|
The idea that the US government would conduct cyber warfare from only it's own assigned arin registered addresses is so ridiculous that I'm having trouble even processing that someone could believe that.
|
#
?
Jan 19, 2017 23:31
|
|
|
|
| # ? May 15, 2024 19:13 |
|
|
Salt Fish posted:With all that we know about NSA's hardware and software capabilities this is a super naive assumption. It's extremely likely that there are entire IoT botnets out there that have compromised control servers ready to be used by a variety of nation states. I would bet both of my testicles against a sandwich that at least 3 nation states have enough ddos capacity to take out the root nameservers. Part of what makes the NSA's capabilities so big is that they have way more stuff than just that Utah data center he mentioned. That's why the Utah datacenter would be of little use in attempting to run any sort of denial of service. They don't have any magic hardware that would make using just their one big data center particularly useful for denial of service, or really even using it as part of a wider attack.
|
|
#
?
Jan 20, 2017 00:00
|
|
|
Salt Fish posted:The idea that the US government would conduct cyber warfare from only it's own assigned arin registered addresses is so ridiculous that I'm having trouble even processing that someone could believe that. uh dude, that's exactly the sort of poo poo he was suggesting, by using the utah data center. and why i said "no, that wouldnt really work"
|
|
#
?
Jan 20, 2017 00:01
|
|
|
Captain Foo posted:it does the same poo poo on ios, zdziarski was going through it on twitter earlier ios doesn't allow all of those application rights and you have the ability to block it from accessing specific things when it attempts
|
|
#
?
Jan 20, 2017 00:15
|
|
|
android.
|
|
#
?
Jan 20, 2017 00:15
|
|
|
BangersInMyKnickers posted:ios doesn't allow all of those application rights and you have the ability to block it from accessing specific things when it attempts
|
|
#
?
Jan 20, 2017 00:18
|
|
|
BangersInMyKnickers posted:ios doesn't allow all of those application rights and you have the ability to block it from accessing specific things when it attempts android kinda does that as of whenever they rolled out that material design stuff I think idk if it still works that way if you ask for an old api layer because I bet older apps would just poo poo themselves because android
|
|
#
?
Jan 20, 2017 00:49
|
|
|
If you have control of a large percentage of the world's fiber backbone and telecom capacity, as well as all kinds of other malicious capabilities to take out boxes, you probably don't need to ddos things. E: more that there's no reason you need to be the biggest ddos'er
|
|
#
?
Jan 20, 2017 00:56
|
|
|
Salt Fish posted:With all that we know about NSA's hardware and software capabilities this is a super naive assumption. It's extremely likely that there are entire IoT botnets out there that have compromised control servers ready to be used by a variety of nation states. I would bet both of my testicles against a sandwich that at least 3 nation states have enough ddos capacity to take out the root nameservers. bruce schneier on this topic
|
|
#
?
Jan 20, 2017 01:01
|
|
|
yeah when you look at effective wizardwar stuff it's things like wrecking a whole nuclear enrichment plant while making the operators mistrust their computers and equipment http://www.nytimes.com/2011/01/16/world/middleeast/16stuxnet.html posted:But as Mr. Langner kept peeling back the layers, he found more — what he calls the “dual warhead.” One part of the program is designed to lie dormant for long periods, then speed up the machines so that the spinning rotors in the centrifuges wobble and then destroy themselves. Another part, called a “man in the middle” in the computer world, sends out those false sensor signals to make the system believe everything is running smoothly. That prevents a safety system from kicking in, which would shut down the plant before it could self-destruct. ddos is literally a tool for minecraft children, literally anything else is a better use of resources for wizard attacks
|
|
#
?
Jan 20, 2017 01:04
|
|
|
fishmech posted:uh dude, that's exactly the sort of poo poo he was suggesting, by using the utah data center. and why i said "no, that wouldnt really work" i'm suggesting it because i was specifically responding to: quote:I'm not saying that it's necessarily smart or subtle, but as a ham-fisted way of putting pressure on someone I could kind of see the incoming administration looking at it as wizard gunboat diplomacy
|
|
#
?
Jan 20, 2017 01:09
|
|
|
spankmeister posted:Probably their account got hijacked because of easy to guess credentials. University email accounts are a popular target for spammers and scammers. In my experience it's less "easy to guess" credentials and more likely they created an account somewhere random/shady using their uni mail account and the same password as their uni mail account. edit: wow, forgot to refresh and the convo moved on to nation state DDOS, feel free to ignore this ErIog fucked around with this message at 01:43 on Jan 20, 2017 |
|
#
?
Jan 20, 2017 01:38
|
|
|
stuxnet was so cool.
|
|
#
?
Jan 20, 2017 01:41
|
|
|
ate all the Oreos posted:i'm suggesting it because i was specifically responding to: the point of doing a ddos is that you do it from all over the place to try to make it hard for your target to avoid. the utah data center is pretty useless for that, having a bunch of storage and processing power doesn't do anything to improve effectiveness versus taking over 50,000 lightbulbs and 1 million unpatched windows xp installs in china and russia. and obviously the nsa or whoever has access to those sorts of botnets and/or can take some of them over with short notice.
|
|
#
?
Jan 20, 2017 01:46
|
|
|
Shaggar posted:stuxnet was so cool.
|
|
#
?
Jan 20, 2017 02:07
|
|
|
Shaggar posted:stuxnet was so cool. shaggar was right
|
|
#
?
