I’ve been getting a number of e-mails and comments asking why I haven’t yet written anything about the Russian/Georgian war and the supposed “cyber-warfare” taking place. ZDNet has written extensively about the DDoS attacks being waged against Georgian government sites.
At first, I thought that this was solely a security issue. As a general rule, I don’t like to talk a whole lot about computer security on Network Performance Daily because I lack the proper mindset to get around security – security experts are people who look at things and see how to break them down, network performance experts are generally people who look at things and see how to build them better. Besides, there are tons of blogs out there about computer security, and very few about network performance.
I’m not going to get into the geopolitical aspects of it, except to say that getting involved in a land war in Asia is one of the “classic blunders.”
However, I did start thinking about things… I mean… wasn’t the Internet partially designed to be a resistant form of communication in case the Russians ever attacked? The irony of the Russians effectively taking down a country’s Internet is… well, it’d be funny if it wasn’t for all the people dying.
What this does tell me, however, is that cloud computing (and I’ll continue to call it that despite Dell’s claim to the term,) has a long way to go. While the Internet can be cheaper and simpler than having a fully-fledged IT department monitoring in-house servers and applications on leased lines over a WAN, the one problem that in-house IT has licked is fault.
For the most part, we’ve managed to get it so that we no longer worry about fault on the enterprise network. It was a while ago that we passed the 99.999% uptime mark. So while we may worry about security and performance, we typically don’t have to worry about the network not working.
But cloud computing still has fault problems. And it doesn’t take the Russians attacking. I love Stumbleupon, but they went down for a few minutes yesterday – Twitter also, but they’ve got problems. Even Gmail, which I greatly rely upon for my personal e-mail, went down for a little while earlier this week.
By and large, cloud computing makes great solutions for smaller companies and start-ups because of the low cost, low maintenance, and portability. However, the tradeoff is reliability – Internet applications simply aren’t as reliable as the bulky solutions that get things done when a single hour of downtime can mean thousands in lost business.
There really is no such thing as a private cloud. The entire concept revolves around using IT services offered from outside companies, which connect on public lines through to shared servers.
This is not to say that there is no room for the cloud in enterprise computing but that incidents like the South Ossetian war show that Internet applications suffer from one fatal flaw: They’re on the Internet.
USA Today publishes “CyberSpeak” from columnist and radio talk-show host (not to be confused with “talk radio show host”), Kim Komando. For over a decade now she has been helping people become more comfortable with digital technology and the Internet. She has won the 2007 Gracie Award, and is a journalist I greatly admire.
I give her that introduction, because I’m going to rip her latest USA Today column, entitled “Web Delivers New Worry for Parents: Digital Drugs,” to shreds, turn the shreds into mulch, and turn the mulch into compost.
We all know that music can alter your mood. Sad songs can make you cry. Upbeat songs may give you an energy boost. But can music create the same effects as illegal drugs?
This seems like a ridiculous question. But websites are targeting your children with so-called digital drugs. These are audio files designed to induce drug-like effects.
All your child needs is a music player and headphones.
The article goes on from seizing the “maternal fear gland” by the throat to explain that she’s talking about binaural beats, which supposedly affect your brain waves and give the listener a high not unlike taking a drug. If this sounds familiar, it’s a lot like the plot behind the William Shatner-created “Tekwar” series of novels.
Guest Post
by Josh Hinkle
Manager, Network Management & Security,
American Heart Association
As the youngest of three siblings I recall my brother hating to give my sister a ride to and from school. Even worse, he despised having her butt-in when he was hanging out with his friends. After all, he was cool and his little sister was well…his little sister.
For my parents this was a great solution because they didn’t have to be the full-time taxi service anymore. Older siblings despise this role as chauffer because their younger siblings end up riding the coattails of older siblings to after school social activities.
At first glance I felt like Web 2.0 was that younger sibling tagging along on the years of hard work by global IT – built on an existing infrastructure while showing the ability to become popular seemingly overnight.
I spent the last 12 years in Information Technology with an emphasis in network management, eight of those years at the American Heart Association. Most recently, I’ve served as Manager of Network Management & Security at the AHA the last two years. Like most corporate network managers I have a vested interest in enterprise application delivery. Our business, like many others, depends on enterprise applications being access by thousands of staff in hundreds of locations. At times our staff has been challenged with latency and remote connectivity. It was then we turned to NetQoS to measure, alert, report and trend our network traffic in an effort to take operations to the next level. As those processes recently began to mature our attention shifted to the free-riding sibling Web 2.0.
