[olug] Fwd: [Secure0maha] 2010 - A cyberwar odyssey?

Adam Haeder adam at adamhaeder.com
Thu Dec 9 20:22:46 UTC 2010


Interesting comments on the wikileaks thing from Jim O'Gorman

---------- Forwarded message ----------
Date: Thu, 9 Dec 2010 12:18:53 -0600
From: Jim O'Gorman <jim at elwood.net>
Reply-To: secure0maha at googlegroups.com
To: secure0maha at googlegroups.com
Subject: [Secure0maha] 2010 - A cyberwar odyssey?

This whole wikileaks/anon/DDoS situation has become really big. As in
history book big. And it has got me thinking
about a few various things.
The whole situation is playing out like a cyberpunk novel, full of flawed
individuals, anti-authority, old guard
losing control, and a reminder that the internet is not a sanitized mall.
And like any good noir, I don't think this
is going to end well for anyone, including those of us just watching on the
sidelines.

Politicians are mad, corporations are mad, and the general public does not
really know anything is going on but when
they do they will just be told "be scared". Knee jerk laws are going to be
passed that will have unintended
ramifications. 4chan is getting way to much pub, and I have to shake my head
at the thought of the number of people
that are going there and not ready for what they are going to see.

The whole idea of calling this a "cyber war" is sort of amazing as well, but
like it or not I think that label is
stuck on this event, and no amount of raging is going to change that.

I will be really interested to see how long anon will keep up DDoS against
payment systems. That could have real
impact on online sales if it is maintained for a long period of time. Also,
really interesting to me to see if there
are any PCI changes that come out if this.

I am really interested to see what happens these next three months or so
while this plays out. One thing that has
crossed my head is the thought that any sort of new regulation and "shut
down" of sites that come out of this might
drive us closer to having a separate network outside of the primary
internet.

And of course, the raw idea of that gets me thinking about how I would build
something like that, as thats just how
my mind works. I think the tech is here today with existing tools to make a
sort of "tunnel net" grow up overnight if
it had too.

I used to play around with IPv6 over IPv4 tunnels a lot about 10 years ago,
and it worked great. At that time the
IPv6 internet was almost entirely separate from the "primary" internet, with
its own addressing scheme, DNS, etc.
Thats all gone now, but the framework is there. Take Tor
style endpoints that you can tunnel into via encrypted
connection (likely wrap it all in HTTP/SSL on port 443 so it looks like
normal HTTPS making it harder to filter). The
tunnel just gives you a virtual interface, and you feed in the new DNS, and
BAM, you have a distributed tunnelnet
that no one controls. Heck, I have seen wifi routers getting altered to do
transparent bridging into Tor, this could
likely have the same thing done to make access easier.

I bet you could actually take the existing Tor software, and by simply
altering the config that everything is right
there to have this right now.

Frankly, the idea is cool enough to me that even outside of everything thats
going on its something I would like to
see happen. It would make your actual connection no longer be relevant as
its just used as gateway to the tunnelnet.

I will stop ranting now. ;)
Jim



-- 
Adam Haeder
adam at adamhaeder.com

Check out my latest book: LPI Linux Certification in a Nutshell from
O'Reilly: http://bit.ly/bvQQ0I



More information about the OLUG mailing list