lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sat, 01 Dec 2007 11:09:55 -0500
From: gmaggro <gmaggro@...ers.com>
To: coderman <coderman@...il.com>, full-disclosure@...ts.grok.org.uk
Subject: Re: High Value Target Selection

> translation: let's discuss how to discern high degree and/or vulnerable
> nodes in critical infrastructure networks.

Correct.

>> 1. To bring like minded people together while operating under the
>> strategy of 'leaderless resistance'
>> (http://en.wikipedia.org/wiki/Leaderless_resistance)
>
> *yawn*

Apologies, but there's some people that haven't heard of the idea. Not
everyone here is from a western country, or wastes their time combing
for what might be perceived as 'out there' literature like ELF or SHAC
stuff.

>> 2. To be the 'aboveground' partner to the 'underground' scene, or at
>> least serve to distract authorities from the activities of underground
>> groups
> 
> ... ZZzzzzZZZ ... you're losing me, jim.

If we wind up not being to do anything useful, then at least run
interference for the real subversives. Keep our friends in intel and law
enforcement busy chasing dead ends. Lower the signal-to-noise ratio and
make them have to spend as much money as possible. Tarpit them.

>> 4. To capture the imagination of the public
> 
> more like hatred.

What exactly is the difference? :)


>> So, types of infrastructure to attack:
>> [ list of infrastructure domains as if they exist as discrete units
>      independent of each other... lolz! ]

Well, what was one to do - just put "1. The Internet"? No, the domains
were split up for the matter of discussion. Of course with networks any
divisions are arbitrary. But given the large area to attack, some
focusing of effort will be required, at least at first.

>> [lots of blah blah blah misunderstanding of what critical infrastructure
>>  is and how it is organized, USA bashing, etc...]

Please elaborate on your perceptions of my failure to adequately define
'critical infrastructure'.

As for USA bashing, meh. It's just that they make a great target and
they got lots of enemies. If I was Irish, maybe I'd have picked England,
and if I was Chechen, maybe I'd pick Russia. Not important.


> first, go read Global Guerrillas.  that will keep you busy for a few weeks
> and save us all more of this blather:
>  http://globalguerrillas.typepad.com/globalguerrillas/

Thanks for the link, I'll check it out.

> second, some attacking critical infrastructure clif notes:
> 
> 1. those with clue have realized the folly of trying to make infallible
>    infrastructure.  their focus has shifted to rapid repair instead of
>    prevention.  there are papers written that describe exactly how
>    stupid it is to think you can build resilient infrastructure in the face
>    of a skilled attacker.
>    (see the ATT telco in a trailer truck, etc)
> 
> 2. critical infrastructure viewed as a graph theory problem highlights
>    the compound vulnerabilities across multiple infrastructures inherent
>    in high degree / high value nodes of critical infrastucture.
>    (metropolitan bridges carrying fiber, gas, electricity, vehicles, etc
>     over the same physical span, etc.)
> 
> 3. most critical infrastructure is resilient against planned / common
>    failure scenarios, and these protections actually create hyper-
>    sensitive vulnerabilities against targeted / unplanned attacks.
>    (M of N redundancy that leads to catastrophic failure against
>     well targeted M attacks, etc.)

Good stuff. But wouldn't you have already surprised yourself vis-a-vis
your first  point? 'those with clue' are smaller than we'd like.
Sloppiness abounds; I am certain of that.

> combining these aspects into attack scenarios is left as an
> exercise for the reader [who pines for a vacation in club fed...]

Well that depends on the exact nature of any alleged or purported crime,
and whatever extradition treaties between the nation-state someone
resides in and the USA. They also have to catch you first.

> the crux of the problem for the practical attacker is discerning the nature
> and location of critical infrastructure nodes and links.  fortunately for the
> determined individual this is merely a matter of effort and time, not a
> question of ability.  for the rest of us this means our life style / way of life
> is highly dependent on the lack of sufficiently skilled malcontents able and
> willing to express their grievances in direct action against such systems.

A good summary, thank you. So I suppose I'm saying "Hey malcontents, if
we can't go more public let's start sharing info and making it
incredibly easy for other malcontents".

And would people, for once, consider that maybe the net was adopted too
damn fast by too many morons in too slap-dash a fashion? I never thought
I'd find myself arguing for a conservative approach in, well, anything.
But people really need to start doing a better job as it's affecting too
many people. Since that's not likely to happen..

> perhaps this can be viewed as a check against the fascist dystopia many
> fear as the end result of authoritarian abuse of power coupled with high
> tech tools for manipulation and control of the populace...

> p.s. my favorite tools in such scenarios (of course not advocation):
> - the thermic lance
> - portable saws (lithium battery cells quite power dense now)
> - post hole diggers
> - thermite flower pots (lol, so much fun!)
> - software defined / police band and EM svcs capable radios
> - bolt action .50 BMG (incendiary DU rounds++)

Why not advocate? If you did get in trouble for this post, I don't think
adding a caveat like "of course not advocation" would help you much, if
at all. Like those quips in Phrack or Paladin Press books "For
educational purposes only". Bwahahaha!

Really, how much trouble could we get in if we posted up a list of
street addresses, each address being a building that contained
significant telco and/or routing infrastructure? Especially if the next
week, a bunch of completely unrelated people park Oklahoma Specials out
front of said buildings and blow them up.

I know where those locations are for my city, and I'm sure others know
where those are for their cities. I say, let's post them up, make alot
of people nervous, and see what happens.

Additional thoughts:

Probably be some interesting/useful information poking around BGP land
and looking at ASs and their relationships in more detail. Especially
when cross-referenced to actual physical locations.

Interesting maps:

http://chrisharrison.net/projects/InternetMap/high/worlddotblack.png
http://chrisharrison.net/projects/InternetMap/high/worldBlack.png
http://chrisharrison.net/projects/InternetMap/high/euroblack.png
http://chrisharrison.net/projects/InternetMap/high/NorthAmericaBlack.png

http://www.isi.edu/ant/address/
http://xkcd.com/195/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