[IWAR] INTERNET break it for breakfast

From: 7Pillars Partners (partnersat_private)
Date: Fri Feb 20 1998 - 09:09:16 PST

  • Next message: Mark Hedges: "[IWAR] FC: Constitutional liberties newsletter from Free Congress Foundation (fwd)"

                     (02/20/98; 9:39 a.m. EST)
                     By John Borland, Net Insider 
                     Want to break the Net? 
                     It's easy, according to a pair of AT&T scientists who
                     addressed the Computers, Freedom and Privacy
                     conference in Austin, Texas, on Thursday. The
                     Internet's architecture is not designed for the
                     applications it is increasingly being used for, and it is
                     badly vulnerable to relatively simple hacks or
                     accidents at a number of different points, they said. 
                     "The Internet is not designed to resist certain kinds of
                     malicious behavior," said Steven Bellovin, an AT&T
                     network systems researcher. He cited the string of
                     accidents that have resulted in disconnection of
                     service, lost domain names, or rerouting of massive
                     amounts of Net traffic. "I live in fear of someone
                     noticing these accidents and saying, 'Hey, I could do
                     that.' " 
                     Both Bellovin and his AT&T colleague Matt Blaze
                     cited the vulnerability of the Net's decentralized routing
                     system, in which ISPs and other nodes on the Net
                     send packets of information from origin to destination
                     along a path that the machines "tell" each other is the
                     most efficient way at that moment. This routing
                     information has been accidentally corrupted several
                     times, they said, resulting in massive traffic flows being
                     rerouted through single slow machines or blocked
                     They said a hacker could also cause this kind of
                     corruption. "This could be a massive denial of service
                     attack on the Net, or an eavesdropping attack,"
                     Bellovin said. "Don't bother hacking a machine to
                     eavesdrop on the Net -- route all the traffic to your
                     own machine." 
                     The domain naming system, in which information about
                     the millions of names such as www.netinsider.com are
                     kept in centralized databases, is also badly vulnerable
                     to attack, the scientists said. The .com database, run
                     by Network Solutions, has been corrupted by
                     accident at least once, rendering many of the Web's
                     commercial sites unavailable for several hours.
                     This and the other central registry root server
                     databases are prime targets for hackers or criminals
                     who want to disrupt Net traffic, the researchers said.
                     "It doesn't even take someone to hack into these
                     machines," Bellovin said. "All it takes is bribing the
                     But mischievous or malevolent action are hardly the
                     only threats to the Net's smooth functioning. Buggy
                     routing or server software is often responsible for Net
                     mishaps. New technologies that take advantage of the
                     Net's growing ubiquity also threaten to clog the system
                     The new "killer apps," Blaze said, overwhelm the
                     Internet's existing system of protocols. Video, Net
                     telephony, and other high-bandwidth applications now
                     in their infancy all pose some danger of this as they
                     become more popular, he said. 
                     "The Net is not optimized for real-time transmission of
                     high-bandwidth data," Blaze said. "It works
                     reasonably well for the small-scale distribution of
                     multimedia content. We have no idea how it will work
                     for the large scale." 
                     Researchers are working on solving these problems,
                     the pair said, though some are proving more
                     intractable than others -- such as the vulnerability of
                     routing systems. But the technical difficulties are not
                     the most difficult barriers, Blaze said. "The much
                     harder part is deploying [new protocols] on the scale
                     of the Internet, and getting people to adopt them." 
                     Why aren't more users already screaming about a
                     system that is apparently so ill-adapted for its current
                     uses? "Part of the problem is that with the Net, we're
                     accustomed to a very low level of service," Blaze said.
                     "And our expectations are met," Bellovin concluded.

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:05:35 PDT