Posted by
Steve Smith on
URL: http://friam.383.s1.nabble.com/Picture-of-the-Internet-tp7583065p7583071.html
Glen -
> I can't help but wonder why we don't extend the "virus" (or "infection")
> metaphor all the way out. The way viruses interact with our bodies is
> pretty !@#@$@& complex. I don't know of any naturally occurring viruses
> that are (purely) beneficial. But there are many that are, in some
> sense, neutral. It's reasonable to think there exist beneficial
> viruses, analogous to probiotic gut flora. Toss that into the hat with
> endogenous retroviruses and a somewhat rebellious attitude I hear from
> some people about purposefully exposing themselves to dirty contexts and
> refusing to use hand sanitizers in order to keep their immune system in
> good shape, and you begin to see a stark difference between the metaphor
> as used in computer networks versus the real thing. (Sheesh, is that a
> run-on sentence?)
Stephanie Forrest at UNM (formerly CNLS/SFI) has done extensive work in
this general area, I'm not up on why/how it is (not) implemented in the
real world. You might have known her during your time at SFI?
Last time I had an in-depth visit with her was maybe 2007 and I'm sure a
great deal has happened since! It seemed like a lot was funded by DARPA
at the time and therefore some of that wasn't being published in the
open (or was being delayed?)
http://www.cs.unm.edu/~immsec/research.htm
>
> I know a few radically "open" advocates here in Portland who refuse to
> secure their wifi access points/routers with passwords, allowing their
> neighbors and passers by to access a demilitarized zone on their
> network. This results in a "donation" of bandwidth to the public. But
> despite their technical efforts and skills with their internal
> firewalls, it still puts their network at risk. I would think we might
> extend the "infection" metaphor deeper and develop layers and
> sub-systems of different sorts of "immunity" against botnet, worm, and
> virus infections. But some of them, perhaps running BOINC or like this
> mapping botnet, could be considered healthy infections, perhaps even
> crowding out bad infections (e.g. Aida) like the good bacteria in our guts.
I always leave my WiFi open and the doors to my house unlocked... both
are considered an invitation to mischief. All the mischief I have
experienced in my life has been in *in spite of* such precautions...
most house-door locks are easily defeated (and certainly are the easily
broken windows throughout most houses without alarms/bars) as are car
windows (smash and grab).
The aesthetic of leaving an open WiFi is not just bandwidth of course,
but access... I'm not trying to make it easy for my teenage neighbor to
double his bitTorrent feeds, I'm trying to make it easy for his friend
who visits to hop on a network and check his email without having to go
through the (often elaborate) transaction of getting a password.
I use my internet as if it is being monitored (wait, it probably is,
even if my wifi is locked down) just as I assume anyone who wants to can
get into my vehicle on a whim... (Don't leave valuables in plain sight,
if you lock the door, they still get them, but you also have a window to
replace now). Convertible owners often don't lock their doors, who
wants the top slashed just so someone can riffle your glove box and
look under the seats for the hidden valuables?
"do you have WiFi? can I use it?"
"sure"
"I see your network requires a WPA Password, do you know it?"
"let me see.. my dad set that up... I think it was..."
"did he write it down"
"yuh... its around here somewhere.."
"do you remember a mnemonic?"
"yuh... it was something about his birthdate and his first pet and
his grandmother's maiden name.."
"ok... hmmm..."
"shuffle shuffle"...
"nevermind, I see your neighbor has an open WiFi, I'll just pop on that."
"great!"
"no problem, thanks (for nuthin)"
In Berkeley ca 2005, if I felt sluggish (I mean my internet), I would go
check my DHCP logs on my router to see how many people were on it... it
was often a significant fraction of the limit I had set of 30. At the
time I only typically had 1-3 devices of my own on it. Within my reach
there was usually 1 or 2 other open nets and dozens (there was a large
apartment building right next door) of closed ones. If any of the
connections seemed to be using egregious amounts of bandwidth (this was
802.11G) I would bump them off and block them if they came back too
often (using big bandwidth). If I was grumpy or in a hurry I would
just shake everyone off and see how many came back quickly.
Fundamentally I never felt abused. It was healthy to be reminded that
my network traffic was transparent to anyone interested in looking (not
just those with enough resources to tap the local/regional backbones).
Don't send anything clear-text. HTTPS and SSH are your friends. Keep
your *services* passworded, etc.
There are those who prefer to wear a belt *with* their suspenders and
there are those that don't.
- Steve
On 05/01/2013 11:46 AM, Steve Smith wrote:
>> I have read the paper (but only once through) and it appears that most
>> if not all of the machines in question are in fact "embedded" computers
>> running inside of printers, webcams, NAS devices, set-top internet
>> devices (game consoles/Netflix boxes/etc) and even industrial control
>> systems. I do not see anywhere where "real computers" are excluded, I
>> assume that they are (mostly) self-excluded by not having a telnet port
>> open and/or having more security than no password or admin/admin or
>> root/root as password.
>>
>> I would call this more of an exploit than a hack (if the difference
>> matters)... and the humility shown in the work and in the paper is
>> surprising. If you read deep enough, you will discover that a
>> side-effect of this work was to take very limited steps to lame another
>> botnet being deployed at the same time, known as "Aida". All of the
>> resulting data is available online ~.6TB worth... I'll be interested in
>> subsequent analysis!
>
============================================================
FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe
http://redfish.com/mailman/listinfo/friam_redfish.com