Discussion in 'Computers, Hardware, and Operating Systems' started by WQ6N, May 16, 2019.
Yep - Apple, Linux, Microsoft - ALL are vulnerable. None are immune.
Very good point
As long as "good" people only remain defensive, we will always have to suffer from the evil doers on the internet.
Anonymity brings out evil doers because of the "good" people's false acceptance of what privacy is and what the right to privacy really is (or should be).
QRZ.com took a WONDERFUL step in the right direction in their "swap" forums: must be a verified user!
Until we (as an internet community) take away "anonymous" users, the evil doers will continue to attack and the "good" people on the internet will continue to take casualties. (for example: I don't do on-line swaps any more. Been scammed once. Strike one! I'm out. No more business from me from several on-line providers - delete, delete, delete several accounts. I'm sure I'm not the only casualty.)
The current administration is taking *real* steps to stop phone spam and robot callers. (not in the news, why not?).
As a phone guy in the Air Force for several years, I knew which phone (off my switch) is making a call or *has* made a call, and what number that phone dialed. Any incoming phone call from another switch, I couldn't verify who it was from. Today's telephone network includes hidden data (source/destination) on each phone call. But *BY LAW*, you can't block it, even if you know it's from a known spammer. Phone providers *have* to pass that call by law. Simple fix: change the ****ing law. Allow phone providers to legally block calls from known spammers/robocallers.
I retired from the Air Force just when they were starting to implement "smart card" logins (your actual military ID card) for any Air Force computer. Now, not only can they tie any NIPRNET communication to a computer, they can tie any NIPRNET communication to an individual. Nobody is anonymous on the NIPRNET (or SIPRNET or JWICS...) any more.
There are *real* steps which could be taken to fight back against the evil on the internet. (why aren't we doing that?) For example, a really easy step right now would be to start blocking IP addresses -- at the country edge devices, at the state edge devices, at the county edge devices -- of IP sources that are up to "no good."
If the "good" people on the internet don't return fire, we are fighting a losing battle.
The problem is that the FCC has no control over other countries.
Other countries buy No Call lists and use them. The no call list has became useless, Gets you on a list to be called.
Much like a U.S. patent, You describe your design in detail and another country copies it.
You are your own security, If you expect it to be reliable.
I agree that such a step would be helpful in eliminating some of the bad players, but I couldn't say it would be a good thing. Being anonymous gives people the ability to voice their opinions without being fearful that a small but aggressive minority will attack them. In many parts of the world, political dissidents, journalists, and honorable citizens rely on such anonymity to work against tyrants and orewllian governments. By taking away anonymity, you would effectively give authoritarian governments complete control over political discussion.... and endanger many innocent people.
Now... about "returning fire", that was one of the original concepts that led to groups like ANONYMOUS and online vigilantes. While I certainly agree that one has the right to fight back against hackers / spammers / scammers... it needs to be very carefully done to avoid hurting innocent third parties. Rooting out evil becomes a moot point if we ourselves become evil in the process.
I'm all for freedom of speech and all. (BTW, I changed my PFsense firewall to a Core2duo--much less power, and I turn it off at night--effectively air-gapping my internet connection.) But I'm against people constantly probing my computer looking for a back door in order to infiltrate my data.
I'm not sure any political party believes in this any more, but I believe in the U.S. Constitution and the rule of law. And I was just talking about hackers on the internet, not tyranny or Orwellian governments. There are successful ways built into our constitution to fight tyranny (as is being demonstrated today) beyond internet hacking.
Here in the great state of Texas, we have a "castle law" that allows us to "return fire" inside our house on any one inside our house who makes us feel threatened. I don't see any difference between my house and my computer. My right to privacy is in my domicile and in my computer. My privacy does not include being able to yell "fire!" in a crowded theater anonymously. Or to perform IP and Port scans anonymously to find vulnerabilities to take advantage of.
Sure, I'm taking responsibility for my own security. But I don't see why ISPs and content providers are prevented by law from joining the fight, too. They could be much more effective--in that they could be protecting internet users who are clueless... or should I just say most users... I don't see any problem with blocking all traffic from countries or subnets known to be a source of chaos and tumult on the internet. Of course, it shouldn't be permanent. There should be a way for them to prove they're no longer a threat to the internet community in order to re-join the internet community.
That's what I mean when I say "return fire."
Leave everything completely 'open', don't try to encrypt anything. Make it so easy that there's no challenge anymore. They will be totally bored/bummed out. Wont know what to do, and in desperation may even resort to suicide! Of course, you'll have to leave a few of them around to provide a reason for being for the antivirus people, can't leave them completely out in the cold...
The internet isn't constructed like that. And while modern optical IP routers have immense capabilities for filtering bad actors, the maintenance of such blacklisting is usually reserved for larger distributed denial of service attacks.
Who determines people up to "no good"? I frequently port scan my own IPv4/IPv6 address space for my home, the two networks I maintain as part of a business arrangement as well as what is used at the repeater site. Automated detection would certainly flag this as a bad actor, but I'm not, I'm doing my own due diligence.
See the problem? If some transit provider decides that isn't cool, now I'm cut off from the internet for doing what I should be doing.
That is one reason I do that using the minimum amount of hops.
Some hops just record data.
I don't know what a "transit provider" is but whoever's maintaining pipelines on the internet should be allowed to detect and the block bad actors. And sure, it'll be a hassle in the beginning when the legitimate "internal network security" folks have to identify themselves and be added to a whitelist. Denying everything except what is specifically allowed is a more secure way to run the internet. Folks running LANs do it this way (if they're worth anything), why not folks maintaining backbones? No, I don't see a problem, except in the short-term.
Edit: After some thought, I think I understand what you mean when you say "transit provider." No, they should not be blocking anything. Those who *provide* IP addresses to users should be able to block incoming as appropriate. And remove service from any of their users who are up to "no good."
They do! But it isn't because someone in Germany is scanning your home network, it is because a large customer is getting DDOS'd somewhere and at a minimum, this customer is complaining and needs help. At worst, it is going to tilt peering agreements or push up 95th percentile traffic levels and no one wants to have to pay for that kind of traffic.
Whitelists don't work. Certain second rate security appliance companies that maintain blacklists have made entire IPv4 /21 address spaces utterly useless for certain applications. The problems that apply to blacklists apply to whitelists, and that problem is that no one wants to spend the money for effective ways to manage them. It is easy to say "22.214.171.124/24 is blacklisted for spam". Or whitelisted. It is entirely a different matter to detect when that assignment changes customers at an individual ISP, or when that ISP itself changes hands. So pitty the poor guy who gets address assignments in blacklisted CIDRs and they can't run email servers, or their users are constantly prompted for CAPTCHAs.
Worse, these lists are reputation based and that isn't going to scale at all with IPv6 addressing.
I get that it is infuriating to have people scanning your network and attempting to gain access. But the days of gentle trusted internet are long long gone.