Mail 160 July 2 - 8, 2001 (original) (raw)
Saturday, July 7, 2001
We begin with more on the Open Sockets situation:
Hi Jerry
I enjoyed your analysis of the IP Spoofing/Win XP controversy on www.byte.com. I think, however, that you (along with many others) may have missed one significant part of Mr Gibson's thesis which is, perhaps, not spelled out as clearly as it might be.
The problem stems from a combination of factors.
It is, in my opinion, an undeniable fact that a DOS attack employing IP spoofing is much more serious as it is nearly impossible to block with filtering. A competent administrator can block a non-spoofed attack and maintain a certain level of service. (I don't believe that you have disagreed with this point).
Various Unix/Linux flavours and even Windows 2000 require the user to have root (administrator) privileges to use raw sockets. While some Linux users habitually operate their computers as root, most have more sense. Thus merely cracking the machine is not enough, you must obtain root access which is considerably harder.
Windows XP (personal edition) places no such restriction, so any machine which is compromised can easily provide IP spoofing.
While it is possible to do this with older version of Windows, it's quite hard and has not been widely done.
Assuming that Windows XP is widely embraced by home users (as I think it almost certainly will) there will be an increase (by orders of magnitude) of easily crackable computers with easy access to IP spoofing.
A skilled and determined cracker can always generate a devastating attack, and until IPV6 becomes accepted there is little we can do about that - except be thankful that skilled and determined crackers with malicious intentions are reasonably uncommon (so far).
What we will now see, however, is a great decrease in the difficulty level of such an attack, and very likely a very large increase in such attacks from the so called "script kiddies".
I think that that is what Mr Gibson fears, and I suspect he fears it with good reason.
I guess that time will tell if he's right.
Even if he is, the sky may not fall. IP spoofing can very easily be filtered in outgoing traffic. If ISPs start doing that, then spoofed DOS attacks will be choked off at their origin. (Though currently, few ISPs do so).
Again, time will tell.
As you would expect, these are my own views. If you seek my employer's views, you must ask them.
------------ Michael Smith, Senior Software Engineer Australia www.aurema.com
I think the quarrel is with the single word "great" in referring to the decrease in the difficulty level of such attacks. As I said in the column, most people who make these attacks do not know what they are doing: they follow scripts. For the people who write those scripts there is no "great" change in difficulty; for those who use them blindly there is no change at all.
It is a dangerous world out there, and something must be done, but cursing the darkness does not often work.
In one of your responses, you said: "Which means they should be stuck with non-standard systems? Not allowed to have one? No full computer with Internet Access without a license? Or shall we all run in circles flapping our arms because The Standards Are Coming and The Skies Will Fall? Really, there have to be ways to light candles. Cursing the darkness isn't known to be too effective."
In the case of raw sockets, the standard was designed for OS's that have the "Levels of access" security measure. Only people with root access are allowed the full power of these raw sockets. The problem with XP is that, by default, there will be no "Level of access" privileges, so that this raw socket power will be available to any trojan or worm that infects the computer, without the executable having to gain access to any special privileges. And this OS is going to be released to folks who don't even know there is this problem, let alone how to fix it. There needs to be a lock on this capability that needs to be taken off by the owner, at least; a kind of mini-level of access, if you will.
Giving folks machines that adhere to modern standards is good, but we have to remember to put those standards in the environment they were designed for.
Don't worry too much about the slash-dot crowd, they remind me of that fable of the father, son, and mule, and all the folks they met on the path who would take them to task for their behavior. I think in the end, both of them were carrying the mule! No matter what you say, there will be folk who disagree (sometimes vehemently) with you. Just keep plugging away and speak your mind! There's an amendment to the Constitution that gives us the legal right to do just that!
