THE
LIES OF JANET RENO
The
ominous answer: by installing a comprehensive surveillance
system that will keep tabs on all Internet traffic. As Rep.
Bob Barr put it in
a letter to the cyber-bureaucracy, the federal government
has been pushing for years "to force a surveillance-friendly
architecture on the Internet." Back in 1994, when the Communications
Assistance to Law Enforcement Act (CALEA) was passed,
Attorney General
Janet Reno solemnly assured us that it was merely an updating
of existing wiretapping law, and did not represent an extension
of government power on the Internet. But it hasn't worked
out that way. CALEA was no sooner enacted then law enforcement
officials began a concerted campaign to pressure the telecommunications
industry to adopt monitoring capabilities that, as Barr put
it, go "far beyond the status quo, CALEA's mandates, the intent
of Congress, and the Fourth
Amendment." The industry has been backed into a corner:
telecommunications companies that refuse to go along with
the new protocols can either comply or fight the government
in court. Guess which alternative they are likely to take.
. . .
WHAT
A COINCIDENCE!
Gee,
what a coincidence: the first cyber-attack, on the
popular Yahoo!
site, occurred on the very same day as news of President's
Clinton's proposed budget
increase for Internet monitoring, from $15 million to
$240 million, hit the wires. The money is a subsidy to telephone
companies, a reward for reconstructing their networks to make
Internet snooping by the feds more practical.
FIDNET
FOLLIES
Naturally,
the government bureaucrats who would like nothing better than
to get their hands on an uncontrolled frontier like the Internet
have been busily denying that this was their intention. Their
FidNet
program, designed to monitor "suspicious activities" in cyberspace
and crack down on "cyber-crime," was slated for $27 million
and Reno declared that every penny was necessary in
order to protect government sites from the teenage hackers
who delight in defacing them. "As envisioned, FidNet is being
designed to monitor federal executive branch computer networks,"
said Jon Jennings, acting assistant attorney general in a
letter to Congressional skeptics, "not private networks or
the Internet in general." But several prominent Republicans
were not at all satisfied, and House Majority Leader Dick
Armey asked the pertinent question in a brisk letter to Reno:
"Are you willing now to state that neither Fidnet nor any
similar administration program will ever be expanded to monitor
private networks or the Internet in general?" Armey cited
the FidNet plan submitted by administration officials, which
called for "the creation of a three-pillar system of these
netted and adaptive intrusion detection networks, covering
critical government and (ultimately) private sector information
systems." They denied it, and said this was only a "draft"
document: now watch as they turn on a dime.
WHO
WAS THAT MASKED HACKER?
In
the wake of the current hysteria, with the attacks
spreading to Australia, you can count on the feds to aggressively
push their Orwellian schemes. And isn't it funny how no one
is taking credit for these antics? As David
L. Wilson points out in the San Jose Mercury News,
"normally, members of the 'intruder community' would be basking
in the glow of their exploits, boasting about their accomplishments
while hiding their true identities behind clever pseudonyms,
according to computer security experts?" So where are they?
Where are the taunting email messages, the nihilistic manifestos,
the triumphant regaling of the hackers' computer prowess
in short, where is what might be called the nerdismo
(the cyber-equivalent of machismo) of these mysterious
super-hackers?
A
FALSE LEAD
As
of this writing, the only communication from anyone claiming
to take responsibility for the attacks has been received by
the folks at Attrition.org, according
to Wired.
According to the anonymous sender, the coordinated assaults
were designed to attack the value of Internet stocks. But
the email, which claims that "every site being attacked has
at least one insider," is not all that credible, since no
"insider" is required: the computer programs used to overwhelm
targeted websites with dense "packets" of meaningless information
are launched from outside the system; inside accomplices
would be superfluous.
GOVERNMENT THE PROBLEM AND THE SOLUTION
Why
the baffling silence? If this is not some pubescent cabal
but instead a serious attack on e-commerce then we may never
know who is responsible thanks to the US government,
the same government that is now demanding the power
to "fight back" against "cyber-crime." Federal restrictions
on "encryption"
software, which enables privacy on the Internet by authenticating
the identity of the user, deprives the private sector of the
ability to protect itself. Encryption would act like a cyber-prophylactic,
shielding a promiscuous server that comes in contact with
ten of thousands of users on a daily basis from contracting
any unwanted viruses or other potentially deadly invaders
from cyberspace. "But the United States," writes Wilson, "fearful
that criminals would use encryption to hide their activities,
has for years restricted the export of certain kinds of encryption,
hindering the widespread use of authentication on the Internet."
AH,
SWEET IRONY
Oh,
the delicious irony of it all: a problem caused by government
intrusion must now be "solved" with yet more government intervention
only this time wider, deeper, and more threatening
than the initial incursion.
DAEMONS
The
technology of the "stealth" tactics used by the mysterious
disruptors is interesting. "Stealth programs" known as "daemons"
are sent to remote computers, where they hibernate for months
until, one day, the disruptor sends a command that
activates them and unleashes a wave of cyber-terror that seems
to come out of nowhere. These stealth programs are no doubt
sitting in some poor sucker's server, completely unknown to
the administrators, waiting to for the command to go forth
and wreak havoc. Wilson quotes Gene
Spafford, a top computer security expert, as saying that
since the machines hosting the stealth attack programs were
never cleaned or even audited by the owner-administrators,
the chances of tracing the culprits are minimal. "They've
broken into a number of machines and planted the software,
which hasn't been spotted in all the time it's been sitting
there,'' said Spafford, "That implies that these intermediary
machines are not well administered, and they probably don't
have any auditing or security. In that case, tracing is going
to be really difficult, if it's possible at all.''
