I recently admitted that I’m A Hacker. Those here who’ve known me for years have laughed and/or yawned. I’m a systems guy: telecom, then energy, then social media, and lately I’ve been fooling around with knowledge engineering. If I get interested in something at all, I master it pretty quickly – the very definition of what a hacker is.
So this knowledge engineering is a broad, somewhat squishy field, much like social media. Both of these are a departure from the hard edged technical stuff I’ve done in the past.
The Wiki entry says this:
KE is an engineering discipline that involves integrating knowledge into computer systems in order to solve complex problems normally requiring a high level of human expertise.
One of the biggest problems we have, one that I’ve worked on here and there for over a decade, is attribution. Who did that? How did they do it? Where are they located? And if we’re really on our game we might even be able to answer the biggie: Why?
Sounds kinda wonky? Well, it is, but we lost a Congressman from our side of the aisle because we weren’t on top of this, and the United States might well go to war with the wrong country under another scenario.
My work in this area has been mostly as a network engineer. I can deal with a failing network card in a P.C. … all the way up to problems with voice and video on a state wide fiber network. There are tools like Wireshark that can catch every single packet that passes.
But a gigabit Ethernet line running at full speed passes about 650,000 packets a second. That is a lot to wade through if you’re looking for a low bandwidth control connection to a compromised machine on your network. There are many, many tools that can help with this, but they’re things only a network geek could love, so I’ll spare you the gory details.
I’ve said this before and it bears emphasis:
Tweets are for humans what packets are for computers.
So how do we do that same thing we do for packets on networks with tweets between humans? Again, I won’t delve into the gruesome details, there are a lot of commercial products trying to do this, and they do help, but they leave us in the same place the data tools do – a well trained human, hip to the specifics of the given network, has to interpret the summarized findings.
I can’t speak for corporate Democrats, but I know this for Progressives: we have eighty caucus members and right now nobody is watching over them but me, and I’m doing about as much for them as I do for a regional internet service provider. And I don’t have anyone who reviews that collected data on a daily basis. If I’d had those things in place ninety days ago Anthony Weiner would still be the Congressman for NY-09.
My LinkedIn Groups list has names in it like Cyber Security Forum Initiative, and HUMINT, Intelligence Operations, and Irregular Warfare, and Operation Aurora: Cyberconflict Research.
And they’re all buzzing about a recent decision that requires us to ask permission to use other countries IP address space if we’re going to respond to a cyberattack.
The network engineers of the world, people like me, all shook their heads at this. We’re trying to treat dynamically routed IP address space as we would air space, politely asking before we cross it. We couldn’t use our cold war era big systems military against a small, sneaky, fast moving opponent like al Queda, and we really can’t use it or its outdated doctrines against any would-be nation state cyber-assailant.
We have to be able to properly attribute an attack before we can respond. Real world (say: kinetic) attacks leave physical evidence. A digital attack? What if a defense contractor, fearing budget cuts, uses their offensive cyber capabilities to take over a few thousand PCs in a country like Iran, and then uses them to trigger some sort of mayhem here?
There is a serious potential for harm from network attacks. Anonymous, LulzSec, and their many offspring have made that painfully clear. But an opponent that has carefully planned an operation can fairly easily divert attention from themselves by launching from another country. This isn’t just a theory, I strongly suspect that it’s within the grasp of the squad sized group behind Lulz Security, if they set their minds to the task.
We’re as vulnerable to cyberattack as we were to the 9/11 hijackers. And the only real solution to the problem is turning off the internet, because the complexity of decision making required to stop a hostile packet, or to properly determine its source, is simply beyond us.
If we could stop cyber-attacks we would do so. The only solutions available to us against a truly determined opponent, like The Sun faced with Lulz Security, is to do what the Sun did – unplug your system. Then you try to find and fix the vulnerability, limp back online, and hope you’ve found and fixed the attack vector.
We’ll go off into the weeds if I go really deep on The Fallacy Of Cyberspace, suffice it to say that an inflamed, stabby internet is a post nation state thing, not amenable to traditional diplomatic and military influences.
So what do we do about this? The problem really is intractable at a computational level; we have a very complex system that’s evolved in the public IPv4 address space, and to be aware of what’s really going on would require a massive investment in technology, an acceptance of things as they truly are rather than clinging to some outdated nation state theory of political organizing, and most of all we would have to find, foster, and empower those who can make it safe. Sounds innocuous? I just described Big Brother, and we can’t afford to build it even if we could make sound, ethical use of it without wrecking our civil liberties.
There’s another way, between the fascism of the incorrectly named Net Neutrality and the anarchy favored by the leapin’ lizards of LulzSec.
We were a frontier nation and those days are deeply embedded in our national psyche even now, a hundred years after the last conflict with the Chiricahua Apaches was finally resolved. The internet is a permanent frontier of the human mind. Accept that freedom, but understand that it is a frontier, and it’s going to act as such.
When trouble arose in Fort Riley or Deadwood the citizens didn't turn to far off Washington, they had men like Seth Bullock and Wild Bill Hickok. Frontiers require a different set of methods and mindsets than a civilized city.
Is the hacker turned knowledge engineer of today the natural successor to the gunslinger of the 1870s? Under certain circumstances the answer is ... perhaps.