While Web 1.0 paved the way for networking billions of people, Web 2.0 is stealing the thunder. In a matter of months everyone has seemed to get LinkedIn, gotten poked on Facebook or Twittered someone. Web 2.0 is now carpooling with enterprise traffic across the same infrastructure competing for the same popularity of bandwidth.
AHA revolves around providing information to reduce cardiovascular disease and stroke, and Web 2.0 has increased the demand on AHA’s infrastructure. It provides a low investment to a large audience. Certainly, Web 2.0 has the potential inform and collaborate with millions, but the background costs of infrastructure and man hours concern me.
Web 2.0 apps are not representative of the traditional enterprise applications. First, they exist outside the bounds of the enterprise infrastructure, yet we manage them on the same WAN. Second, the interactive nature of Web 2.0 apps require additional bandwidth. And third, Web 2.0 applications are not unlike a “human machine” that grows with every click.
Right now, the American Heart Association is engaging in a Social Media Evaluation project to determine where and how we can further leverage this new platform; currently we are leveraging an application in Facebook to reach new audiences interested in the American Heart Association's Start! Walking Movement. The American Heart Association’s “You’re the Cure” Network has a Facebook site coordinates volunteer efforts to inform public officials. Our TCS (Technology and Customers Strategy) Department started an AHA Technology Blog to discuss the technology we use and the organizational accomplishments achieved using technology. Most recently, we posted a story about how a customer Googled symptoms he was having, which led him to our site on heart attacks. His doctor told us that he called 911 immediately and survived because of it.
What I’m currently proposing to senior management is for AHA is to manage our network as if it were two separate networks – one network for our two very different needs. The first network would use MPLS and provide managed bandwidth prioritizing queues for enterprise applications, and the second would offload all Internet bound traffic from the first.
Not too long ago this type of infrastructure investment would appear to be unjustifiable, but given new trends in Web 2.0 as a platform and evolving cost structures it may very well be a business driving reality. We need a network as flexible and adaptive as the business demands.
This will increase our costs for transport but we are now able to guarantee Enterprise traffic on one network and adapt to evolving trends like Web 2.0, video conferencing, etc. on the other. Even with the added costs, by negotiating more volume into our transport cost contracts, we can lower our per MB costs.
Not all of the changes are measured in the bottom line however. Our applications should see great gains in performance, and our network will be fully redundant for each site as the MPLS will failover for Internet traffic, and vice-versa.
I must admit, at first I considered Web 2.0 an (admittedly exciting) nuisance in my network and a menace to my plan for enterprise application delivery. But recently I created my own blog, linked my social network sites, posted you tube videos and started speaking a second language of Web 2.0 terminology. I matured in my thinking as a network manager and now I embraced the qualities of web 2.0 much like my siblings and I matured in our appreciation for each other.
Web 2.0 may be the sibling that is bumming a ride but it has its qualities to appreciate; it may even mature into a traditional enterprise operations model. Fasten your seatbelt and make the most of the ride.
Recently, a posting on Slashdot linked to a story from PC Magazine called “Texas PC Repair Now Requires PI License.” Obviously, this story has gathered tons of attention, and if strictly true, would have a major impact on IT departments across the state, if not the nation.
The law in question is Texas HB 2833, which is an updated collection of amendments to laws regarding private security services. It explains who, exactly, is required to get a private investigator’s license.
The controversial bit of the law in question seems to be this bit. The underlined part is what has been added:
SECTION 4. Section 1702.104, Occupations Code, is amended to read as follows: Sec. 1702.104. INVESTIGATIONS COMPANY.
(a) A person acts as an investigations company for the purposes of this chapter if the person:
(1) engages in the business of obtaining or furnishing, or accepts employment to obtain or furnish, information related to:
(A) crime or wrongs done or threatened against a state or the United States;
(B) the identity, habits, business, occupation, knowledge, efficiency, loyalty, movement, location, affiliations, associations, transactions, acts, reputation, or character of a person;
(C) the location, disposition, or recovery of lost or stolen property; or
(D) the cause or responsibility for a fire, libel, loss, accident, damage, or injury to a person or to property;
(b) For purposes of Subsection (a)(1), obtaining orfurnishing information includes information obtained or furnished through the review and analysis of, and the investigation into the content of, computer-based data not available to the public.
