[133428] in North American Network Operators' Group
Re: Mastercard problems
daemon@ATHENA.MIT.EDU (Marshall Eubanks)
Thu Dec 9 11:11:56 2010
From: Marshall Eubanks <tme@americafree.tv>
In-Reply-To: <4D00A373.3010806@prt.org>
Date: Thu, 9 Dec 2010 11:11:49 -0500
To: Paul Thornton <prt@prt.org>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Dec 9, 2010, at 4:37 AM, Paul Thornton wrote:
> On 08/12/2010 20:42, Jack Bates wrote:
>> Of course, it's debatable if use of LOIC is enough to convict. You'd
>> have to first prove the person installed it themselves, and then =
you'd
>> have to prove that they knew it would be used for illegal purposes.
>=20
> Earlier this morning there were two people interviewed on the BBC =
radio 4 Today program (this is considered the BBC's flagship morning =
news/current affairs show on their serious nationwide talk radio =
station) about this - one was a security consultant and another was a =
member of/spokesman for the 'operation payback' group. One wonders why =
the Met Police didn't have someone waiting to have a quiet chat with the =
latter when he left the studio.
>=20
> Both of them said that people had been voluntarily downloading and =
installing botnet clients on their PCs in order to take part in these =
DDoS attacks. Ignoring, for a moment, the stupidity of such action it =
is hard to see how you'd be able to argue that this was *not* going to =
be used for illegal purposes.
>=20
> The other amusing part of the interview was when the security =
consultant started off very well explaining a DDoS in layman's terms, =
but then veered off using the terms HTTP, UDP and IP in one sentence =
causing the presenter to intervene as it "was getting a tad too =
technical there".
>=20
There is an interesting analysis in today's New York Times=20
http://www.nytimes.com/2010/12/09/technology/09net.html?_r=3D1
about the attacks on Mastercard, Visa and Ebay, how they were =
coordinated over Twitter and Facebook, and the
free speech issues that that raises for the latter two organizations.=20
My guess is that we will shortly see security folks searching through =
Facebook and twitter along with IRC for signs of attack coordination. It
does seem like these social attacks would lend themselves to obfuscation =
and steganography (i.e., you don't have to=20
say "let's bombard Ebay with packets using X", you can say "Let's send =
Elisa lots of poetry using X," or something more clever), so I don't =
think it
will remain as easy as in this case.=20
By the way, I was amused that a Twitter spokesman boasted that
"The company is not overly concerned about hackers=92 attacking =
Twitter=92s site, he said, explaining that it faces security issues all =
the time and has technology to deal with the situation."
I hope he had his fingers crossed when he said that, as Twitter can =
barely keep the service functioning on a good day, with frequent =
outages.
Regards
Marshall
> Paul.
>=20
>=20
