the human slave trade have been in vain?
The effectiveness has a lot to do with the profitability making the risk worthwhile (e.g., drug trade), and who the crime appeals to; some poor, desparate people will take risks others won't (e.g., high-seas piracy.)
Unfortunately all this reasoning might be edifying but it leads nowhere.
Yes, you're correct. I didn't mean to say the things you mentioned haven't worked at all. I'm just saying that there has to be a better way than police-type actions on a global scale. Also, I'm sure many more smart people will work on it for many more years and others will make billions more before it's solved. But it needs to be solved on the same playing field that the ugliness is occurring on. You don't solve San Diego's slave trade by kicking ass on Indonesia's pirates. Last, you're also correct that this is leading nowhere. I made my point and have now beat it to death. Thanks for listening... scott
surfer@mauigateway.com ("Scott Weeks") writes:
... I'm just saying that there has to be a better way than police-type actions on a global scale. ...
no, there doesn't have to be such a way. where the stakes are in meatspace (pun unintended), the remediation has to be in meatspace. cyberspace is just a meatspace overlay, it can only pretend to have different laws when nothing outside of cyberspace is at stake. i think that the days when botnets were mostly used for kiddie-on-kiddie violence or even gangster-on- gangster violence are permanently behind us. it's up to the real LEOs now, because it's on their turf now, which is to say, it's in the real world now. as was true of spam when i said this about spam ten years ago, it is true now of botnets that the only technical solution is "gated communities". but the internet's culture, which merely mirrors the biases of those who use it, requires the ability for children to go door to door selling girl scout cookies, without necessarily having the key code to every one of the doors. so the internet community has no appetite for the trappings of any technical solution to botnets. the meatspace community and their LEOs absolutely *do*. -- Paul Vixie
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Paul Vixie Sent: Wednesday, August 02, 2006 2:30 AM To: nanog@merit.edu Subject: Re: mitigating botnet C&Cs has become useless
surfer@mauigateway.com ("Scott Weeks") writes:
... I'm just saying that there has to be a better way than police-type actions on a global scale. ...
no, there doesn't have to be such a way. where the stakes are in meatspace (pun unintended), the remediation has to be in meatspace. cyberspace is just a meatspace overlay, it can only pretend to have different laws when nothing outside of cyberspace is at stake. i think that the days when botnets were mostly used for kiddie-on-kiddie violence or even gangster-on- gangster violence are permanently behind us. it's up to the real LEOs now, because it's on their turf now, which is to say, it's in the real world now.
Pardon the oddball formatting, as much as I loathe Outlook, it is our internal standard for corporate mail. I'd just like to point out Paul, that while we may rely on police to handle crimes in the real world, we still lock our doors. Jamie Bowden -- "It was half way to Rivendell when the drugs began to take hold" Hunter S Tolkien "Fear and Loathing in Barad Dur" Iain Bowen <alaric@alaric.org.uk>
On August 2, 2006 at 07:54 jamie@photon.com (Jamie Bowden) wrote:
I'd just like to point out Paul, that while we may rely on police to handle crimes in the real world, we still lock our doors.
And, in most neighborhoods, feel reasonably safe with locked doors and glass windows (particularly for our vehicles.) The problem starts when the best suggestion is to board up all the windows because they're so easily broken and entered. That is, when security measures become so onerous that they devalue the quality of life. At some point it's time to put the onus on the bad guys and make *them* afraid. P.S. A trick I learned working with the Boston Fire Dept: Many buildings with solid locked doors and barred windows can be cut into right thru the wall in a minute with common handtools, at least enough to reach around and unlock the door. Sound familiar? -- -Barry Shein The World | bzs@TheWorld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD | Login: Nationwide Software Tool & Die | Public Access Internet | SINCE 1989 *oo*
At 6:29 AM +0000 8/2/06, Paul Vixie wrote:
as was true of spam when i said this about spam ten years ago, it is true now of botnets that the only technical solution is "gated communities". but the internet's culture, which merely mirrors the biases of those who use it, requires the ability for children to go door to door selling girl scout cookies, without necessarily having the key code to every one of the doors.