Because the law can be difficult to interpret, the Texas Private Security Bureau issued an opinion statement which clarified their position on this matter. The controversial statements there seem to be:
Computer Repair & Technical Assistance Services October 18, 2007
Computer repair or support services should be aware that if they offer to perform investigative services, such as assisting a customer with solving a computer-related crime, they must be licensed as investigators… [Text of law posted above.]
Please be aware that providing or offering to provide a regulated service without a license is a criminal offense. TEX. OCC. CODE §§1702.101, 1702.388. Employment of an unlicensed individual who is required to be licensed is also a criminal offense. TEX. OCC. CODE §1702.386.
and:
Computer Forensics August 21, 2007
First, the distinction between “computer forensics” and “data acquisition” is significant. We understand the term “computer forensics” to refer to the analysis of computer-based data, particularly hidden, temporary, deleted, protected or encrypted files, for the purpose of discovering information related (generally) to the causes of events or the conduct of persons. We would distinguish such a content-based analysis from the mere scanning, retrieval and reproduction of data associated with electronic discovery or litigation support services.
For example, when the service provider is charged with reviewing the client’s computer-based data for evidence of employee malfeasance, and a report is produced that describes the computer-related activities of an employee, it has conducted an investigation and has therefore provided a regulated service. On the other hand, if the company simply collects and processes electronic data (whether in the form of hidden, deleted, encrypted files, or otherwise), and provides it to the client in a form that can then be reviewed and analyzed for content by others (such as by an attorney or an investigator), then no regulated service has been provided.
… Consequently, we would conclude that the provider of computer forensic services must be licensed as an investigator, insofar as the service involves the analysis of the data for the purposes described above.
In order to clarify some of this and figure out what this would mean to both personal computer repair technicians and network engineers, analysts and system administrators, we contacted Texas State Representative Joe Driver, who authored the bill, Matt Miller at the Texas branch of the Institute for Justice, which has launched a suit against the Texas Private Security Bureau, and RonEarl Bowie of the Texas Private Security Bureau. We’ll have podcasts and transcripts available on this site soon.
First, Texas State Representative Joe Driver, Author of Texas HB 2833:
Editor Brian Boyko, at NPD: So, could you tell me a little bit about who you are and what you do in the Texas Legislature?
Rep. Joe Driver: Hi. My name’s Joe Driver, I am state representative from Garland, Sachse, and Rowlett area which is Northeast Dallas County. I’m the current chairman of the Law Enforcement Committee, and this is my eighth term.
NPD: How often are each of those terms, two years, four years?
Driver: Two years.
NPD: So you have 16 years of experience writing legislation. And you authored this bill, I believe it’s [Texas] HB 2833?
Driver: Yes, sir.
NPD: Now that's currently a bill, not a law, correct? Or has it been passed?
Driver: No, it's been passed. The governor signed it.
NPD: Let me just bring up the law right here - and I'm looking at it. It is "an act relating to the licensing and regulation of certain private security services." Could you tell me a little bit more about what this act was designed to do?
Driver: Basically, it was a clean-up situation for the Securities Act. We felt like we had to go in and clean some things up. Some of it was old stuff, some of it was new stuff, but basically we worked pretty hard to try to just get it so that it was easier for people to interpret and - you know, some things hadn't been changed for quite a few years, so we were going through it, trying to just basically do a real thorough clean-up, and it turned into what you'd call an omnibus bill which is basically something that encompasses a lot of different areas.
NPD: How has the law changed for people who practice investigative services?
Driver: Well, there's quite a few changes in there. I really truthfully couldn't go into all of it, I mean, it's a pretty good sized bill. Of course, the one that's - there's some area that's getting some, I don't know, "interest" out there, but I think it's interest that has been generated by a group of folks, and basically in their newsletter, they just opened a new chapter in Texas and decided to file a lawsuit. That's all in one sentence - so it sounds like they decided to file the lawsuit so they could bring some attention to their new chapter.
NPD: It does to me that the law... now, I am not a lawyer...
Driver: Me neither.
NPD: I am not a... um... pretty good reader of bills. So, what I wanted to know... The claim is that people who repair personal computers would need to get a private investigator's license in order to continue repairing computers.
