Goodies to Go ™
April 15, 2001–Newsletter #126
This newsletter is part of the internet.com network.
http://www.internet.com
Please visit https://www.htmlgoodies.com
************************************************************
Greetings, Weekend Silicon Warriors,
I am back from Florida after a much-needed week of rest.
I spent some time at Florida State University and
then at Destin Beach flying a kite. It was the most
amount of fun I’ve ever had with a $4 toy. I’ve been
spending the morning searching the Web for bigger and
better kites. I think I’ve found a new hobby and I can be
to the beaches in Mississippi in less than 90 minutes.
Did you hear…
The May 16th execution of Timothy McVeigh will be
“broadcast” to relatives of the victims over closed-circuit
television. The concern many have is that this broadcast
might be seen by many in the Hacking community as
their Super Bowl. Attorney General John Ashcroft told
reporters that the broadcast will “use the latest encryption
technology integrated with state-of-the-art video-
conferencing over high-speed digital telephone lines”.
The problem the government faces is that the execution
will take place in Terre Haute, Indiana and the main
audience will be in Oklahoma. There certainly isn’t a
dedicated phone line from one point to the other so
traditional phone lines will be employed. If I were to bet,
I would think someone will get it. Images, and maybe
video will show up on the Web soon after.
Speaking of Hacking, it was reported by Moskovsky
Komsomolets [http://www.mk.ru/], and later the Moscow
Times, that officials at the U.S. embassy in Moscow
attempted to pay a Russian hacker $10,000 and a Visa to
enter the Russian Federal Security Service’s (FSS)
system in order to copy and alter files. The Hacker,
known only as “Vers,” turned the job down and later
turned himself in. The FSS questioned Vers and later let
him go since there were no laws against a spy turning
himself in before any crimes were committed.
On another subject, but no less concerning, Kozmo.com
has shut its doors putting 1100 persons out of work. In
addition, the once untouchable Yahoo has laid off 420 in
an effort to bring the bottom line into better focus.
Now onto today’s subject…
I am writing this newsletter on the Saturday after the U.S.
service personnel held in China arrived safely in Hawaii.
After a two-day debriefing, the men and women of the
U.S. spy plane will be given a 30-day leave and all will
be forgotten, right?
I have often wondered, and have written about
[https://www.htmlgoodies.com/letters/067.html], whether
an act of Cyber-terrorism is possible. Moreover, if
possible, could it actually be undertaken? I ask that
because it is my opinion that it would take a large
contingent of very motivated and very skilled people
working together to produce a strike that would get the
attention of the nation targeted.
Maybe now it’s going to be attempted. Many Chinese
sites are calling for hacks against the U.S. in retaliation
for the death of a countryman in relation to the spy-plane
incident. The biggest sites, “KillUSA”
[http://killusa.abc.yesite.com/] and SOHU
[http://www.sohu.com/] have started a “Hack the USA”
movement pointing out vulnerable targets and offering
information and help to get the job done.
This story has been in the news now for three days and I
haven’t found any stories of successful attacks, but that
doesn’t mean that it hasn’t happened nor does it mean
that it won’t.
It’s obvious the U.S. sees cyber-terrorism, as a real
threat. President Bush has made a point of earmarking
more money to combat it. And, as you read above, the
U.S. itself actually sees hacking as a method of spying.
If one sees a tool as something to use against an enemy,
then wouldn’t one see that same tool as a threat if
used against him or herself personally? That makes
sense to me.
What might make the U.S. see the Chinese Web sites as
somewhat of a concern past a couple angry kids with a
PC, is the fact that many experts see the U.S. as ready to
be hacked. Michael Vatis, who was once the head of the
U.S. cyber-police, sat on a four-person panel at the RSA
Data Security Conference and basically proclaimed that
U.S. systems are full of holes that cannot be repaired.
The panel agreed that security not only depends on what
you do but also on what anyone attached to you does and
that makes for a very vulnerable system.
I don’t doubt that this coming Monday, the U.S. tax
deadline, that hackers will make an anti-tax, anti-
government statement somewhere. It may not be the IRS
page, but possibly a smaller tax bureau page somewhere
in middle America. That will once again show that holes
exist and that if a kid in his room can make a strike,
what’s to stop a nation from gathering a group of angry,
brilliant people together and making an organized hack
attack all in one fell swoop?
Nothing really.
The problem is the organization of such an attack. The
Chinese sites above might not constitute much of a threat
because they are not overly organized. The sites are full
of angry rhetoric and calls for action but no seemingly
organized force or front that will all strike at once.
Although a concern, the threats from these sites don’t
seem to measure up to a true threat of full-scale cyber-
terrorism. From what I have read, there just isn’t enough
of a uniform plan or mission and I believe that will be
what is needed if someone is to actually use hacking as a
retaliation or terrorist threat in the same way another
group would use a bomb.
I could conceive of one person hitting one target, but
could that one hack be devastating? I don’t think so, at
least not to the point where the nation’s head would turn.
That would have to be one heck of a hack, harming
extremely sensitive data that couldn’t be quickly replaced
and would have far-reaching effects.
Is there one hack hit that could do that? Some might
argue with me, but I don’t think so.
For hacking to be seen as a true weapon, the hit would
have to be large, encompassing multiple strikes. The
closest I have seen to the situation I envision would be
the Smurf attacks that shut down some of the major
Internet sites and search engines.
I believe that hacking could actually be a viable weapon.
If used correctly and in enough force, vulnerable systems
could be hit and certain infrastructures brought to their
knees. I just don’t yet see the Chinese sites above as
providing that strike, but I do believe its coming.
As it stands, I believe the tough talk on the sites
mentioned above will produce a few hits that may or may
not make the news but nothing of any real concern.
I’m waiting for, but not looking forward to, the one time
that a nation is able to gather together some great
computer minds and actually create a hacking force
that will do enough damage that the attack will be
considered terrorism. I believe it could be done.
On a lighter note, there is another story regarding China
and the Internet that I found interesting while I was
researching this piece. The site “Eruptor”
[http://www.eruptor.com/] offers Palm Pets. Those are
little animation that will play on your Palm Pilot. Their
latest is an animation of president Bush picking his nose
and dancing like a clown. You can see it
at their Web site.
Over 80% of the downloads are coming from one
country. You guessed it. China.
The White House has no comment.
>>>>>>>>>>>>>>>>>
That’s that. Thank you for reading.
Joe Burns, Ph.D.
And Remember: There’s a little town right near where I
live named Ponchatoula. They proclaim to be the
“Strawberry Capitol of the World”. Louisiana is a big
producer of strawberries. The plant grows so well here
that my university actually has them planted around the
buildings and many shops sell them as hanging baskets.
In fact, many believe that Louisiana strawberries are the
sweetest because of a unique mixture of sand and clay in
our soil. While walking around the Ponchatoula
Strawberry Festival eating some of the best strawberry
shortcake ever created, I ran across this fact. The “straw”
in strawberry has nothing to do with actual straw. The
name came from the way the plant grows. It shoots off
little runners that were once referred to as “strays”. In
fact, the original name of the plant was “strayberries”.
Over the years it just simply changed over to
strawberries. Oh, and by the way, the strawberry is also
the only berry that has its seeds on the outside of the
plant. In addition, it’s really good when fried in batter
and dipped in chocolate.