I agree with this in a number of dimensions. One, look at mankind's physical security over the centuries. Walled cities were once in vogue for defense. (Sieges were a DOS attack.) Walled defenses evolved over time, yet there was always a need to have gates for commerce. Eventually walls have become unimportant (mere tourist curiosities) as wealth has shifted from the physical to monetary realm (and then from gold bars to electronic accounts). The goals of attacks, and the methods of attack shift. Defensive strategies must, okay, ought to shift too. Two, look at the DHS recommendation to secure the Internet via DNSSEC and enhancing BGP. What amounts to an unfunded mandate to everyone to "protect themselves" hasn't given much impetus to everybody pitching in and making a safer Internet. My recommendation would have been for the DHS to say to the (US Federal) government "the Internet's an unsafe place, protect your self in dealing with contractors and bidders but requiring all transactions be done with suitable security." Basically protect your own first, recommend safer actions for others, and allow those that want to be at risk to continue doing so. What I mean here is that building a gated community is more likely to happen around the assets the government needs to protect than the government is going to get others to voluntarily spend more resources to defend against boogymen that may or may not exist. Money is more easily spent to answer a need you know than to follow a recommendation from someone you don't. What is considered an acceptable level of safety is relative. For those who get to ride in cars (taxis) around the world, how many times have you been in a cab that has done something illegal in your home country but is considered safe in another (because the action is 'expected')? Gated communities, wall gardens, same thing. Both are counter to the philosophy of which spawned the Internet. But they may also be the only way to make the Internet a reliable tool for mankind and not just an academic exercise run amok. -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis +1-571-434-5468 NeuStar Soccer/Futbol. IPv6. Both have lots of 1's and 0's and have a hard time catching on in North America.
It was pointed out to me that I'm even less of a historian than a lawyer...walls became unimportant (security-wise) when warfare changed. But still, what's being defended has also changed. At 10:22 AM -0400 8/2/06, Edward Lewis wrote:
At 6:29 AM +0000 8/2/06, Paul Vixie wrote:
as was true of spam when i said this about spam ten years ago, it is true now of botnets that the only technical solution is "gated communities". but the internet's culture, which merely mirrors the biases of those who use it, requires the ability for children to go door to door selling girl scout cookies, without necessarily having the key code to every one of the doors.
I agree with this in a number of dimensions.
One, look at mankind's physical security over the centuries. Walled cities were once in vogue for defense. (Sieges were a DOS attack.) Walled defenses evolved over time, yet there was always a need to have gates for commerce. Eventually walls have become unimportant (mere tourist curiosities) as wealth has shifted from the physical to monetary realm (and then from gold bars to electronic accounts).
The goals of attacks, and the methods of attack shift. Defensive strategies must, okay, ought to shift too.
Two, look at the DHS recommendation to secure the Internet via DNSSEC and enhancing BGP. What amounts to an unfunded mandate to everyone to "protect themselves" hasn't given much impetus to everybody pitching in and making a safer Internet. My recommendation would have been for the DHS to say to the (US Federal) government "the Internet's an unsafe place, protect your self in dealing with contractors and bidders but requiring all transactions be done with suitable security." Basically protect your own first, recommend safer actions for others, and allow those that want to be at risk to continue doing so.
What I mean here is that building a gated community is more likely to happen around the assets the government needs to protect than the government is going to get others to voluntarily spend more resources to defend against boogymen that may or may not exist. Money is more easily spent to answer a need you know than to follow a recommendation from someone you don't.
What is considered an acceptable level of safety is relative. For those who get to ride in cars (taxis) around the world, how many times have you been in a cab that has done something illegal in your home country but is considered safe in another (because the action is 'expected')?
Gated communities, wall gardens, same thing. Both are counter to the philosophy of which spawned the Internet. But they may also be the only way to make the Internet a reliable tool for mankind and not just an academic exercise run amok.
-- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis +1-571-434-5468 NeuStar
Soccer/Futbol. IPv6. Both have lots of 1's and 0's and have a hard time catching on in North America.
-- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis +1-571-434-5468 NeuStar Soccer/Futbol. IPv6. Both have lots of 1's and 0's and have a hard time catching on in North America.
participants (5)
-
Barry Shein -
Edward Lewis -
Jamie Bowden -
Paul Vixie -
Scott Weeks