Yes! About bloody time
First rogue state I'd like you to crack down on is the USA.
A former White House security advisor has urged a crackdown on rogue states that serve as a "safe haven" for cybercrime, along with a fundamental rethink of internet architectures. Richard Clarke, who served as special advisor to the President George W Bush on cybersecurity, told delegates to the RSA Conference in London that …
First rogue state I'd like you to crack down on is the USA.
Capture the dollar and she's yours, Tom 38.
They could certainly do with the help.
I mean, his points have some validity, but most "cyberattacks" are still based around guessing passwords and getting people to click on things they shouldn't. You can re-engineer the architecture as much as you want without those problems going away.
Just like a playground bully, find weak kids to pick-on and demand lunch money with menaces! Why try to hard, when picking the easy solution has far more glory! ( Not mentioning turning up late to some little tiffs during the last century! )
"What's needed is a fundamental re-appraisal of internet architectures, building a more secure system that fit for purpose" said the ex-government advisor.
I wonder what purpose he has in mind?
"Clarke said that many nations had offensive cybercrime capabilities, arguing that some form of arm control talks on cyberweapons might be needed."
I would like to see talks at the UN would preclude nations-states from developing some kind of software to be used as a weapon (though Clarke does not seem to mention how this Kuang Grade Fantasy is actually related to the Real World) while the same talks do not preclude nations-states from developing and hoarding nukes and giving the two-finger salute about it to all & sundry (and I'm not talking about Iran but the perennial wailing victim on the Mediterranean)
In the end, I guess this just boils down to a book tour.
a politico actually talking sense here. The protocols underlying the internet were developed at a time where they expected a handful of people to use them and expected them all to "play nice" with each other. Unfortunately, those days are long gone and we should probably throw out a lot of the current protocols etc and redesign with security and authentication in mind. It'll never happen that way, of course, because it would be far to disruptive to everyone on the net.
As for the "rogue states", the sanctions against these kinds of cyber-criminals (ranging from the spam merchants to the corporate spies) need to have some kind of effect, otherwise it's too easy and low risk to carry out these operations.
It's nice to see a computer security adviser talking sensibly about these things as opposed to "blame the Chinese for it all!" of recent times.
I'm sure anti-Chinese internet user hysteria will rule out in the ranks of the unwashed masses, however one thing people need to remember is that there are more Chinese internet users then there are people in North America.
Over 400 million Chinese internet users while the whole population of North America is about 330 million people. They've had over a 1700% increase in usage since 2000.
If you look at IM usage the Chinese QQ is the most widly used IM in the world with Skype in second place.
The online Landscape is going to change a lot over the next decade with the rise of China, India and, Brazil.
""I'm not saying cyberwar is about to happen. Just because nations have cyberweapons in their inventory is doesn't mean they are not going to rush out and use them. What it does mean is that they have an option of sending a cyber-attack instead of a conventional assault," Clarke concluded."
Nations don't have cyberweapons. They just know of Ethereal Entities who build them with Almost Perfectly Sensitive Triggers with Key Universal Tremblers.
Almost Perfect allowing for Continual Infinite Search to the Point of Unity and Singularity where Processes Deliver Source Core Ore and Beta MetaDataBase Programmed Lode. ...... CodeXSSXXXX
Well we have our own cyber warfare capabilities aswell as America so wouldn't using DDOS attacks against targets that try to hack us provide a decent deterrent?
I'm sure we have the capabilities to work out where most of the attacks are coming from and work to knock them offline
The best defense is a good offense
I completely agree that we should force Microsoft by all means necessary, in order to make sure that their Windows OS finally applies normal and well proven scientific security measures in their operating system.
It's because the supplier of the most used OS in the world refuses to do so that we have all these problems. Microsoft thinks it can go at securing Windows alone. It does not listen to computer security specialist, it refuses to specify attacks, comment on bugs or take action when flaws are brought to their attention. That's why we have all these problems.
Because Windows is the most use OS, the malfunction of it starts to become a social problem. And thus governments (or at least the people of the world) need to step in and correct the failures of Microsoft.
So only then, when MS gets their OS up to par, cyber* (crime, war, espionage) will come to an end or will be much more difficult.
"He pointed out that the numerous cases of corporate victims of hacking had firewalls, up to date anti-virus and intrusion prevention."
...did they also have Windows as their operating system?