Driver: Yeah, and that's what they're claiming. It's interesting that they're claiming all that, and they filed a lawsuit on the same day that they decided to open their Texas chapter. To me, I just felt it was a way they're getting a lot of free publicity, and a lot of free press, and free TV time and free radio time, because the bill to me, it says what it says. There's three words that describe somebody that repairs computers, and that's if people retrieve or provide information, and there's three words that somebody "reviews, analyzes, or investigates" that material, then, they do need to have some sort of security clearance because they're delving into people's private lives or private property on the computer.
NPD: The one thing that I noticed was that it seems very clearly that this is for personal computer investigators, like someone who does analysis to determine whether a crime has been committed or something has been stolen, or intellectual property has been violated. It doesn't seem to me that this would apply to people trying to just recover information for the person's wishes.
Driver: Right, and you're correct. You used one of the key words in my opinion, which is "analyze." "Review, analyze, and investigate" are the three key words, in my opinion, that drive the need for people to have some kind of license. Because if they're doing some of that, then they don't need to be - it doesn't need to be just anybody able to do that - they need to have somebody that has a security license. But if someone's just retrieving information and providing information for someone who is going to analyze, to use one of the words, then that's just a regular computer repair person. And those guys are great, they're good at what they do, and we never intended for them to get any kind of license other than have the ability to repair.
NPD: So, how do you think this came about - you mentioned that there was a new group - I think I may have a copy here of - are you talking about the Institute for Justice?
Driver: Yeah, yeah, that's them. Well, and I think - to me - that - I mean I've got something, I don't know if it’s a press release or just some information about them, but they actually said in here that they tell about how they're the "nation's leading litigators." They have a little cute name for them, and I thought I could think of that, but I'm not coming up with it. But, they basically said, "we fight for the rights of those violated by the government." And they're opening their new Texas chapter today (whenever this was written) by filing a lawsuit against the Texas Private Security Board. So they're kind of kicking off their opening - well, what better to draw attention to someone's opening then to get a lot of free press - they don't have to go out and advertise because - and I'm not criticizing you guys [the media] because, I'm just saying, that - to me, that's what they intended and that's part of what they did.
So. Lawyers can interpret, like you and I know, and we're not both, either one of us, luckily, they can interpret the same word three different ways if you get three different lawyers. And, I think that's what they decided to do here, and - to me, if someone reviews, analyzes, or investigates, they need a license. If they're just retrieving, providing or preparing information, that's what computer companies do, and as long as they want to do that, they're fine.
NPD: There is another possibility though - there is, - you wouldn't call them computer repairmen. There are people who work in enterprise networks, and we even have a term for it, "Network Forensics."
Driver: Like forensic scientists and all that stuff?
NPD: Not so much forensics...
Driver: That's the investigative part.
NPD: Not so much forensic scientists like a criminal forensic scientist. But for example, if a network is running slowly, not running at peak performance, there are tools that people can use to determine which computer may be slowing it down. Is it a virus - and that's all investigative work, but not investigative work related to criminal activity. It's just - so basically I'm wondering if maybe the law could have been written - not thinking about this possibility, and that maybe there might be some sort of loophole that needs to be amended. Does this just not apply to companies trying to improve their network performance?
Driver: Truthfully, you may be just a little bit out of my realm of comprehension on that, because, maybe that's something we need to look at tweaking, along those lines, to clarify that situation. We talked to lots of folks when we were writing this. Maybe we didn't talk to enough folks. But, as far as those types of things - maybe just a little bit far out of my comprehension on that. But the whole deal - like, if you have an IT person, (just cause that's all the terms I know,) IT person that somebody says, "Hey, we want you to delve into this person's computer, and find out what's going on." Well, if they delve into that person's computer, and - this is all I know about computers - and hands the information over to somebody else, then they don't need any kind of license because they're just doing their retrieving job. So, if the area you're talking about is different from that, you're probably out of what I understand and maybe something we have to look at.
But - anytime we do anything this massive, a lot of times there are areas of tweaking. But I just thought the coincidence of this particular group filing this lawsuit and bragging about filing the lawsuit on the day they opened their new chapter was just - coincidental and - because the intent of the bill was, as I've been saying, was, if you retrieve and provide information, you don't need a license.
Because I'm sure not trying to put anyone out of business. I'm a small business person, I would never do that!
NPD: What business do you run?
Driver: I'm in insurance sales.