- David
See comments above. All this was possible before if you knew what you were doing. If you did not, then nothing changes now: you use the scripts those who do know what they are doing provide. The new standards may or may not make it easier for those sophisticated script writer people; that is beyond my competence, and I suspect beyond Steve Gibson's. When it comes to remedies we are in a pretty rare atmosphere: and if I had to bet on Microsoft vs. Gibson I would take Microsoft, which despite a lot of the railing against Redmond, has a pretty hefty incentive to fix this problem before it gets out in the real world.
It is a problem. It is commendable to draw attention to it. It probably doesn't help to go a lot further than that unless you are a security expert.
There was also this exchange:
yes ... i also agree with this, and it didn't occur to me until you
mentioned it..... just what is the problem? I guess since problem is
unclear, we get unclear thinking and "solutions".
Rob Schneider
>-----Original Message-----
>From: Jerry Pournelle [mailto:jerryp@jerrypournelle.com]
>Sent: Saturday, July 07, 2001 10:39 AM
>To: Robert M. Schneider
>Subject: RE: The Steve Gibson Debate
>
>
>Well of course we do. I fear I don't understand what is so controversial?
>
>
>-----Original Message-----
>From: Robert M. Schneider [mailto:rmschne@rmschneider.com]
>Sent: Friday, July 06, 2001 10:14 PM
>To: jerryp@jerrypournelle.com
>Subject: The Steve Gibson Debate
>
>Jerry,
>
>Re the Steve Gibson-IP Spoofing-XP debate, some seem to believe that
>becuase it takes a sophisticated user to do all this may be missing the
>point? I would guess it's simple to write a program or script that can
>configure any capable program to configure the computer to do whatever
>... distribute that program/script widely and there you go.
>
>We need systems which are inherently secure. Someday.
>
>--
>Rob Schneider
This needs no further comment.
In the following I have no simple way of reformatting so it's going to be a mess, but:
Mr Pournelle,
I know nothing of hacking and cracking. That said...
I stumbled accross Steve Gibson's DDOS allert page as it was happening. I was in the process of searching for info on personal internet firewalls for an internet commerce class I took this past semester. I got on his mailing list and later read Steve's article when it was all over.
I've just read your article in BYTE.com weekly newsletter as I do every week "...I say it now: If you're running Windows of any variety and you have Internet connectivity, you need to be sitting behind a firewall...".
I then inserted this URL that I got from Steve's article (below) into my browser and replaced the XXX... with the IP addresses of some of the "Zombie" attack Win2k machines listed in the article. As of this writing quite a few of them are STILL vunerable.
http://xxx.xxx.xxx.xxx/scripts/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
I could see a DIR listing of their harddrive at the server directory. Elsewhere in the article it was indicated that changing the "c+dir" to another DOS command like "format" may actually work. There are even obvious hacks onto their hard drives with files named: ... 03/26/2001 11:45p 16,384 sam 07/06/2001 01:19p 0 sammy 07/06/2001 06:34a secure_your_system! ... Notice the date on the files. You'd think after all the hubub, warning e-mails to the system, and pop-up messages warning the same, this would not be so.
To that end I think these OSes, Win 9x\NT\2k, *NIXes, & Mac OS X should come preconfigured out of the box so-to-speak in their least vunerable configuration. God knows most users won't do anything about it after it is installed. WinXP and Linux alike may prove to be the downfall of the Wild Wild Web.
As for myself I immediatly installed ZoneAlarm, turned on Norton AV in System Works, and applied all the current security patches to my Win2k, and I'm only a sparatic dial-up internet user.
...my two cents
Mikka, WebStore Manager mikka@elitecostume.com
Hi Jerry,
As I understand it, the big problem GRC is talking about is access to raw sockets for non "root" users. It means that any kind of access to a windows XP machine is enough to be able to spoof addresses. Al Unix like operating systems only allow root to access the raw sockets, so it is more difficult to take over a machine and use it to spoof IP-addresses. And the point is that if you have taken over a computer that can generate random ipadresses when used in a DOS-attack, it is no longer possible to filter out the packets on the basis of their IP address. Still a bit farfetched to see this as a new and greater threat to the internet. I think it would be better if Steve Gibson would urge Microsoft to make Windows XP much more secure in the first place. (So back to text only mail and no automatic opening of attachments and stuf like that).
