Amazing, the new rules. Much like the old rules.

When is the US going to get it.

There are no rules, Total Warfare is the Standard now.

Are you in the cyber security field?

From the DOD perspective, total war is not the only option.

That's the problem the US wants to do it their way and have the rest of the world follow suit. Tell that to the Chinese.

No I'm not in cyber security. In fact I'm a retard when it comes to computers. Some here would tell you I'm just a retard period. LOL

Dirk

We've got the cyber warfare thing down just fine. Google Stuxnet and Flame, Dirk.

We've got the cyber warfare thing down just fine. Google Stuxnet and Flame, Dirk.



Lol just leave some usb drives laying around.

Or just offer them a bar of chocolate. Even cheaper than thumb drives.

http://news.bbc.co.uk/2/hi/technology/3639679.stm

Bowden, the aurthor who wrote BHD has a book on the subject matter.

http://www.amazon.com/Worm-The-First-Digital-World/dp/0802119832

Would it be accurate to say that China has super computers that are far more powerful and advanced then ours. I seem to recall reading that recently.

Just strikes me as messed up when some third in Detroit Mich can rock even the cyber guys.

DW

Would it be accurate to say that China has super computers that are far more powerful and advanced then ours. I seem to recall reading that recently.

Just strikes me as messed up when some third in Detroit Mich can rock even the cyber guys.

DW

No and, it's not power that is at issue here. It's policies and design. Policies that prevent types of attacks by ensuring a multi layered defense and promote proactive software patching against vulnerabilities. The design aspect relates to no single points of failure and encryption in case of penetration amongst many, many other things.

I'm politely as possible telling you that you don't know what you don't know, Dirk. NO disrepect intended. There is no one easy answer here and it's a huge answer to a seemingly simple question.

I remember, I was reading about China and Gold
D when I red about a computer they are calling Tianhe-1 saying it blows our Jaguers out of the water.

All Greek to me

Dw

Not offended at all, I'm trying to learn what I already know I don't know. Must admit its fascinating.

I'll leave it alone.

DW

You won't get an answer how our cyber defense or offense works because its classified.


My comment about USB drives is because its actually one of the easiest ways to infect a system. People are idiots and get curious. They want to see if there's anything juicy on it, and plug it into their work systems.


The suxtent thing is worth reading about. Just google search it or look on youtube.

Not offended at all, I'm trying to learn what I already know I don't know. Must admit its fascinating.

I'll leave it alone.

DW

China has a much lower dependence on the Internet than we do, thus they have a shorter fall than we do if their entire Internet was taken down. The same could be said of basically any less-developed country.

China has a very repressive government that can do what it wants. Remember that "Internet kill switch" that everyone hated? China probably has one, and that makes them much more secure than us. They can also force their private industry to do things like patch their systems and make them have non-Internet based backups. We can't do that without passing legislation and/or going through months of bureaucracy.

China knows that even if they are caught hacking into, say, the Pentagon, they won't get called out for it by the US. Why? Because then we'd have to prove how we caught them. And that might be too high a cost. And what would it do, anyway? Espionage is completely legal in peacetime. Hell, the US probably spies more than any other country. We don't really have a moral high horse there.

^ I'd say our gov't is very similar. The technology available here is merely transparent to the US populace.

NOTHING gets by, my friend.

The problem is the US doesn't just have one enemy and one front when it comes to Cyber-Warfare. Yes policies and procedures are nice and making sure systems are patched is crucial along with multi layer defense.

When you have people on the inside (Stupid Users) that can **** stuff up easily and people and companies in place that don't set things up properly it becomes a giant hole. Agent.btz is a perfect example of things that can slip through the cracks and cause a big **** up.

Now on the other hand yes we have (with the help of others) come up with some pretty ****ing amazing stuff. Lebowski pointed out a few. Now just imagine what is out there but hasn't been discovered yet...

Research : Plan X

When you have people on the inside (Stupid Users) that can **** stuff up easily and people and companies in place that don't set things up properly it becomes a giant hole.

This is pretty much the biggest weakness in any network.

This is why we have annual DoD Information Assurance training that is required before users can go on the network. But I guarantee that 90%+ of users just breeze through it and forget it the next day.

You can send out an infected .ppt of silly cat photos to 20,000 users at an organization/corporation/etc and you only need 1 person stupid enough to open it up, assuming it gets past filters and such.

That means even with a 99.99% smart user population, you can still be compromised and owned by the enemy.

Which is why organizations do things like install proxies, block ports, don't give users any administrative rights, and lock down group policies... users can't be trusted. Not because they're malicious, but because they're human and make mistakes. But even that's not enough with certain exploits.

So then you isolate your network from the outside world. But then there's STILL ways to breach those networks, it just requires a bit of luck and/or a lot more effort.

Would it be accurate to say that China has super computers that are far more powerful and advanced then ours. I seem to recall reading that recently.

Just strikes me as messed up when some third in Detroit Mich can rock even the cyber guys.

DW

Not true. And irrelevant.

China did surpass our best supercomputer some years ago, but we have built two since than that surpass theirs. These computers all reside at Los Alamos National Laboratories (AKA the real Black Mesa) and their primary purpose in life is to simulate nuclear weapons testing. Other agencies and universities can lease time on these computers (there are several), but they primarily belong to the nuclear weapons community.

That said, you don't need super computers to launch a cyber attack. If your plan is to write a virus, then I ascribe to the KISS principal. I say this as holding a degree in computer science, though I am frankly unpracticed since college and joining the military in an unrelated field.

Thanks for the info. I was politely corrected which is good. I'm just amused about the rules thing. I have taken the time to read some of the resources suggested.

Bottom line I've spent a life time trying to remain illiterate on or about computers.

I would have to say that I have completely achieved my stated goals.

DW

This is pretty much the biggest weakness in any network.

This is why we have annual DoD Information Assurance training that is required before users can go on the network. But I guarantee that 90%+ of users just breeze through it and forget it the next day.

You can send out an infected .ppt of silly cat photos to 20,000 users at an organization/corporation/etc and you only need 1 person stupid enough to open it up, assuming it gets past filters and such.

That means even with a 99.99% smart user population, you can still be compromised and owned by the enemy.

Which is why organizations do things like install proxies, block ports, don't give users any administrative rights, and lock down group policies... users can't be trusted. Not because they're malicious, but because they're human and make mistakes. But even that's not enough with certain exploits.

So then you isolate your network from the outside world. But then there's STILL ways to breach those networks, it just requires a bit of luck and/or a lot more effort.


That DoD annual IA training is straight up clown shoes. People skip through that as fast as possible and don't care about it. I can't tell you how many DI huts I have been in and found them with iPods or phones plugged in charging.