NPD: What I'm wondering is if there is - like a specific exemption in the law that - most of these forensic investigators for network performance tend be of one of two types - the first time is that they're in-house, and that the company hires these people to do this job on the computers that the company owns. And if there's a specific exemption for investigative work on material that you own yourself. And the second, sometimes the people are hired by the company as a separate company - not direct employees, but outsourced. Is this something that might be protected under the law even if it falls under the "investigative" arm?
Driver: If it falls under the investigative arm, probably not, but I - I don't know about what you're describing to really comment more than that. I mean, I wish I did. But in this particular case, I don't. It's just a little deeper into the computer world than I know about.
NPD: You don't foresee legis-- any activity... what's the word I'm looking for...
Driver: A future bill, maybe, corrective measures, tweaking, something along those lines?
NPD: I was actually thinking of enforcement against-- you don't see this possibly being enforced against..
Driver: I don't. I don't. I really don't. I don't see - and then again, and it may be something that we may need to look at. And we may have somebody else look at it. Every time we have something like this come up we have people that want to tweak it just a little bit or change it just a little bit. And I'm not hardcore set against it. If it causing somebody problems then we ought to change it. I don't foresee it doing that but, I don't know. I mean, I really don't think it is. But if we find out that it does, that's what we're there for, to make sure it's written correctly and if it's not, we're going to change something a bit to make it right. Cause we're not after anybody, that's for sure, except the people that are doing investigative service for a living and yet, they don't want to bother with having - giving any kind of background or being qualified or licensed in any way.
NPD: That's pretty much all the questions I had.
Driver: Well, I wish I could have given you better answers. I think I kind of danced around one that - just because I don't have enough knowledge.
NPD: Don't worry about it - I'm not saying that - we're getting into some technical stuff. This isn't even a technical bill.
Driver: Not in intent, anyway.
NPD: History's full of bills that had to be amended after the fact because of something.
Driver: Well if you find out more information about it and found we really need to do something about it, call me back, and we'll get back in session, maybe we can use you for a little information, as far as how to do it right.
Noah Shachtman at Wired’s lede is hard to improve on, so I’ll quote him directly.
The Air Force wants a suite of hacker tools, to give it "access" to -- and "full control" of -- any kind of computer there is. And once the info warriors are in, the Air Force wants them to keep tabs on their "adversaries' information infrastructure completely undetected."
This is why people like me have trouble getting to sleep at night. The phrase “the military is trying to take over my computer,” is easily dismissed as the rantings of a paranoid delusional conspiracy theorist. It’s another thing when the military says: “We want to take over your computer.”
The program is called “Dominant Cyber Offensive Engagement” and the goal is to – well, in military parlance, the goal is to “Deceive, Deny, Disrupt, Degrade, [or] Destroy” computers deemed by the military to be hostile.
One of the ways to “degrade” is through military botnets; another goal the armed forces are pushing forward. Under the theory that the best defense is a good offense, Col. Charles W. Williamson III, (not related to Maj. Charles E. Winchester III, played by David Ogden Stiers for six seasons on M*A*S*H,) wrote in the Armed Forces Journal that “America needs the ability to carpet bomb in Cyberspace.”
It’s not hard to imagine how this could go horribly, horribly wrong for anyone caught in the middle of a “fight” between rival botnets. Imagine an infected botnet zombie on your network – one whose botmaster, for whatever reason, terrorism, economic disruption, or “teh lulz,” decides to use that computer to attack a computer in the military. The change from a defensive strategy to a counterattack means that instead of one botnet on your network – you now have two separate botnets. Furthermore, what’s the likelihood the military botnet will call off the attack if you manage to contain the original botnet? And of course, with a criminal botnet, you could always kick them off your network without impunity because what they’re doing is illegal. Interefere with a military botnet and you’re “obstructing the interests of National Security.”
Either way, both botnets are sending massive amounts of anomalous traffic back and forth – “degrading” performance if it doesn’t just bring the whole enterprise crashing down.
Of course, the military hasn’t been doing that well on cybersecurity defense. Operation Cisco Raider revealed that over 3,500 counterfeit Cisco network components have been discovered, some of them in military installations.
I’m going to have to call my doctor and ask him to increase my dose of Ambien.
Traffic shaping is not a tool of the devil, nor do we believe the solution to bandwidth problems is simply to provision more dark fiber and build more underground fiber optic lines. But as time has gone on, the issues around network neutrality have become more pronounced.