Joost
I thought the point of my column was SECURE YOUR SYSTEM or you are part of the problem. Precisely. I don't think we have to be quite so drastic as all that, but we do have to DO THINGS and some smarts have to be built into the OS. That is called innovation...
Now for another topic (brought over from View)
And now for something frightening:
Thoughtcrime is here. This guy got 10 years for writing nasty things in a private journal that he showed
to no one. Maybe someone won't like one of your manuscripts one of these days, eh?
http://www.nytimes.com/2001/07/05/national/05JOUR.html
-- Michael Juergens,
Psychiatrist and (non-practicing) lawyer Ed Hume says:
Jerry
Thought crime. Bad business, that. You can get arrested and convicted for writing and keeping in your home ugly, forbidden things that you have never shown to anyone.
What to do?
Might I suggest the following (I have not consulted a practicing attorney, so I can only believe this will work based on stuff from law school 20 years ago):
Establish an ongoing relationship with a clergyman or a priest. As part of one's therapy, engage in "journaling", where the client writes down his thoughts and takes them to counseling/therapy. Anything in the possession of the clergyman or shrink, depending on the laws in one's state, is then privileged, and not reachable by the courts unless they indicate that the client is about to commit a crime (depending on the state, the clergyman or shrink may have a legal duty to prevent crime).
I would think that anything found at home, as long as it is part of an established exercise in journaling, might be considered part of therapy and not evidence of a crime.
If I am right about this, then . . . well, if I'm right about this, then the solution is as silly (and sinister) as the case that Mr. Juergens brought to your attention.
Ed
Which may work but seems a long way to go "to secure these rights." I have no great sympathy with the Marquis de Sade (who seems to be a hero lately) or others who engage in sadistic fantasies, but until they DO something I have no reason to jail them. Perhaps letting the local Justice of the Peace issue warnings, and letting the police pay attention to them in the interest of safety, but arresting and jailing people because the may, or even probably will, commit a crime is an abomination and a government that wants that power is a tyranny.
Once there was the people,
terror gave it birth...
Thought Crime
I'm confused as to what is more frightening, the fact that someone was sentenced to 10 years for merely writing, or that people seem to think that it's okay to write about pedophilia.
We had a similar case in Vancouver, BC. A man was convicted of the same sort of "crime", though his case didn't include torture, but did include drawings. The accused had been convicted in the past of sexual abuse against children, and was a proponent of Man/Boy Love. He successfully appealed the conviction to the Supreme Court of BC, which was later overturned by the Supreme Court of Canada. And thank goodness! Our world is bad enough as it is without some sexual predator hunting our young, and defenseless children.
I will admit that at first I was upset that thoughts could now be considered criminal, but hasn't it always been so? Thought crime is not new, some of the world's greatest authors suffered imprisonment for it, some for their "heresy", others for their political beliefs, others for their overtly sexual stories. I'm sure Mr. Rushdie would be able to provide an insight of the perils of writing unpopular beliefs! While I personally regard freedom of expression to be a worthy ideal, and I certainly don't condone wrongful imprisonment, I also respect that said expression cannot be allowed to harm people, and especially our young. I regard freedom from fear to be far more important than freedom of expression.
However, this person wasn't writing about a tyrannical government, nor was he criticizing the Pope. He was writing about his darkest sexual fantasy which included the imprisonment, torture, rape, and presumably, murder of pre-pubescent children. He wrote this depravity for his pleasure. He also wrote this while on probation for pandering child pornography, and since one of the conditions of the probation was periodic searches for material such as what was found, this "private" journal has become public knowledge.
Let us not forget that probation is a period of time where the convicted maintains their general freedom, with restrictions on those freedoms that lead back to re-offending. Mr. Dalton didn't live up to the deal and now pays the full price. I consider this to be a case of saving some future unknown child's dignity, sanity, and quite probably, life. Hopefully this poor, sick fool can get the help he obviously needs in the next ten years.