Jan 20, 2017 02:17
|
|
|
https://twitter.com/stevebiddle/status/822190488505589760
|
|
#
?
Jan 20, 2017 02:37
|
|
|
lol
|
|
#
?
Jan 20, 2017 02:50
|
|
|
Control the weather with this one neat trick. Meteorologists hate this!
|
|
#
?
Jan 20, 2017 03:12
|
|
|
cloudy with a chance of occasional broadcast storms
|
|
#
?
Jan 20, 2017 03:12
|
|
|
dragon enthusiast posted:owned by anime
|
|
#
?
Jan 20, 2017 03:13
|
|
|
Ur Getting Fatter posted:cloudy with a chance of occasional broadcast storms
|
|
#
?
Jan 20, 2017 03:17
|
|
|
Cocoa Crispies posted:yeah when you look at effective wizardwar stuff it's things like wrecking a whole nuclear enrichment plant while making the operators mistrust their computers and equipment wizard attacks?
|
|
#
?
Jan 20, 2017 03:24
|
|
|
A Pinball Wizard posted:wizard attacks? Do you not have the cyber to wizard plugin?
|
|
#
?
Jan 20, 2017 03:26
|
|
|
Cocoa Crispies posted:yeah when you look at effective wizardwar stuff it's things like wrecking a whole nuclear enrichment plant while making the operators mistrust their computers and equipment ddos attacks are flatly the most cost effective attack you can conduct, no matter who you are, and they have the bonus of being literally unstoppable if the attack is sufficiently large.
|
|
#
?
Jan 20, 2017 03:29
|
|
|
Ur Getting Fatter posted:cloudy with a chance of occasional broadcast storms
|
|
#
?
Jan 20, 2017 03:36
|
|
|
Ur Getting Fatter posted:cloudy with a chance of occasional broadcast storms mods
|
|
#
?
Jan 20, 2017 03:44
|
|
|
Salt Fish posted:ddos attacks are flatly the most cost effective attack you can conduct, no matter who you are, and they have the bonus of being literally unstoppable if the attack is sufficiently large. Physically cutting the cable is pretty cheap for 100% effectiveness
|
|
#
?
Jan 20, 2017 03:44
|
|
|
Trabisnikof posted:Physically cutting the cable is pretty cheap for 100% effectiveness so is unplugging the power NOW WHAT BITHC
|
|
#
?
Jan 20, 2017 04:00
|
|
|
Ur Getting Fatter posted:cloudy with a chance of occasional broadcast storms a high of 802.11 degrees
|
|
#
?
Jan 20, 2017 04:10
|
|
|
Trabisnikof posted:Physically cutting the cable is pretty cheap for 100% effectiveness This isn't actually true because while the public internet requires open access, physical controls do not.
|
|
#
?
Jan 20, 2017 04:14
|
|
|
Salt Fish posted:ddos attacks are flatly the most cost effective attack you can conduct, no matter who you are, and they have the bonus of being literally unstoppable if the attack is sufficiently large. yes ddos is cheap, but only really effective against things that need to be on the internet so minecraft servers, jeez wheat for enterprises, etc. can be ddos'd effectively something like an nuclear industrial facility can't be effectively ddos'd into making the nation more amenable to a treaty forbidding nuclear capabilities long-term because it shouldn't've been online in the first place
|
|
#
?
Jan 20, 2017 04:25
|
|
|
wasn't there some use of the great firewall by china to perform a ddos on some undesirables or was that just proto-mirai? i'm probably just confusing something. it's not nuclear i guess.
|
|
#
?
Jan 20, 2017 04:35
|
|
|
crazysim posted:wasn't there some use of the great firewall by china to perform a ddos on some undesirables or was that just proto-mirai? i'm probably just confusing something. it's not nuclear i guess. yeah i think it was blasting github and nytimes for having the temerity to let people in china read a particular newspaper?
|
|
#
?
Jan 20, 2017 04:42
|
|
|
Salt Fish posted:This isn't actually true because while the public internet requires open access, physical controls do not. True you have to rent a backhoe or be like the Bay Area snipper and just know when fiber is above ground
|
|
#
?
Jan 20, 2017 05:06
|
|
|
Trabisnikof posted:True you have to rent a backhoe or be like the Bay Area snipper and just know when fiber is above ground while those are more effective attacks. physical access is a hell of a lot harder then internet ddos.
|
|
#
?
Jan 20, 2017 05:38
|
|
|
fishmech posted:the point of doing a ddos is that you do it from all over the place to try to make it hard for your target to avoid. yes i know you're kinda missing that but it's fine because it's dumb anyway whatever I had a friend do this to an air force base once and he got a very scary visit from a super angry military guy within a week
|
|
#
?
Jan 20, 2017 07:11
|
|
|
Cocoa Crispies posted:something like an nuclear industrial facility ... it shouldn't've been online in the first place 787_aircraft_network_diagram.jpg
|
|
#
?
Jan 20, 2017 07:14
|
|
|
Munkeymon posted:android kinda does that as of whenever they rolled out that material design stuff I think can confirm that before it sent all my data to china, android asked for authorization first to access the photos, then to access the camera before i took a selfie to change into animu.
|
|
#
?
Jan 20, 2017 07:55
|
|
|
|
| # ? May 15, 2024 19:13 |
|
|
fishmech posted:the point of doing a ddos is that you do it from all over the place to try to make it hard for your target to avoid. it's so much the point that it's the first d of ddos.
|
|
#
?
Jan 20, 2017 07:59
|
|