For example, Bell Canada has been throttling P2P service, much like Comcast in the United States. However, what makes this different is that Bell Canada is in a position much like AT&T – in that throttling the network on the backbone affects all the people – including people who are not Bell’s customers – along the line.
Worse still, Bell has been reselling the capacity to provide ADSL service to smaller ISPs without letting the services know that the bandwidth is throttled for certain applications. One of those smaller ISPs, Teksavvy, said: “We are not throttling anything and as far as I am aware will never throttle anyone. We don't believe in it.”– so the idea that Bell will leave them with no choice in the matter is a little worrisome. There isn’t much choice in the matter – the only other big broadband provider in Canada is Rogers Cable, which also throttles traffic.
There are arguments that “net neutrality” will be solved by the forces of the free market – that is, if one ISP throttles, they can go to their competitors. The problem is that, in this case, this is exactly what savvy customers were doing by moving from larger companies, like Bell and Rogers, to smaller companies like Teksavvy. From the consumer, it’s reducing their choice. For the small ISP, it’s could be considered downright anticompetitive, and the Canadian Association of Internet Providers applied for relief before the Canadian Radio-television and Telecommunications Commission that would require Bell Canada to cease and desist.
We contacted Rocky Gaudrault, CEO of Teksavvy Solutions, but because this was now a legal matter, he explained that he was unable to comment. It was clear that he is passionate about the issue, but Teksavvy’s staff keeps him from speaking out by supplying him with timbits and beer to keep his mouth and hands busy.
Particularly interesting is this comment by a Slashdotter – both Bell and Teksavvy charge on a “tiered and metered” basis – which pretty much cuts through the false choice between deep packet inspection and metered bandwidth; Bell has both. (One profanity-laden post implied that the only reason that Bell Canada did this was to coldly eliminate the most compelling competitive advantage that smaller ISPs had – Bell had throttled traffic, small ISPs didn’t.)
The upshot is that network neutrality concerns have been brought to Canada’s Parliament during Question Time. (link via Prof. Michael Geist at the University of Ottowa, who we hope to have an interview with on Monday.) It’s unsurprising because these matters do not just affect consumers but large enterprises as well - an unannounced and sudden change in the QoS policies of the backbone provider is exactly the type of thing that can foul up capacity planning, VoIP switchover, teleconferencing, etc. Especially worrisome are those technology companies who rely on some form or another of P2P traffic to help cut their bandwidth costs.
Deep packet inspection is a powerful tool, and used in the right hands, in the right way, it can help make QoS planning easier, can help streamline business critical applications, can provide overall better end-user response times, and may indeed be a great technological boon.
But we can’t see any benefit in this case for throttling the traffic of resold bandwidth, and for not disclosing the changes in advance. If businesses that control backbone traffic want to avoid governmental regulation, they need to show that they can be responsible with the power they have and use it in a manner which is neither anti-competitive nor deceptive to wholesale resellers and end-user customers.
Thanks to the latest Die Hard movie, I'm still fighting the urge to unplug my microwave to foil hacker attempts. Thanks to the U.S. government, however, we have a new line of defense against kitchen appliances of mass destruction.
The U.S. government has setup a new command center in the Air Force called Air Force Cyber Command or AFCYBER. Here's the summarized mission of AFCYBER, according to Air Force Secretary Wynne:
"The aim is to develop a major command that stands alongside Air Force Space Command and Air Combat Command as the provider of forces that the President, combatant commanders and the American people can rely on for preserving the freedom of access and commerce, in air, space and now cyberspace."
There are real threats; Estonia came under attack from hackers back in April of 2007 And in September of 2007, the U.S. Defense Department said that the Chinese military hacked into a Pentagon computer network.
It's hard to tell exactly how much damage a hack into U.S. computers could do because the Pentagon isn't exactly forthcoming with information on this. A plausible scenario would be a Chinese hacker gaining knowledge about U.S. troop movement. (A much less plausible scenario would be a teenage hacker who is looking for a game company accidentally, through a back door left by a programmer who left the project years ago, activates an AI which then seeks global thermonuclear war under the pretense that it cannot distinguish between a gamed scenario and reality.)