Just because he was That Guy Who Said Al Quada Was About To Attack when everybody else in the room was saying "Shush! It's nearly nap time for Georgie - don't get him over-excited", now we should pay attention to him?
Thanks all the same, but I'd rather listen to people who're telling me what I want to hear, if that's QUITE all right.
I wonder what countries might be harbouring financial services terrorists?
Maybe USA, UK, ... ?
"Clarke said "renegade" countries need to be pressured into acting on cyber-criminals through a process akin to the way in which countries who tolerated the laundering of drug profits through their banking system were brought into line."
Yeeees. Erm, just remind me, how's that whole war on drugs thing going again ?
20,000 innocent bystanders killed.
17,008 felony marijuana arrests in 2009 (california only)
Kids switched to meth because their dealer can't get pot anymore.
A RAND Corporation study estimates that if legalized, pot prices in California will drop from $500 per ounce (untaxed at any level) to $100 per ounce ($50 to grower plus $50 State tax.)
Unsurprisingly, one of the groups tha opposes Proposition 9 in CA is the cannabis growers.
Pint because there is no Gram icon.
What's next? Invading countries that harbour cybercriminals to make the Internets safe for Windows?
I hear that Iran just acquired the low orbit ion cannon...
"The money spent to develop the next version of the X-box would be better spent on the next protocol for the internet. With respect to Vint Cerf and the engineers who created the internet we ought to think about developing a network that's more secure."
So this guy hasn't heard about IPv6? We already have "the next protocol for the internet". Yet a lot of devices aren't supporting it, even though they should be doing it. The TCP/IP stack wasn't made by Vint Cerf, though ... that was earlier.
Really needs to stop telling people he invented the damn internet. Fair enough he has a better claim than Dan Quayle, but come on Vincey, we all know the story by now mate.
having up to date super bomb proof protocols etc.
but that is all mere frippery if the operator is a gullible numpty open to all manner of social engineering based attacks.
what is needed is fixed, registered IPs for each and every user and an end too the free for all that internet cafe's and wireless access points provide.
"what is needed is fixed, registered IPs for each and every user and an end too the free for all that internet cafe's and wireless access points provide."
Nothing to hide, nothing to fear eh ?
Might I detect the next excuse for preemptive invasion politics ?
"They have cyberweapons of mass destruction, Mr President !"
"Invade, General. Invade."
Pff. I recall clearly having read not long ago something about boffins publishing a paper in which they go about disproving the FUD concerning cyber attacks and "bringing down the power grid". It seems that it's a lot more difficult than just sending the proper hack sequence from a botnet.
Of course, this study was for the UK, if I'm not mistaken.
In the USA, it's an entirely different ball game. A country who's most sensitive military servers can get broken into by an autist with a phone is obviously a country that needs to be on the alert for actual hackers with evil intent.
Oh, and firewalls do actually work, Mr Ex-Presidential Advisor. You just have to know how to configure one - which is obviously a major issue in US government circles.
"Unfortunately, those days are long gone and we should probably throw out a lot of the current protocols etc and redesign with security and authentication in mind. It'll never happen that way, of course, because it would be far to disruptive to everyone on the net." .... John Riddoch Posted Thursday 14th October 2010 10:08 GMT
Wow, John Riddoch, that is exactly what Power in Elite Control Groups have done with CyberIntelAIgent Command and Control Security Systems ..... and IT has Built AI NEUKlearer HyperRadioProActive Networking.
Do you think that then means that Virtual Machinery is Present Future Destiny's Driver. ....... PathFinder FutureBuilder.
AIJoker Card for SMART Enabling Chancellors and State Treasuries ......in Public Private Pirate Purse Mode ...... Prodigious Provider Meme.
As you may be Aware, have Special IntelAIgents Services been Perfectly Busy, 21st Century Networking. Sharing a Host of Bridges for Rapid Direct Connection and Virtual TelePortation ..... Quantum Communication Space Time Travel to an Imagined and Real Future Set, Global Operating Device Provided.
For the Replanting of Earthly Assets in Fertile Soils and Fabulous Schema.
You got my vote.
Ultimately one cannot have true freedom of speech if one does not have the capability to speak out anonymously.
Any re-architecting of the internet that would remove the use of programs like TOR or other methods of anonymity would necessarily destroy freedom of speech on the internet.
With the good comes the bad. You either believe in freedom of speech or you don't.
I know where I stand, do you?