IMHO, of course!
Bill Grigg
PS on second thought, maybe you should back off on your comments about wishing harm to spammers and rotten programmers!
While I agree that probationers (on probation from an actual crime, not a thought crime) have fewer rights than citizens, I am not sure that is the point here. I don't want anyone thinking about torturing little girls, but I would not have jailed Marquis de Sade for his thinking in writing. He DID plenty to get him locked up...
In all the Gibson discussion I've seen only one mention of ZoneAlarm. He has been pushing it as the best software firewall and my experience with the free version (for a year) and the inexpensive Pro version (needed only for a Windows router with firewall software and Internet Connection Sharing -- better than no protection at all) has been excellent, and confirmed by many friends. For a single user the free version outperforms Norton (per Gibson) and at an infinite performance/price ratio.
I told you earlier that when I finally upgraded to a router box the D-Link product worked for me just by plugging it in, while a good four hours on the phone to support techs, a firmware upgrade, and an extra trip to Fry's for a new uncorrupted firmware never did get the Linksys to work with the Cisco DSL modem/router required by my telco.
As ever, thanks for the daybook, the fiction, the columns, helping win the war, etc. etc. Haven't seen any grandbaby pictures in a while....
Tim Herbst
Interesting. I have had several good reports about ZoneAlarm. As my column said, mostly we all need to DO SOMETHING; once we do anything at all that's sensible we make life tougher on the crackers.
And when this column is done we will go down to the beach house stopping to see superchild on the way...
Hello, Jerry,
I believe that Mr. St. Onge is mistaken about John Dewey, although I freely admit that I might not summarize Dewey's positions well. I suggest, instead, that your readers pull out a copy of Dewey, starting with _Democracy and Education_, or _Reconstruction in Philosophy_, or _Experience and Nature_.
(1) Dewey seemed to hate dualisms, and argued persistently against the splits of subject-object, theory-practice, thinking-doing. He says in Reconstruction (p145) that "notions, theories, systems, no matter how elaborate and self-consistent they are, must be regarded as hypotheses. They are to be accepted as bases of actions which test them, not as finalities....They are tools. As in the case of all tools, their value resides not in themselves but in their capacity to work shown in the consequences of their use". The British analytic's, such as Bertrand Russell, grabbed this sentence, stopped, and claimed that Dewey believed that whatever works must be True and Good. They neglected the rest of his argument, which maintains that inquiry cannot start from knowing what it intends to prove, that the "only situation in which knowing is fully stimiluated is one in which the end is developed in the process of inquiry and testing".
(2) By doing this, Dewey put experimentation into the middle of philosophy. He argued against the refined idea that an educated man learned Latin grammar, but did not get his hands dirty with experiments. And he argued against what he saw as traditionalist notions of the Absolute, and a traditional philosophic method that says that there exists absolute Truth somewhere outside lived reality, and that we can attain Truth by logic and deduction, just as we can do mathematics. Dewey, in contrast, called one of his important books _Essays in Experimental Logic_, to the horror of continental European thinkers. See Max Horkeimer, _Eclipse of Reason_; Horkeimer saw the methods of science as an attack on Reason, and saw himself as one of a few people fighting the armies of Dewey-led irrationalists in lab coats.
(Incidentally, I did not intend to suggest that Dewey was against learning from the past, or against remembering past events. He was against an older educational philosphy, but he was sensitive to issues of history, time, movement and change. He was a sort of reformed Hegelian, who had given up the Absolute; he had given up the idea that history and change would stop at some perfect point that a philosopher could deduce from first principles.)