From a network monitoring and management perspective, AFCYBER will bring a whole new level of opportunities and challenges. How exactly do you monitor the United States network? What is the United States network? There are obviously some critical assets (White House, Pentagon, Capitol, etc.), but how many "cyber security holes" exist between critical infrastructure and those who want to attack critical infrastructure? Don't we all share some connectivity medium at some level?
It gets even more interesting on the offense front. Are you confident enough in your network management/security monitoring tools to launch a missile attack on an offending host? False positives take on a whole new meaning.
If you have answers or insights, I'd love to hear them. Otherwise, I may never microwave again.
"We're telling IT executives to not support it because Apple has no intentions of supporting (iPhone use in) the enterprise," Gartner analyst Ken Dulaney says. "This is basically a cellular iPod with some other capabilities and it's important that it be recognized as such."
During a media conference at its San Francisco headquarters today, Apple unwrapped a host of new features that are designed to make the iPhone more attractive to corporate users.
Six months is a long time in the tech world…
We've warned that eventually the iPhone would be appearing on corporate networks and that the new (at that time) devices would introduce vulnerabilities into the corporate network and take additional resources. What we weren't counting on was Apple making overtures to enterprise networking - we had assumed that, much like the original iPhone was hacked to run on multiple carriers, that those who wanted to use the iPhone for enterprise applications would have to provide their own, messy, stop-gap solutions.
"That's another question - will this device have VPN support so that traveling employees can get the information they need while on the road? And if they do - how do you secure the data? The iPhone, like all small devices, is easy to lose, and easy to steal. That makes it vulnerable to illicit access. Does the iPhone have cryptographic abilities to make sure data stays safe?"
Well, apparently, Apple didn't take that as a rhetorical question because the fruit-based tech company is going to support Cisco IPsec VPN in the next iPhone update - the same one that will bring secure Exchange support as well as the possibility of an "iTunes Store for iPhone apps" - current Apple plans are to allow third party development but that Apple would have the final say on whether or not the applications could run on the iPhone. (Of course, clever hackers have already found a way around that.)
At any rate, the iPhone now seems to be competing directly with the Blackberry, which is good in the sense that competition in technical markets lead to innovation, and companies will have to expect new types of devices using different types of traffic, which - well, isn't bad, but which can be frustrating, absent a network device monitor.
Personally, I'm a bit confused by Apple's insistence to cripple the iPhone into only running "acceptable" applications on the iPhone, as A) it's clear that people are going to use it the way they like anyway, and B) if Apple took the same attitudes with their Macintosh/OSX general purpose computers, some of the best Mac apps (Quicksilver, Colloquy, Transmission, Burn,) simply wouldn't exist. Perhaps this increases the security of the device but at the obvious cost of utility.
It's just rhetorical, and I'd love to get some comments on this, but is the tradeoff between security and utility a false one? I'm not sure - havening not worked much in the security side of technology - but it seems to me that if the iPhone can be hacked to make it more useful, it can also be hacked to make it malicious, and so the choice is not between security and utility, but rather between a lack of security with utility, or a lack of security without utility. Hmm… maybe I should ponder this more.
I first heard about this pressing enterprise information technology concern when a friend directed me to MyTractorForum.com.
Now, I know more people with Segways than tractors. But the story involved the Kingsbury electrical substation less than five miles from my condo, and it involved someone who apparently broke through the fences in order to dig up the copper grounding wire of the electrical substation. He was ultimately - in a "BZZZZZZAP!" way - unsuccessful.
He is currently in "extremely critical condition." And I'm a monster for laughing, but let's face it, this is stuff that is supposed to be confined to the realm of Wile E. Coyote cartoons.
Speaking of Wile E. Coyote cartoons, it made me think of the Road Runner - or Road Runner cable, in this case. See, the apparent thief was stealing copper wire because copper prices are sky high, and this brings me to two interesting points: First, it's not inconceivable that someone might dig out the copper wires in your company, raising havoc with the physical layer of your network performance. Second, if copper prices are high enough to risk electrocution for, it's high enough that companies might want to start thinking about transitioning away from copper-based technology.
It is because human stupidity is particularly destructive that this is something to watch out for. Any large electrical equipment - like, say, a data center's power plant - will have copper in it, either as grounding wires, or as part of the construction of the machine. Or, let's take Cat-6 cable: four twisted pairs of 24 gauge copper wires, running throughout the infrastructure. Sure, it would be a repetitive and tedious task to strip out the cable, a task that requires the inhuman patience and obsessiveness of, oh, say, a habitual methamphetamine user, or "tweaker."