CYBER-CAPITALISTS
ON THE DOLE
In
other words, big ISP administrators and other high-flying
cyber-millionaires simply neglected the obvious security problems
inherent in e-commerce, and instead went right ahead and took
the entrepreneurial risk making billions in the process.
It's the New Cyber-Capitalism, the entrepreneurial engine
that is supposedly driving our frenetically growing economy:
these guys are supposed to be "libertarians," remember, who
don't like government regulation and periodically inveigh
against Internet taxation. But just watch them jump at the
opportunity to be on the receiving end of a few government
subsidies. They'll gladly take $240 million is for "rewiring"
phone systems to give the feds instant access to your email.
Ominously, half of that money will come from the Defense Department
to implement its own eavesdropping system in the interests
of "national security." (But don't worry: after all, what
could the War Party possibly want with email addressed
to a site such as Antiwar.com?)
SUBSIDIES
IN CYBERSPACE
Aside
from the $240 million subsidy to the phone companies, there
is the little matter of $11.4 million to "hire data forensics
examiners to retrieve and enhance examinations of computer
evidence" and an additional $100 million for "automated data
processing and telecommunications and technical investigative
equipment" up from $50 million, and certain to increase
exponentially. What this means is that the laborious, uncertain,
and costly process of tracing the perpetrators of this crime
made difficult if not impossible by negligent private
sector managers will become a function of government.
In return for this massive subsidy, and for being relieved
of the responsibility for auditing and cleaning out their
own systems, the big computer companies will roll over and
facilitate the Clintonian takeover of the Internet. Oh, those
"free market" capitalist entrepreneurs they'll do it
every time!
A
REAL SERVICE
Also
included in the President's cyber-budget is $300 million for
"counter-terrorism." Will the feds launch their own cyber-attacks
on "terrorist" websites? How about a preemptive strike at
those graspy porno sites that won't let you leave? Now that
would be a lot more useful than pinging Osama
bin Laden's home page.
A
SPECIAL ANTIPATHY
In
spite of Gore's apocryphal claim that he invented it, this
administration has a special antipathy for the Internet. For
it was cyber-journalist
Matt Drudge who first exposed the moral corruption of
Clinton and his cronies and released the story on the
Internet that led to Monicagate and the impeachment
crisis. At every opportunity, the Clintonians have moved to
close down the wild cyber-frontier and place it firmly under
their control. Just look at the aggressive way they have tried
to usurp power and assert their right of eminent domain: they
want to make encryption illegal, and give government access
to private email and usenet postings. Angling for a law that
would force ISPs to keep activity logs that would be open
to government inspectors and regulators, this administration
is especially eager that new telecommunications and Internet
protocols are developed in such a way as to facilitate government
access. In the world of cyber-Orwellian future, all software
authors must be licensed before their code can be placed on
the net, and all source code will be filed with government
agencies. This administration, in alliance with its corporate
and judicial flunkies, has used trade laws governing exports,
"national security" scares, and even copyright law to fence
in and patrol the wide open spaces of the Internet.
CLINTON
MAKES HIS MOVE
The
attacks on Yahoo!, e-Bay,
and others have really emboldened them. As I write this column,
the breaking news that President Clinton will meet with computer
executives and assembled experts "in part to talk about the
attacks" comes as no surprise. As if to confirm the conclusion
of this column before it is even written, the Associated
Press is reporting that "President Clinton will meet with
the nation's top computer security experts and technology
executives in part to talk about the attacks. The White House
said the meeting had originally been organized on the heels
of the president's budget proposal for $2.03 billion to protect
the country's most important computer systems from cyberattacks."
What timing.
CYBERSLEUTHS
ON THE PROWL
Federal
"cybersleuths," we are told, have practically written off
ever finding the culprits, but don't worry, there's "a silver
lining" to all this, the AP story informs us. In the words
of John Bentigoglio, counsel to the deputy attorney general:
"At least there's massive awareness of this now." Yeah, just
like the phony terrorist scare that sent the nation scampering
behind locked doors for the holiday season, in a paranoid
response to the "terrorist attack" that never came. Naturally,
government "anti-terrorist" agencies took full credit for
averting imminent disaster, but this was never very convincing.
In the case of "cyber-terrorism" they can now point to an
actual incident one that will probably remain shrouded
in mystery as to the identity and motives of the perpetrator(s).
MISS
MARPLE SMELLS A RAT
However,
if I can play Miss
Marple here, there is one aspect of this case that seems
oddly indicative of the direction any investigation should
be going, and that is the curious fact that out of all the
many computer systems on which these stealth "denial of service"
programs might reside, undetected hundreds and perhaps
thousands so far no government computers appear
to have been colonized by these "daemon" critters. Why is
that? As we have seen, the government has a lot of insecure
computers on the net. Why didn't these hackers target at least
one of them, if only to make the government look foolish?
What kind of hackers are these?
A
GOOD QUESTION
We
may never know the answer to that question, but ask yourself
this: who benefits? The government and the big corporations
or do I repeat myself? As mega-mergers
cartelize the media, and Janet Reno moves in on the Internet,
the question of who are the mystery hackers takes on an ominous
urgency. In the context of this administration's well-known
disregard for even the most basic liberties, and an established
record of thuggish tactics employed against its enemies unequaled
since the days of Richard Nixon, the question naturally arises:
was this the cyberspace equivalent of the Reichstag fire?
Considered in the context of Reno's record, as well as Clinton's
character the former complicit in the
mass murder at Waco, and the other a post-modern Caligula
the question is less outrageous than it sounds.
|