(3) Dewey wanted an education of active inquiry -- every student should be a mini-scientist. He tells a story, in _The School and Society_, of trying to find the right desks and chairs for the Chicago Lab school. One educational supply dealer finally said, "I am afraid we have not what you want. You want something at which the children may work; these are all for listening". That, he says, "tells the story of traditional education". Studying lessons from a book is a variety of listening: "it marks the dependency of one mind on another. The attitude of listening means, comparatively speaking, passivity, absorption; that there are certain kinds of ready-made materials which are ther, which have been prepared by the school superintendent, the board, the teacher, and of which the child is to take in as much as possible in the least possible time".
(4) He wanted an actively involved student for at least three reasons:
- Passive listening bores students, who don't learn much. He wanted the teacher to lead the student to ask a question, test, refine the answer, and test again. Dewey suggested that the teacher had to guide the students to feel the need to solve the problems. There are two sides: society, represented by adults who teach, sets the things that its next generation needs to learn, and students need to feel that the things are really necessary. In our industry, we often find that we skim a manual, try to use a product, go back to the documentation after we hit a problem, try again, read more, try more. That is how I learned assembly langauge, C-language, all the rest. As a matter of fact, I learned about base 2 in 1960, in 7th grade, but thought of all non-decimal systems as just curious oddities until I had to add offsets to addresses.
- Active inquiry fit Dewey's notion of philosophy. Humans beings learn, and the most important thing they learn is to set new questions and problems out of the solutions to old problems. His objection to traditional education, and to traditional philosophy, was that it assumed that there was a fixed, settled, ending point. A limited block of knowledge.
- The ideal of every student an active scientist was most important to Dewey because he believed that the only way to make and keep a democracry was by having active, educated, citizens. This can be seen all through his _Democracy and Education_, but it is clear in his debate, in the mid-20's, with Walter Lippmann after Lipmann argued, in _The Phantom Public_, that democracy was impossible. (Dewey's reply is _The Public and its Problems_).
(5) Between 1913 and 1917, Dewey argued against the economic and political conservatives of the National Association of Manufacturers over the nature of vocational education. A report from the Massachusetts Commission on Industrial and Technical Education, in 1906, had begun an effort to develop vocational education, which resulted in the Smith-Hughes Act of 1917. The NAM wanted a dual educational system, with a separate vocational system which trained most students for factory work. (I am following the account in Robert Westbrook, _John Dewey and American Democracy, pp 173-179). Westbrook quotes Dewey as saying that "those who believe in the continued existence of what they are pleased to call the 'lower classes' or the 'laboring classes' would naturally rejoice to have schools in which these 'classes' would be segregated". He was against it, and he was against "regarding as vocational education any training which does not have as its supreme regard the development of such intelligent initiative, ingenuity, and executive capacity as shall make workers, as far as they may be, the masters of their own industrial fate".
Dewey wanted an education that integrated culture and utility. He was accused, by conservatives, of wishing, undemocratically, to force culture on working class children, rather than the simple education that simple people deserve. He answered that "Nothing in the history of education is more touching than to hear some successful leaders denounce as undemocratic the attempts to give all children at public expense the fuller education which their own children enjoy as a matter of course."
Here, I believe, Mr. St. Onge has mistaken Dewey's position for that of his opponents.
Regards,
John Welch
The problem arises when "progressive education" loses all sense of proportion. The only way to learn arithmetic skills is to learn the addition and multiplication tables and learn them well, and the best way to learn those -- perhaps the only way -- is the method that the progressives call "drill and kill". Without drill and rote memorization much becomes impossible for all but the very brightest and most motivated students. Yes the little red schoolhouse with reading and writing and arithmetic taught to the tune of the hickory stick may have been a grim place: but are the moderns schools which turn out undisciplined louts ignorant of everything much better?
But the fact is that the progressives had some right on their side, and so did the traditionalists, and education ought to be concerned with what works -- and with which students. But having varying methods of teaching implies tracking, and the modern progressives are very much against tracking, and that means that for the kids who must learn by rote -- there is nothing at all.
You cannot have all things all ways. What bores some children is the only way for others to learn. Now what?
Jacques Barzun covers much of this in his Teacher In America, a book I heartily recommend to everyone concerned with this problem.