The major concern isn't that a thief will "get away with your stuff." Repairing and replacing copper cable, even with the high prices involved, are not likely to be significant expenses for companies. However, the costs of repairing the auxiliary damage to equipment that can be done in a theft attempt, and the opportunity costs from waiting for service to be safely restored, are likely to be significant. The Kingsbury station man who did his impression of a bug zapper also cut off power to 7,300 nearby homes.
It's strange because while we worry about viruses and worms, hackers trying to get at valuable data and cause disruption; people often don't think about the physical layer of their networks.
Of course, you could just put some sort of deterrent up to prevent people from stealing copper. Perhaps
some sort of electrified fence, because you'd have to be pretty dumb to… oh.
Which brings me to the next point: with copper prices sky-high, perhaps it's time for new technologies - specifically fiber optics - to start becoming even more widely used. Yes, fiber is expensive and difficult; better suited to long-haul connections, but it will become less expensive and difficult with increased adoption; and copper is inexpensive and simple, though it becomes more expensive and difficult as time goes on.
Last Wednesday, Feb. 13, 2007, Carolyn Duffy Marsan at NetworkWorld wrote, "The American Registry for Internet Numbers plans to post proposed changes to its IPv4 address space transfer policy on its Web site this week."
According to NetworkWorld, that would allow ISPs to transfer IPv4 address registrations; and thus fuels speculation that IPv4 addresses would become "tradable goods." As many IPv4 addresses were assigned before the current popularity of the Internet was seen, this benefits those large corporations, universities, and government institutions that were allocated large blocks of IP addresses.
In fact, the next day, Feb. 14, 2007, NetworkWorld ran an interview with Internet Assigned Names and Numbers (IANA) general manager David Conrad, in which he basically confirmed that there would likely be a market:
"I can't actually imagine there not being a market. The market will either be black or white. If black, it will have a negative impact on the ability of ARIN to maintain accurate databases, such as, Whois. If white, ARIN (and the other Regional Internet Registries) will undoubtedly get dragged into politics related to fairness, particularly with respect to the developing world."
Indeed, if adopted, this would be a major reversal of policies by ARIN, [PDF] which made this statement in a press release last October:
"There are, however, those who propose that the democratically established governance principles now be abandoned, to create a market in IP addresses. A market that abandons these existing, consensus-driven core values would encourage speculators to take advantage of the upcoming time of relative scarcity of IPv4 addresses to profit from less foresightful users' remaining need.
The purpose of this memorandum is to assure the community that the democratic principles of Internet governance will be adhered to by ARIN, the Regional Internet Registry serving Canada, many Caribbean and North Atlantic islands, and the United States.(7) The resource-allocation policy under which ARIN operates has been produced through an open, transparent, and democratic process over more than a decade. ARIN is fully dedicated to preserving universal access and stable functionality of the Internet, and our policies do not encourage profit-driven speculation in the Internet addresses."
The humor value in watching the gullible bid for 172.0.0.1 on E-bay aside, I find it difficult to understand how a market for IP addresses - black or white - would sustain itself. Yes, IPv4 addresses are scarce - but it is only an artificial scarcity.
IPv4 prices can only rise so high, because if the cost of buying IPv4 addresses becomes higher than the cost of moving to an IPv6 based infrastructure, companies will move to IPv6. And, of course, the more companies that do move to IPv6, the more the intrinsic value of IPv6 versus the intrinsic value of IPv4.
Even before IPv4 addresses and IPv6 upgrades hit a break-even point, it may be a smarter move for businesses to go to IPv6 directly instead of having to pay twice - once for an IPv4 address at its peak, and again down the road to move to IPv6 after it becomes the new de facto standard. Eventually, IPv6 addresses will have more real utility value than the IPv4 address. Those speculators left holding onto IPv4 addresses for too long will find their worth had dried up quickly. Either way, it's unlikely that a company that buys an IPv4 address will be able to make a profit reselling it except as speculation. That doesn't sound like a very stable market.
The speculation about who will move to IPv6 and when really doesn't make a big difference. Yes, we're probably going to run out of IPv4 addresses in a couple years, but there is already an established infrastructure to replace it. When companies are forced to move to IPv6, they will move to IPv6, and it looks likely that, one way or another, companies will be forced to move to IPv6.
by Brian Boyko
Guest Post